nerdexam
ExamsSY0-301Questions#548
CompTIA

SY0-301 · Question #548

SY0-301 Question #548: Real Exam Question with Answer & Explanation

The correct answer is A: Change the encryption from TKIP-based to CCMP-based.. CCMP (Counter Mode with CBC-MAC Protocol) uses AES encryption and is significantly stronger than the older TKIP protocol, making it the best choice for improving wireless network security.

Question

A security administrator wishes to increase the security of the wireless network. Which of the following BEST addresses this concern?

Options

  • AChange the encryption from TKIP-based to CCMP-based.
  • BSet all nearby access points to operate on the same channel.
  • CConfigure the access point to use WEP instead of WPA2.
  • DEnable all access points to broadcast their SSIDs.

Explanation

CCMP (Counter Mode with CBC-MAC Protocol) uses AES encryption and is significantly stronger than the older TKIP protocol, making it the best choice for improving wireless network security.

Common mistakes.

  • B. Configuring all access points on the same channel causes co-channel interference and degrades network performance without improving security.
  • C. WEP is a deprecated protocol with well-documented cryptographic weaknesses and is far less secure than WPA2.
  • D. Broadcasting SSIDs makes the network name publicly visible to anyone scanning for wireless networks, which reduces security rather than improving it.

Concept tested. Wireless encryption upgrade from TKIP to CCMP/AES

Reference. https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice