A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure. Which of the following should be implemented to harden the infrastructure without upgrading the WAP?
because the question states that it's a legacy WAP, how can it be legacy and able to be configured to use WPA2-Enterprise? which is the strongest form of wireless authentication yet.
Great Cheat Sheet for WiFi protocols on the address below answer will make sense then.
https://searchnetworking.techtarget.com/feature/Wireless-encryption-basics-Understanding-WEP-WPA-and-WPA2
"The numerous flaws in WEP revealed the urgent need for an alternative, but the deliberately slow and careful processes required to write a new security specification posed a conflict. In response, in 2003, Wi-Fi Alliance released WPA as an interim standard, while IEEE worked to develop a more advanced, long-term replacement for WEP."
"To add support for WPA or WPA2, some old Wi-Fi access points might need to be replaced or have their firmware upgraded"
https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy#Weak_security
Bad question Comptia
The answer is correct. TKIP is no longer recommended. WPS isn't secure and can be cracked in a matter of seconds. WEP and RC4 are both no longer secure. That leaves WPA2-Enterprise which has been around for 17 years.
Legacy device does not support WPA2.
How to verify WPA2 Compatibility
Most Wi-Fi products bought in 2005 or after should support WPA2. If you have a wireless router, access points, computers, or other Wi-Fi devices that were purchased in 2005 or before, you might want to double-check the support of WPA2.
The original security standard was Wired Equivalent Privacy (WEP). It was replaced by the original Wi-Fi Protected Access (WPA) in 2003 as an interim solution to the limited protection offered by WEP. The WPA program added support for Temporal Key Integrity Protocol (TKIP) encryption, an older form of security technology with some vulnerability to cryptographic attacks. WPA was replaced in 2004 with more advanced protocols of WPA2.
So the answer is : WPA & TKIP
I think the "legacy" part is just there to throw you off. WAP or Wireless Access Points are mainly about speed and range. The security protocols, such as WPA2 enterprise, should work with all of them.
according to this article, given answer is correct : https://www.cisco.com/c/en/us/support/docs/smb/wireless/cisco-small-business-100-series-wireless-access-points/smb5163-configure-wireless-security-settings-on-a-wap.html
Implementing WPA2 on "WAP" - (wireless access point)
why are you the way you are CompTIA...I might just go for CISSP instead these questions are honestly ridiculous. just straight word salads
50 x more obscure then anything ive come across with Jason Dion, Mike Meyers, Messer, Certmaster, Gibson
WPA2 is fully compliant with the 802.11i WLAN security standard. The only
reason not to use WPA2 is if it is not supported by adapters, APs, or operating
systems on the network. In many cases, devices will be compatible with a firmware or
driver upgrade. The first version of Wi-Fi Protected Access (WPA) was designed to fix the
security problems with WEP. Version 1 of WPA still uses the RC4 cipher but adds a
mechanism called the Temporal Key Integrity Protocol (TKIP) to make it stronger.
A. Implement WPA and TKIP
... WPA2 is recommended unless you need to provide access to for legacy devices. All 802.11n devices support WPA2. ... TKIP is not permitted for 802.11n-based transmissions. It is only supported for legacy (802.11b, 802.11g and 802.11a) transmissions, which are limited to a maximum of 54 Mbps. ... If you need to accommodate legacy devices with an SSID, enable WPA encryption with the TKIP cipher. Keep in mind that this has an effect on performance. The additional AES cipher takes more computing power to run than simple TKIP does, therefore older, smaller devices may not support it. ... (https://www.juniper.net/documentation/en_US/junos-space-apps/network-director3.1/topics/concept/wireless-encryption-and-ciphers.html)
WPA uses Temporal Key Integrity Protocol (TKIP) for generating encryption keys. ... TKIP, combined with an improved implementation of the same RC4 stream cipher that WEP uses, provides WPA encryption. TKIP enables backward-compatibility with legacy WEP, uses 128-bit keys, and uses a 48-bit initialization vector. (Mike Meyers’ CompTIA Security+ p. 328-329)
WPA2-TKIP would be the best option.
Since it's not available, then WPA-TKIP.
WPA2-Enterprise / WPA2 802.1x has hardware restrictions on modules prior to 2005.
Unless I'm missing something...
Nope, I was right the first time:
https://www.comparitech.com/blog/information-security/wpa2-aes-tkip/
WPA2 - Personal can use TKIP.
WPA2 - Enterprise cannot.
This section is not available anymore. Please use the main Exam Page.SY0-501 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Jenkins3mol
Highly Voted 5 years, 6 months agoso
5 years, 5 months agorenad_r
5 years, 5 months agoSmackedWookiee
4 years agokastanov
3 years, 12 months agoLeona001
Highly Voted 5 years, 3 months agoBrittle
Most Recent 3 years, 10 months agoDion79
3 years, 11 months agoDion79
3 years, 11 months agotroxel
4 years agoSmackedWookiee
4 years agomdsabbir
4 years, 1 month agoKJ44
4 years, 1 month agoBanjo
4 years, 3 months agocertpro
4 years, 4 months agoMichaelLangdon
4 years, 4 months agoHanzero
4 years, 7 months agojama
4 years, 8 months agobabati
4 years, 8 months agovaxakaw829
4 years, 8 months agoDiogenes_td
4 years, 9 months agoDiogenes_td
4 years, 9 months agoDiogenes_td
4 years, 9 months agoaymenfarah
4 years, 9 months ago