350-401 · Question #1176
An engineer is implementing a new SSID on a Cisco Catalyst 9800 Series WLC that must be broadcast on 6 GHz radios. Users will be required to use EAP-TLS to authenticate. Which wireless Layer 2 securit
The correct answer is C. WPA3 Enterprise. To support 6 GHz radios and EAP-TLS authentication on a Cisco Catalyst 9800 Series WLC, the required wireless Layer 2 security method is WPA3 Enterprise.
Question
An engineer is implementing a new SSID on a Cisco Catalyst 9800 Series WLC that must be broadcast on 6 GHz radios. Users will be required to use EAP-TLS to authenticate. Which wireless Layer 2 security method is required?
Options
- AWPA2 Enterprise
- BWPA2 Personal
- CWPA3 Enterprise
- DWPA3 Personal
How the community answered
(61 responses)- A5% (3)
- B11% (7)
- C80% (49)
- D3% (2)
Why each option
To support 6 GHz radios and EAP-TLS authentication on a Cisco Catalyst 9800 Series WLC, the required wireless Layer 2 security method is WPA3 Enterprise.
WPA2 Enterprise does not support the 6 GHz frequency band; 6 GHz networks require WPA3 for security compliance.
WPA2 Personal does not support 6 GHz operation and uses a Pre-Shared Key (PSK) for authentication, not EAP-TLS.
Wi-Fi 6E (802.11ax) operation on the 6 GHz band mandates the use of WPA3 security for all networks. Since users will be required to use EAP-TLS for authentication, which is an 802.1X-based authentication method involving an external RADIUS server, the appropriate Layer 2 security method is WPA3 Enterprise.
WPA3 Personal uses Simultaneous Authentication of Equals (SAE), which is a Pre-Shared Key (PSK) based method, and does not support EAP-TLS.
Concept tested: WPA3 Enterprise for 6 GHz Wi-Fi 6E
Source: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-3/config-guide/b_wl_17_3_cg/m_wpa3.html
Topics
Community Discussion
No community discussion yet for this question.