As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client
devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy,
what password-related items should be addressed?

A.
MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

B.
Password complexity should be maximized so that weak WEP IV attacks are prevented.

C.
Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.

D.
Certificates should always be recommended instead of passwords for 802.11 client authentication.

E.
EAP-TLS must be implemented in such scenarios.