Which setting provides the best security for a WLAN and authenticates users against a centralized directory store?
A. WPA2 AES-CCMP and 801.X authentication
B. WPA2 AES-CCMP and PSK authentication
C. WPA2 TKIP and PSK authentication
D. WPA2 TKIP and 802.1X authentication
In the context of wireless security this actually means TKIP vs. “AES-based CCMP” (not just AES).
TKIP is a lower end encryption protocol (WEP2) and AES is a higher end (WPA2/802.11i) encryption protocol. AES is preferred
Preference Summary
To keep things simple, the best options, in decreasing order of preference, may be:
WPA2 + AES
WPA + AES (only if all devices support it).
WPA + TKIP+AES (only if all devices can support it).
WPA + TKIP
Disabled (no security)
https://learningnetwork.cisco.com/thread/11207