Which of the following provides the strongest authentication security on a wireless network?

A.
MAC filter

B.
WPA2

C.
WEP

D.
Disable SSID broadcast

Explanation:
The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) authentication protocols were designed to address the core, easy-to-crack problems of
WEP.
Incorrect Answers:
A: MAC filtering would increase the security, but an authentication protocol such as WPA2 would still be required.
Note: When MAC filtering is used, the administrator compiles a list of the MAC addresses associated with users’ computers and enters those addresses. When a
client attempts to connect and other values have been correctly entered, an additional check of the MAC address is done. If the address appears in the list, the
client is allowed to join; otherwise, it is forbidden from doing so.
C: WEP is weak compared to WPA2. WEP has many vulnerabilities.

D: Disabling SSID broadcasting is not the best solution. One method of protecting the network that is often recommended is to disable, or turn off, the SSID
broadcast (also known as cloaking). The access point is still there, and it is still accessible by those who have been told of its existence by the administrator, but it
prevents those who are just scanning from finding it. This is considered a very weak form of security, because there are still other ways, albeit a bit more
complicated, to discover the presence of the access point besides the SSID broadcast.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 171, 178, 183, 258