N10-005 · Question #803
N10-005 Question #803: Real Exam Question with Answer & Explanation
The correct answer is B: Use a VPN after connecting to the coffee shop wireless. On an open (unencrypted) public wireless network, a VPN is the only reliable way to protect all traffic in transit by creating an encrypted tunnel from the laptop to a trusted endpoint. No client-side wireless setting can add encryption when the AP itself is open.
Question
Options
- AEnable the host-based firewall on each of the laptops
- BUse a VPN after connecting to the coffee shop wireless
- CEdit the SSID connection information and change 'open' to 'shared'
- DConnect to the open SSID then switch on WPA2 encryption
Explanation
On an open (unencrypted) public wireless network, a VPN is the only reliable way to protect all traffic in transit by creating an encrypted tunnel from the laptop to a trusted endpoint. No client-side wireless setting can add encryption when the AP itself is open.
Common mistakes.
- A. A host-based firewall controls inbound and outbound connection attempts but does not encrypt network traffic, leaving data visible to any sniffer on the open wireless network.
- C. The SSID is simply a network name identifier; changing a client's saved SSID profile label from 'open' to 'shared' has no effect on the encryption or authentication method used by the access point.
- D. WPA2 encryption is enforced at the access point level; a wireless client cannot unilaterally enable WPA2 encryption if the AP is configured as an open network.
Concept tested. VPN for securing communications on open wireless networks
Community Discussion
No community discussion yet for this question.