312-50V12 Question #181: Real Exam Question with Answer & Explanation

Question

You are an ethical hacker contracted to conduct a security audit for a company. During the audit, you discover that the company's wireless network is using WEP encryption. You understand the vulnerabilities associated with WEP and plan to recommend a more secure encryption method. Which of the following would you recommend as a suitable replacement to enhance the security of the company's wireless network?

Options

• AOpen System authentication
• BWPA2-PSK with AES encryption
• CSSID broadcast disabling
• DMAC address filtering

Explanation

WEP encryption is highly vulnerable, and to enhance wireless network security, WPA2-PSK with AES encryption is recommended as a robust and secure replacement.

Common mistakes.

• A. Open System authentication offers no encryption and allows any device to connect to the network without a shared key, making it far less secure than even WEP.
• C. SSID broadcast disabling is a minor obscurity measure that does not provide any encryption or prevent an attacker from discovering the SSID through passive listening.
• D. MAC address filtering is an easily circumvented security mechanism as MAC addresses can be spoofed, and it does not provide any encryption for wireless traffic.

Concept tested. Wireless network security protocols and encryption standards

Reference. https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-wireless

No community discussion yet for this question.