A system administrator wants to provide balance between the security of a wireless network and usability. The administrator is concerned with wireless encryption compatibility of older devices used by some employees. Which of the following would provide strong security and backward compatibility when accessing the wireless network?
A. Open wireless network and SSL VPN
B. WPA using a preshared key
C. WPA2 using a RADIUS back-end for 802.1x authentication
D. WEP with a 40-bit key
How To Pass SY0-601 Exam?CompTIA SY0-601 PDF dumps.High quality SY0-601 pdf and software. VALID exam to help you pass. |
 |
A, B, and C are all possible, but I don’t think CompTIA wants an answer with an “Open wireless network”, or using an old technology like “WPA using a pre-shared key” for a company is not strong security, so I think I have to go with “C”, because the following information suggests that WPA2 can support the older devices:
https://www.ciscopress.com/articles/article.asp?p=1750205
Using 802.1X authentication with WPA2-Enterprise offers the greatest Wi-Fi security possible today. However, some legacy and even newer Wi-Fi devices can lack 802.1X support…Nevertheless, there are ways to still provide connectivity to non–802.1X devices.
MAC Authentication Bypass
If you’re the network administrator, you might consider implementing the MAC address authentication bypass feature of your RADIUS server, if supported by the server and switches. This method essentially lets non–802.1X devices bypass the traditional 802.1X process altogether, but still lets them connect.
correct anwser on pass4sure is B (5.7.2019)
The goal is “strong security and backward compatibility”, so lets keep that in mind.
B can’t be the answer because PSK is more difficult to manage as the company grows larger, it doesn’t say how large the company is but they do have a sysadmin. Overall PSK isn’t secure because unless you change it often, people could tell their friends and/or family. And then even if you did change it often, think of how many people would be affected.
C isn’t the answer because, while C is the strongest, it is not the most compatable. It specifically states ” wireless encryption compatibility of older devices” which probably can’t utilize WPA2.
D never
A is the correct answer because any device can connect to an open network (provided the IEEE standards are supported eg. a,b,g,n,ac) The question asks about “wireless encryption compatibility”, which once a wireless network is open, a VPN can encrypt the traffic
The answer here is C. Let’s pretend some of these older devices are using WEP (yikes), or even WPA. Well many Wireless LAN vendors started using 802.1x to mitigate WEP risk. The server doing the actual authentication is the RADIUS server. So in short order devices deemed vulnerable to attack started using 802.1x for protection.
The answer here is C. Let’s pretend some of these older devices are using WEP (yikes), or even WPA. Well many Wireless LAN vendors started using 802.1x to mitigate WEP risk. The server doing the actual authentication is the RADIUS server. So in short older* devices deemed vulnerable to attack started using 802.1x for protection.
Phil, you are probably right. Probably not B, as someone mentioned it would not give strong security in anything bigger than a home network.
Maybe question is trying to say, WAPA2 has been around for a long time so even most “older devices” should support it?
WPA2 will not support older devices. They are willing to balance security and usability so they get WPA and they can upgrade TKIP to AES.
This question also doesn’t mention if it is AES or TKIP
anyone know what this really is i thought it was B
Should be A: Open wireless network and SSL VPN
A. Open wireless network and SSL VPN. This will not interfere with the wireless connectivity regardless of what the encryption compatibility of older devices are and still secure the transmission.
The answer is B… “administrator is concerned with wireless encryption compatibility of older devices”