Which of the following provides the strongest authentication security on a wireless network?
A.
MAC filter
B.
WPA2
C.
WEP
D.
Disable SSID broadcast
Explanation:
The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) authentication protocols were
designed to address the core, easy-to-crack problems of WEP.
Incorrect Answers:
A: MAC filtering would increase the security, but an authentication protocol such as WPA2 would still be
required.
Note: When MAC filtering is used, the administrator compiles a list of the MAC addresses associated with
users’ computers and enters those addresses. When a client attempts to connect and other values have
been correctly entered, an additional check of the MAC address is done. If the address appears in the list,
the client is allowed to join; otherwise, it is forbidden from doing so.
C: WEP is weak compared to WPA2. WEP has many vulnerabilities.
D: Disabling SSID broadcasting is not the best solution.
One method of protecting the network that is often recommended is to disable, or turn off, the SSID
broadcast (also known as cloaking). The access point is still there, and it is still accessible by those who
have been told of its existence by the administrator, but it prevents those who are just scanning from
finding it. This is considered a very weak form of security, because there are still other ways, albeit a bit
more complicated, to discover the presence of the access point besides the SSID broadcast.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 171, 178, 183, 258