CWAP: Certified Wireless Analysis Professional v402 — Question 9

A manager at a retail outlet has complained that an incident occurred allowing a STA to launch an attack against another STA connected to their public Wi-Fi hotspot. He has asked you to troubleshoot the situation and verify that all possible measured are being taken to prevent this.
What configuration should you check in the AP?

Answer options

• A. Client-to-client direct communications
• B. Inter-VAP filtering
• C. DNS settings
• D. Captive portal Internet gateway

Correct answer: B

Explanation

The correct answer is B, Inter-VAP filtering, as it prevents direct communication between STAs on different virtual access points, thereby mitigating potential attacks. Option A is incorrect because allowing client-to-client communications can lead to security vulnerabilities. Option C is not relevant to this issue, as DNS settings do not impact direct STA interactions. Option D also does not address the problem, as the captive portal Internet gateway is related to user authentication rather than security between STAs.