Which of the following is a step in deploying a WPA2-Enterprise wireless network?
Install a token on the authentication server
Install a DHCP server on the authentication server
Install an encryption key on the authentication server
Install a digital certificate on the authentication server
When setting up a wireless network, you’ll find two very different modes of Wi-Fi Protected Access (WPA)
security, which apply to both the WPA and WPA2 versions.The easiest to setup is the Personal mode, technically called the Pre-Shared Key (PSK) mode. It doesn’t
require anything beyond the wireless router or access points (APs) and uses a single passphrase or password
for all users/devices.
The other is the Enterprise mode —which should be used by businesses and organizations—and is also known
as the RADIUS, 802.1X, 802.11i, or EAP mode. It provides better security and key management, and supports
other enterprise-type functionality, such as VLANs and NAP. However, it requires an external authentication
server, called a Remote Authentication Dial in User Service (RADIUS) server to handle the 802.1X
authentication of users.
To help you better understand the process of setting up WPA/WPA2-Enterprise and 802.1X, here’s the basic
Choose, install, and configure a RADIUS server, or use a hosted service.
Create a certificate authority (CA), so you can issue and install a digital certificate onto the RADIUS server,
which may be done as a part of the RADIUS server installation and configuration. Alternatively, you could
purchase a digital certificate from a public CA, such as GoDaddy or Verisign, so you don’t have to install the
server certificate on all the clients. If using EAP-TLS, you’d also create digital certificates for each end-user.
On the server, populate the RADIUS client database with the IP address and shared secret for each AP.
On the server, populate user data with usernames and passwords for each end-user.
On each AP, configure the security for WPA/WPA2-Enterprise and input the RADIUS server IP address and
the shared secret you created for that particular AP.
On each Wi-Fi computer and device, configure the security for WPA/WPA2-Enterprise and set the 802.1X