CompTIA
SY0-301 · Question #395
SY0-301 Question #395: Real Exam Question with Answer & Explanation
The correct answer is B: WPA2 CCMP. WPA2 using CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) based on AES encryption is significantly stronger than WPA using TKIP. Upgrading from WPA TKIP to WPA2 CCMP is the correct path to improve wireless security.
Question
The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption. Which of the following would be configured to provide more secure connections?
Options
- AWEP
- BWPA2 CCMP
- CDisable SSID broadcast and increase power levels
- DMAC filtering
Explanation
WPA2 using CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) based on AES encryption is significantly stronger than WPA using TKIP. Upgrading from WPA TKIP to WPA2 CCMP is the correct path to improve wireless security.
Common mistakes.
- A. WEP (Wired Equivalent Privacy) is an older and cryptographically broken standard that is far less secure than even WPA TKIP, representing a downgrade not an upgrade.
- C. Disabling SSID broadcast is a minor obscurity measure and increasing power levels has no security benefit; neither improves encryption strength.
- D. MAC filtering provides minimal security because MAC addresses can be easily spoofed and it does not improve encryption at all.
Concept tested. Wireless encryption upgrade from WPA TKIP to WPA2 CCMP
Community Discussion
No community discussion yet for this question.