CompTIA Security Plus Mock Test Q166

Which of the following best practices makes a wireless network more difficult to find?

A. Implement MAC filtering
B. UseWPA2-PSK
C. Disable SSID broadcast
D. Power down unused WAPs

Correct Answer: C
Section: Network Security

Explanation:
Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use.

Incorrect Answers:
A: A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices. It does not, however, increase the
difficulty of finding a wireless network.
B: WPA-Personal, also referred to as WPA-PSK (Pre-shared key) mode, is designed for home and small office networks and doesn’t require an authentication server. Each wireless
network device authenticates with the access point using the same 256-bit key generated from a password or passphrase. Using this option will not decrease the chances of
discovering the wireless network.
D: Using this option will not decrease the chances of discovering the wireless network in use.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 61
http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access