Certified Ethical Hacker (CEH v12) — Question 235

As an IT intern, you have been asked to help set up a secure Wi-Fi network for a local coffee shop. The owners want to provide free Wi-Fi to their customers, but they are concerned about potential security risks. They are looking for a simple yet effective solution that would not require a lot of technical knowledge to manage. Which of the following security measures would be the most suitable in this context?

Answer options

• A. Disable the network's SSID broadcast
• B. Enable MAC address filtering
• C. Require customers to use VPN when connected to the Wi-Fi
• D. Implement WPA2 or WPA3 encryption

Correct answer: D

Explanation

Implementing WPA2 or WPA3 encryption is the most suitable option as it provides strong security for the Wi-Fi network, protecting data transmitted over it. Disabling the SSID broadcast and enabling MAC address filtering offer minimal security benefits and can be easily bypassed, while requiring a VPN adds complexity that might deter customers from using the network.