350-401 · Question #250
When PSK authentication is used on a WLAN, without the use of an ISE server, which of the following devices must be configured with the key string? (Choose two.)
The correct answer is B. All wireless clients C. All APs and WLCs. For PSK authentication without an ISE server, all wireless clients and all Access Points/Wireless LAN Controllers must be configured with the identical pre-shared key string.
Question
When PSK authentication is used on a WLAN, without the use of an ISE server, which of the following devices must be configured with the key string? (Choose two.)
Options
- AOne wireless client (each with a unique key string)
- BAll wireless clients
- CAll APs and WLCs
- DA RADIUS server
How the community answered
(26 responses)- A8% (2)
- B88% (23)
- D4% (1)
Why each option
For PSK authentication without an ISE server, all wireless clients and all Access Points/Wireless LAN Controllers must be configured with the identical pre-shared key string.
Each client uses the *same* key string for a given PSK WLAN, not a unique one; unique keys are typically associated with 802.1X/RADIUS authentication.
In a PSK setup, every wireless client that needs to connect to the WLAN must be configured with the exact same pre-shared key to establish a secure connection.
The pre-shared key must be configured on the WLAN definition on the Wireless LAN Controller (WLC), which then pushes this configuration to all associated Access Points (APs) for client authentication.
A RADIUS server is used for 802.1X authentication, not for simple PSK authentication, especially when the question explicitly excludes an ISE server.
Concept tested: PSK authentication configuration
Source: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/b_cg85_chapter_0100000.html
Topics
Community Discussion
No community discussion yet for this question.