CompTIA Securtiy+ Set12 A_3_4_Secure_Wireless_Access
Multiple organizations operating in the same vertical want to provide seamless wireless access for their employees
as they visit the other organizations.
Which of the following should be implemented if all the organizations use the native 802.1X client on their mobile devices?
The security administrator has noticed cars parking just outside of the building fence line.
Which of the following security measures can the administrator use to help protect the company's WiFi network against war driving? (Select TWO)
A security analyst is specifying requirements for a wireless network. The analyst must explain the security features Key rotationprovided by various architecture choices.
Which of the following is provided by PEAP, EAP-TLS, and EAP-TTLS?
A company is currently using the following configuration:
- IAS server with certificate-based EAP-PEAP and MSCHAP
- Unencrypted authentication via PAP
A security administrator needs to configure a new wireless setup with the following configurations:
- PAP authentication method
- PEAP and EAP provide two-factor authentication
Which of the following forms of authentication are being used? (Select two.)
A systems administrator wants to implement a secure wireless network requiring wireless clients to pre-register with the company and install a PKI client certificate prior to being able to connect to the wireless network.
Which of the following should the systems administrator configure?
A security analyst is hardening a WiFi infrastructure.
The primary requirements are the following:
- The infrastructure must allow staff to authenticate using the most secure method.
- The infrastructure must allow guests to use an "open" WiFi network that logs valid
email addresses before granting access to the Internet.
Given these requirements, which of the following statements BEST represents what the analyst should recommend and configure?
A systems administrator wants to configure an enterprise wireless solution that supports authentication over
HTTPS and wireless encryption using AES. Which of the following should the administrator configure to support
these requirements? (Select TWO).
A security administrator is configuring a RADIUS server for wireless authentication. The configuration must ensure client credentials are encrypted end-to-end between the client and the authenticator.
Which of the following protocols should be configured on the RADIUS server? (Choose two.)
A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure.
Which of the following should be implemented to harden the infrastructure without upgrading the
Which of the following attacks is used to capture the WPA2 handshake?
A security engineer is configuring a wireless network that must support mutual authentication of the wireless
client and the authentication server before users provide credentials. The wireless network must also support
authentication with usernames and passwords. Which of the following authentication protocols MUST the security
A systems engineer is configuring a wireless network. The network must not require installation of third-party software. Mutual authentication of the client and the server must be used. The company has an internal PKI.
Which of the following configurations should the engineer choose?
An instructor is teaching a hands-on wireless security class and needs to conﬁgure a test access point to show students an attack on a weak protocol.
Which of the following conﬁgurations should the instructor implement?
A system administrator wants to provide for and enforce wireless access accountability during events where
external speakers are invited to make presentations to a mixed audience of employees and non-employees.
Which Shared accountsof the following should the administrator implement?
A coffee company has hired an IT consultant to set up a WiFi network that will provide Internet access to customers who visit the company's chain of cafés. The coffee company has provided no requirements other than that customers should be granted access after registering via a web form and accepting the terms of service.
Which of the following is the MINIMUM acceptable configuration to meet this single requirement?
A company is deploying a wireless network. It is a requirement that client devices must use X.509 certificates to mutually authenticate before connecting to the wireless network.
Which of the following protocols would be required to accomplish this?
A wireless network has the following design requirements:
- Authentication must not be dependent on enterprise directory service
- It must allow background reconnection for mobile users
- It must not depend on user certificates
Which of the following should be used in the design to meet the requirements? (Choose two.)
(The term “background reconnection” does not exist in any WiFi documentation; PEAP does
support “fast reconnect” while roaming - it is a bit unclear what CompTIA means here)
An attack that is using interference as its main attack to impede network traffic is which of the following?
A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.
Please click on the below items on the network diagram and configure them accordingly:
- DHCP Server
- AAA Server
- Wireless Controller
- LDAP Server
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
[Anmerkung: Zur Zeit liegen leider nur Screenshots für den Access Point vor!]
An administrator is replacing a wireless router. The configuration of the old wireless router was not documented
before it stopped functioning. The equipment connecting to the wireless network uses older legacy equipment
that was manufactured prior to the release of the 802.11i standard. Which of the following configuration options
should the administrator select for the new wireless router?
A security analyst is hardening a large-scale wireless network. The primary requirements are the following:
- Must use authentication through EAP-TLS certiﬁcates
- Must use an AAA server
- Must use the most secure encryption protocol
Given these requirements, which of the following should the analyst implement and recommend? (Select TWO.)
The SSID broadcast for a wireless router has been disabled but a network administrator notices that unauthorized
users are accessing the wireless network. The administer has determined that attackers are still able to detect the
presence of the wireless network despite the fact the SSID has been disabled.
Upgrade the encryption to WPA or WPA2Which of the following would further obscure the presence of the wireless network?
An analyst wants to implement a more secure wireless authentication for office access points.
Which of the following technologies allows for encrypted authentication of wireless clients over TLS?
A user of the wireless network is unable to gain access to the network. The symptoms are:
- Unable to connect to both internal and Internet resources
- The wireless icon shows connectivity but has no network access
The wireless network is WPA2 Enterprise and users must be a member of the wireless security group to authenticate.
Which of the following is the MOST likely cause of the connectivity issues?
When connected to a secure WAP, which of the following encryption technologies is MOST likely to be configured
when connecting to WPA2-PSK?
A technician is configuring a wireless guest network. After applying the most recent changes the technician finds
the new devices can no longer find the wireless network by name, but existing devices are still able to use the
Which of the following security measures did the technician MOST likely implement to cause this Scenario?
A security engineer is configuring a wireless network with EAP-TLS. Which of the following activities is a requirement for this configuration?
A system administrator wants to provide balance between the security of a wireless network and usability. The
administrator is concerned with wireless encryption compatibility of older devices used by some employees.
Which of the following would provide strong security and backward compatibility when accessing the wireless
A company wants to implement a wireless network with the following requirements:
- All wireless users will have a unique credential.
- User certificates will not be required for authentication.
- The company's AAA infrastructure must be utilized.
- Local hosts should not store authentication tokens.
Which of the following should be used in the design to meet the requirements?
An organization wants to set up a wireless network in the most secure way. Budget is not a major consideration, and the organization is willing to accept some complexity when clients are connecting. It is also willing to deny Enable WPA2-PSK for older clients and WPA2-Enterprise for all other clients.wireless connectivity for clients who cannot be connected in the most secure manner.
Which of the following would be the MOST secure setup that conforms to the organization's requirements?
A security administrator wants to configure a company's wireless network in a way that will prevent wireless clients from broadcasting the company's SSID.
Which of the following should be configured on the company's
A network administrator at a small office wants to simplify the configuration of mobile clients connecting to an
encrypted wireless network.
Which of the following should be implemented in the administrator does not want to provide the wireless password or the certificate to the employees?
A network administrator is setting up wireless access points in all the conference rooms and wants to authenticate devices using PKI.
Which of the following should the administrator configure?
A systems administrator wants to implement a wireless protocol that will allow the organization to authenticate
mobile devices prior to providing the user with a captive portal Iogin.
Which of the following should the systems administrator configure?
A company utilizes 802.11 for all client connectivity within a facility. Users in one part of the building are reporting they are unable to access company resources when connected to the company SSID.
Which of the following should the security administrator use to assess connectivity?
A local coffee shop runs a small WiFi hotspot for its customers that utilizes WPA2-PSK. The coffee shop would like WEPto stay current with security trends and wants to implement WPA3 to make its WiFi even more secure.
Which of the following technologies should the coffee shop use in place of PSK?
A user suspects someone has been accessing a home network without permission by spoofing the MAC address of
an authorized system. While attempting to determine if an authorized user is logged into the home network, the
user reviews the wireless router, which shows the following table for systems that are currently on the home
Host IP Mac Mac Filter
DadPC 192.168.1.10 00:1d:blabla On
MomPC 192.168.1.10 21:13:blabla Off
JuniorPC 192.168.1.10 42:a7:blabla On
Unknown 192.168.1.10 10:b3:blabla Off
Which of the following should be the NEXT step to determine if there is an unauthorized user on the network?
A security guard has informed the Chief Information Security Officer that a person with a tablet has been walking
around the building. The guard also noticed strange white markings in different areas of the parking lot.
The person is attempting which of the following types of attacks?
A network technician is setting up a segmented network that will utilize a separate ISP to provide wireless access to the public area for a company.
Which of the following wireless security methods should the technician implement to provide basic accountability for access to the public network?
A company needs to implement a system that only lets a visitor use the company's network infrastructure if the visitor accepts the AUP.
Which of the following should the company use?
A systems administrator needs to integrate multiple IoT and small embedded devices into the company's wireless
network securely. Which of the following should the administrator implement to ensure low-power and legacy
devices can connect to the wireless network?
A company wants to configure its wireless network to require username and password authentication.
Which of the following should the systems administrator implement?
A Chief Executive Officer (CEO) is staying at a hotel during a business trip. The hotels wireless network does not show a lock symbol.
Which of the following precautions should the CEO take? (Choose two.)
A systems engineer is setting up a RADIUS server to support a wireless network that uses certificate authentication.
Which of the following protocols must be supported by both the RADIUS server and the WAPs?
After correctly configuring a new wireless enabled thermostat to control the temperature of the company's
meeting room, Joe, a network administrator, determines that the thermostat is not connecting to the internet-
based control system. Joe verifies that the thermostat received the expected network parameters and it is
associated with the AP. Additionally, the other wireless mobile devices connected to the same wireless network
are functioning properly. The network administrator verified that the thermostat works when tested at his
Which of the following is the MOST likely reason the thermostat is not connecting to the internet?
Which of the following attack types is being carried out where a target is being sent unsolicited messages via