Securing Cisco Wireless Enterprise Networks (WISECURE, legacy) — Question 4

After receiving an alert regarding a rogue AP, a network engineer logs into Cisco Prime and looks at the floor map where the AP that detected the rogue is located.
The map is synchronized with a mobility services engine that determines the rogue device is actually inside the campus. The engineer determines the rogue to be a security threat and decides to stop it from broadcasting inside the enterprise wireless network. What is the fastest way to disable the rogue?

Answer options

• A. Go to the location the rogue device is indicated to be and disable the power.
• B. Create an SSID on the WLAN controller resembling the SSID of the rogue to spoof it and disable clients from connecting to it.
• C. Classify the rogue as malicious in Cisco Prime.
• D. Update the status of the rogue in Cisco Prime to contained.

Correct answer: C

Explanation

The correct answer is C because classifying the rogue AP as malicious in Cisco Prime will allow the system to take appropriate actions to mitigate the threat. Options A and B involve physical actions or methods that may not be as immediate or effective, and option D simply updates the status without actively addressing the threat.