An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request?
Click on the arrows to vote for the correct answer
A. B. C. D.C
To secure the WLC from receiving spoofed association requests and force the user to wait for 10ms to retry an association request, the administrator needs to configure the Security Association (SA) Query timeout value. The SA query is a mechanism used by the WLC to verify the authenticity of the client device before allowing it to join the wireless network.
Out of the given options, only option A is relevant in this scenario. Option A suggests enabling MAC filtering and setting the SA Query timeout value to 10. The correct answer is, therefore, A.
Here's a more detailed explanation of the option A:
A. Enable MAC filtering and set the SA Query timeout to 10: MAC filtering is a security feature that allows the WLC to filter out unauthorized devices based on their MAC addresses. When enabled, the WLC only allows devices with authorized MAC addresses to connect to the wireless network. To further enhance security, the administrator can set the SA Query timeout value to 10. This means that if the WLC receives an association request from an unauthorized device, it will respond with an SA Query to verify the device's authenticity. If the device fails to respond to the SA Query within 10ms, the WLC will reject the association request, and the device will have to wait for 10ms before retrying.
Option B is incorrect because it suggests enabling 802.1x Layer 2 security, which is a different security mechanism that uses an authentication server to verify the identity of the client device before allowing it to join the wireless network. It also suggests setting the Comeback timer to 10, which is not relevant to the scenario described in the question.
Option C is incorrect because it suggests enabling Security Association Teardown Protection, which is a mechanism used to protect the SA between the WLC and the client device from being disrupted by a third-party device. It also suggests setting the SA Query timeout value to 10, which is relevant but not sufficient to address the scenario described in the question.
Option D is incorrect because it suggests enabling the Protected Management Frame service, which is a security feature used to protect management frames from being intercepted or modified by unauthorized devices. It also suggests setting the Comeback timer to 10, which is not relevant to the scenario described in the question.