350-401 · Question #1219
A wireless network engineer must configure a WPA2+WPA3 policy with the Personal security type. Which action meets this requirement?
The correct answer is B. Configure the CCMP128 encryption cipher.. WPA2+WPA3 Transition Mode Encryption Configuring CCMP128 is correct because WPA2+WPA3 in Personal mode is a transition (mixed) mode that must support both WPA2 and WPA3 clients simultaneously, and CCMP128 (AES-128) is the encryption cipher compatible with both WPA2 and WPA3-Perso
Question
A wireless network engineer must configure a WPA2+WPA3 policy with the Personal security type. Which action meets this requirement?
Options
- AConfigure the CCMP256 encryption cipher.
- BConfigure the CCMP128 encryption cipher.
- CConfigure the GCMP256 encryption cipher.
- DConfigure the GCMP128 encryption cipher.
How the community answered
(30 responses)- A7% (2)
- B90% (27)
- C3% (1)
Explanation
WPA2+WPA3 Transition Mode Encryption
Configuring CCMP128 is correct because WPA2+WPA3 in Personal mode is a transition (mixed) mode that must support both WPA2 and WPA3 clients simultaneously, and CCMP128 (AES-128) is the encryption cipher compatible with both WPA2 and WPA3-Personal - making it the only cipher that satisfies the requirements of both protocols in this blended policy.
Why the distractors are wrong:
- A (CCMP256): CCMP256 uses 256-bit AES, which is only supported by WPA3, not WPA2 - breaking backward compatibility.
- C (GCMP256): GCMP256 is a WPA3-Enterprise (Suite B) cipher requiring 256-bit keys, unsupported by WPA2 or WPA3-Personal.
- D (GCMP128): GCMP128 is the cipher used exclusively in WPA3-Personal (SAE) standalone mode, not in the WPA2+WPA3 transition policy.
Memory Tip: Think "WPA2 = 128-bit AES = CCMP128" - since WPA2 can't go above 128-bit AES, any transition mode mixing WPA2 must stay at CCMP128 to keep the legacy connection alive.
Topics
Community Discussion
No community discussion yet for this question.