Given:ABC company is implementing a secure 802.11WLAN at there head quarters building in New York and at each of the 10 small, remote branch offices around the country 802.1X/EAP is ABC’s preferred security solution. Where possible At all access points (at the headquarters building and all branch offices) connect to single WLAN controller located at the head quarters building, what additional security considerations should be made? (Choose 2)

A.
An encrypted connection between the WLAN controller and each controller-based AP should be used or all branch offices should be connected to the head quarters building a VPN.

B.
Remote WIPS sensors should be installed at the headquarters building and at all branch office to monitor and enforce wireless security.

C.
RADIUS service should always be provided at branch offices so that user authentication is kept on the local network.

D.
Remote management via telnet, SSH, HTTP, HTTPs should be permitted across the WLAN link.

Explanation:
Hardware or software – basedsensorsmay be placed strategically to listen to and capture all 802.11 communications. Sensors are the eyes and ears of a WIDS/WIPS monitoring solution. Sensors use 802.11 radios to collect information used in securing and analyzing WLAN traffi c.

AnintegratedWIDS/WIPS architecture is used by many of the WLAN controller vendors using the WLAN architecture to provide client access and security monitoring.. The WLAN controller – based access points can be confi gured
in a full – time sensor – only mode or can act as part – time sensors when not transmitting as
access points. WLAN controller – based APs are often called " thin " APs or " lightweight " APs. The controller – based APs have full access point functionality and are centrally managed by the WLAN controller.