ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations. As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication?

A. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.

B. When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.

C. MS-CHAPv2 uses AES authentication, and is therefore secure.

D. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.

E. LEAP's use of MS-CHAPv2 is only secure when combined with WEP.

You must implement 7 APs for a branch office location in your organizations. All APs will be autonomous and provide the same two SSIDs (CORP1879 and Guest).

Because each AP is managed directly through a web-based interface, what must be changed on every AP before enabling the WLANs to ensure proper staging procedures are followed?

A. Output power

B. Fragmentation threshold

C. Administrative password

D. Cell radius

Role-Based Access Control (RBAC) allows a WLAN administrator to perform what network function?

A. Provide two or more user groups connected to the same SSID with different levels of network privileges.

B. Allow access to specific files and applications based on the user's WMM access category.

C. Allow simultaneous support for multiple EAP types on a single access point.

D. Minimize traffic load on an AP by requiring mandatory admission control for use of the Voice access category.

ABC Company is an Internet Service Provider with thousands of customers. ABC's customers are given login credentials for network access when they become a customer. ABC uses an LDAP server as the central user credential database. ABC is extending their service to existing customers in some public access areas and would like to use their existing database for authentication. How can ABC Company use their existing user database for wireless user authentication as they implement a large-scale WPA2Enterprise WLAN security solution?

A. Implement a RADIUS server and query user authentication requests through the LDAP server.

B. Mirror the LDAP server to a RADIUS database within a WLAN controller and perform daily backups to synchronize the user databases.

C. Import all users from the LDAP server into a RADIUS server with an LDAP-to-RADIUS conversion tool.

D. Implement an X.509 compliant Certificate Authority and enable SSL queries on the LDAP server.

After completing the installation of a new overlay WIPS for the purpose of rogue detection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify the security threats?

A. Separate security profiles must be defined for network operation in different regulatory domains.

B. WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.

C. Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements are being met.

D. Authorized PEAP usernames must be added to the WIPS server's user database.