ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 156 discussion

Actual exam question from CompTIA's SY0-601
Question #: 156
Topic #: 1
[All SY0-601 Questions]

SIMULATION -
A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802.1X using the most secure encryption and protocol available.

INSTRUCTIONS -
Perform the following steps:
4. Configure the RADIUS server.
5. Configure the WiFi controller.
6. Preconfigure the client for an incoming guest. The guest AD credentials are:

User: guest01 -

Password: guestpass -
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.




Show Suggested Answer Hide Answer
Suggested Answer: Configure the settings as shown below:
Configure the settings as shown below:
by DUCKDOG at Sept. 2, 2022, 7:02 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
DUCKDOG
Highly Voted 2 years, 5 months ago
Wifi Controller SSID: CORPGUEST SHARED KEY: Secret AAA server IP: 192.168.1.20 PSK: Blank Authentication type: WPA2-EAP-PEAP-MSCHAPv2 Controller IP: 192.168.1.10 Radius Server Shared Key: Secret Client IP: 192.168.1.10 Authentication Type: Active Directory Server IP: 192.168.1.20 Wireless Client SSID: CORPGUEST Username: guest01 Userpassword: guestpass PSK: Blank Authentication type: WPA2-Enterprise
upvoted 103 times
h3r0
1 year, 11 months ago
how we we leave the PSK to blank? is it in the choices? it's not in the pull-down choices as mentioned by serjinljr... WiFi Controller: Authentication type drop down: OPEN WPA-EAP-PEAP-MSCHAPv2 WPA-PSK WPA2-EAP-PEAP-MSCHAPv2 WPA2-PSK WEP Radius Server: Authentication type drop down: LOCAL Active Directory MSSQL Wireless Client Authentication type drop down: OPEN WPA-PSK WEP WPA2-PSK WPA2-Enterprise WPA-Enterprise
upvoted 10 times
Protract8593
1 year, 6 months ago
P.S. The PSK field seems to be a text field, not a drop-down menu. You should be able to leave it blank. The drop-down menu here is the authentication type, which is WPA2-EAP-PEAP-MSCHAPv2 for the WiFi Controller, Active Directory for the RADIUS Server, and WPA2-Enterprise for the Wireless Client.
upvoted 4 times
...
...
andrizo
2 years, 3 months ago
would you mind explaining the auth type=eap-peap; wpa2 enterprise? i think i know why a pre shared key would not be used here.
upvoted 1 times
Juraj22
2 years, 2 months ago
yes, in this scenario, You have a 3 type of devices called Authentication server(radius or tacacs), authenticator(AP controller, or switches or AP in standalone mode and so on) and last one is client. And everything is about that, if client want to join to network, he must contact authenticator(switch- via ethernet cable or AP - wireless) and in this contact is username and password. Authenticator(swich or in this scenario AP controller) takes this credentials and sends it to Radius, radus then check this user an his password and if everything is ok, then he send accept message to authenticator and authenticator to client and client can have full access to network. If not, he will be rejected. This is only in general, there is more steps, bud idea is that everything is going via EAP :) not WPA2-PSK
upvoted 15 times
...
...
Juraj22
2 years, 2 months ago
Absolutly right from network admin. And this is answr for everybody. if you are using Wifi and Radius, you cant use WPA2-PSK...WPA2-PSK is for password sharing, for authentication via radius and ActiveDirectory, you have to use EAP-PEAP-MSCHAPv2 :) And i am 100% sure. So this solution is really OK. And last thing, end user(client), has to know only username and password for client, nothing more....In other words(there is authentication server- radius and authenticator(Wireless controller), they have to know secret key, but client only username and pass)
upvoted 24 times
...
...
ostralo
Highly Voted 2 years, 3 months ago
Wifi Controller SSID - CORPGUEST Shared key - SECRET (from Radius server) AAA server IP - 192.168.1.20 PSK - N/A? Authentication type - WPA2-EAP-PEAP-MSCHAPv2 Radius Server Shared Key - SECRET Client IP - 192.168.1.10(Controller IP) Authentication type - Active Directory(the guest account was created in AD) Server IP - 192.168.1.20 Wireless Client SSID - CORPGUEST Username - guest01 User password - guestpass PSK - N/A? Authentication type - WPA2-Enterprise
upvoted 19 times
...
AbdullahMohammad251
Most Recent 8 months, 4 weeks ago
WIFI controller settings: -SSID given Both the wifi controller and the radius server should use the same shared secret for authentication. - Shared key ---> SECRET We are already given the key in the Radius Server box "SECRET" , note that the shared secret key is case-sensistive. - AAA IP ---> 192.168.1.20 (also given in Radius server box) -PSK is left blank because we are using WPA2-Enterprise instead of WPA2-PSK (WPA2-Enterprise is more secure, uses an AAA server to store credentials for each user). -Auth type ---> WPA2-Enterprise or WPA3-Enterprise depending on the options presented in the DDL (dropdown list) -controller IP -->given
upvoted 2 times
AbdullahMohammad251
8 months, 4 weeks ago
Radius server settings: -Shared key -->given -Client IP--->192.168.1.10. The WIFI controller sits between the wireless client and the RADIUSserver. It sends the client request on his/her behalf and direct it to the Authentication server. -Authentication type should be WPA2-Enterprise (same used by the controller and client) or AD (active directory) depending on the options presented in the DDL.
upvoted 2 times
...
AbdullahMohammad251
8 months, 4 weeks ago
Wireless Client: SSID-->CORPGUEST Username--->guest01 (as given by the question) pass-->guestpass (as given by the question) PSK-->blank Auth type--> WPA2-Enterprise
upvoted 2 times
...
AbdullahMohammad251
8 months, 4 weeks ago
Wireless Client: SSID-->CORPGUEST Username--->guest01 (as given by the question) pass-->guestpass (as given by the question) PSK-->blank Auth type--> WPA2-Enterprise
upvoted 1 times
...
...
ps1hacker
10 months ago
For anyone still reading this, DONT USE THE PROVIDED ANSWER DIAGRAM. Go with DuckDogs answer. Reason: WPA2-PSK uses a pre-shared key that is shared among all users, which means it lacks the ability to provide individual user authentication.
upvoted 3 times
...
Kaps443
1 year, 9 months ago
This question was on my exam
upvoted 16 times
...
MorganB
1 year, 9 months ago
MorganB 0 minutes ago Awaiting moderator approval Pass my exam 27, April 23. This question was on my tested worded differently but the correct answer is DUCKDOG answer listed below.
upvoted 5 times
...
NerdAlert
1 year, 10 months ago
definitely saw this on the exam
upvoted 5 times
...
apata123
2 years, 3 months ago
This came in my exam, please take this Pbqs serious…
upvoted 8 times
...
CloudGrogu
2 years, 4 months ago
What are the pulldown options for this question?
upvoted 1 times
serginljr
2 years, 4 months ago
WiFi Controller: Authentication type drop down: OPEN WPA-EAP-PEAP-MSCHAPv2 WPA-PSK WPA2-EAP-PEAP-MSCHAPv2 WPA2-PSK WEP Radius Server: Authentication type drop down: LOCAL Active Directory MSSQL Wireless Client Authentication type drop down: OPEN WPA-PSK WEP WPA2-PSK WPA2-Enterprise WPA-Enterprise
upvoted 10 times
andrizo
2 years, 3 months ago
were just picking the strongest auth type then?
upvoted 5 times
...
...
...
comeragh
2 years, 5 months ago
Wifi Contoller AAA Server IP: 192.168.1.20 PSK: Johnknows@123 (if you need to enter something) Authentication Type: WPA2-PSK Radius Server Client IP: 192.168.1.10 Authentication Type: Active Directory Wireless Client: SSID: CORPGUEST Username: guest01 Password: guestpass PSK: Johnknows@123 (if you need to enter something) Authentication Type: WPA2-Enterprise
upvoted 5 times
Phasmid
2 years, 4 months ago
I'm still trying to learn all of this stuff. Could you by any chance give me a clue as to how you knew what IP addresses to fill in?
upvoted 2 times
_Tyler_
2 years, 4 months ago
The given info gives most of the answers away for example the AAA server IP you would input the only other IP given in the question so this would be the IP of your Radius Server and vice versa.
upvoted 6 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago