200-301 · Question #666
200-301 Question #666: Real Exam Question with Answer & Explanation
The correct answer is B: Select WPA+WPA2 on Layer 2 Security. To achieve the highest encryption and authentication using domain credentials via LDAP, an engineer must configure Layer 2 Security for WPA+WPA2 and enable 802.1X authentication.
Question
Refer to the exhibit. What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP?
Options
- ASelect PSK under Authentication Key Management
- BSelect WPA+WPA2 on Layer 2 Security
- CSelect Static-WEP + 802.1X on Layer 2 Security
- DSelect WPA Policy with TKIP Encryption
- ESelect 802.1X from under Authentication Key Management
Explanation
To achieve the highest encryption and authentication using domain credentials via LDAP, an engineer must configure Layer 2 Security for WPA+WPA2 and enable 802.1X authentication.
Common mistakes.
- A. PSK (Preshared Key) is suitable for home or small office networks but does not provide authentication using individual domain credentials from LDAP, which requires 802.1X.
- C. Static-WEP is an outdated and insecure encryption method with known vulnerabilities, and using it with 802.1X would compromise the "highest encryption" requirement.
- D. WPA Policy with TKIP Encryption, while better than WEP, is not considered the highest encryption; WPA2 with AES-CCMP is stronger.
Concept tested. Enterprise wireless security (802.1X, WPA2, AES)
Reference. https://learn.microsoft.com/en-us/windows/win32/w8sdk/wlan-security-and-extensibility
Topics
Community Discussion
No community discussion yet for this question.