CompTIA Security Plus Mock Test Q172

The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption. Which of the following would be configured to provide more secure connections?

A. WEP
B. WPA2 CCMP
C. Disable SSID broadcast and increase power levels
D. MAC filtering

Correct Answer: B
Section: Network Security

Explanation:
CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This initialization vector makes cracking a bit more difficult.

Incorrect Answers:
A: WEP is not a secure encryption protocol.
C: This will only cloak the network, and increase the signal strength.
D: MAC filtering is vulnerable to spoof attacks.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 172, 178