312-50V13 Question #611: Real Exam Question with Answer & Explanation

Question

As the Chief Information Security Officer (CISO) at a large university, you are responsible for the security of a campus-wide Wi-Fi network that serves thousands of students, faculty, and staff. Recently, there has been a rise in reports of unauthorized network access, and you suspect that some users are sharing their login credentials. You are considering deploying an additional layer of security that could effectively mitigate this issue. What would be the most suitable measure to implement in this context?

Options

• AImplement network segmentation
• BDeploy a VPN for the entire campus
• CEnforce a policy of regularly changing Wi-Fi passwords
• DImplement 802.1X authentication

Explanation

To mitigate unauthorized network access due to shared Wi-Fi credentials in a campus environment, implementing 802.1X authentication is the most suitable measure.

Common mistakes.

• A. Network segmentation isolates network segments but does not address the issue of unauthorized access within a segment caused by shared credentials.
• B. Deploying a VPN encrypts traffic and can provide secure remote access, but it doesn't solve the problem of users sharing their Wi-Fi login credentials for initial network access.
• C. Regularly changing Wi-Fi passwords is a good security practice but does not prevent users from sharing the new password once it is set, nor does it provide individual accountability.

Concept tested. 802.1X port-based authentication

Reference. https://learn.microsoft.com/en-us/windows-server/networking/technologies/802-1x/802-1x-authentication-overview

No community discussion yet for this question.