CompTIA Security+ (SY0-601) — Question 845

As company uses wireless for all laptops and keeps a very detailed record of its assets, along with a comprehensive list of devices that are authorized to be on the wireless network. The Chief Information Officer (CIO) is concerned about a script kiddie potentially using an unauthorized device to brute force the wireless PSK and obtain access to the internal network. Which of the following should the company implement to BEST prevent this from occurring?

Answer options

• A. A BPDU guard
• B. WPA-EAP
• C. IP filtering
• D. A WIDS

Correct answer: B

Explanation

Implementing WPA-EAP enhances security by requiring users to authenticate through a RADIUS server, making it difficult for unauthorized devices to gain access. A BPDU guard protects against loops in the network but does not address wireless security vulnerabilities. IP filtering can limit access based on IP addresses but does not secure the wireless connection itself. A WIDS monitors for unauthorized devices but does not prevent them from attempting to connect.