Connect Legacy POS Devices to 802.11ac Network without Performance Impact
Question
A network technician has deployed a new 802.11ac network and discovers some of the legacy POS equipment only supports WPA and 802.11a.
Which of the following is the MOST secure method of connecting all devices while avoiding a performance impact to modern wireless devices?
A.
Configure the APs to use LEAP authentication to support WPA rather than WPA2 for full compatibility. B.
Connect modern devices under the 5GHz band while dedicating the 2.4GHz band to legacy devices. C.
Connect the legacy devices with a PSK while the modern devices should use the more secure EAP. D.
Create two SSIDs, one to support CCMP-AES encryption and one with TKIP-RC4 encryption.
C.
Explanations
A network technician has deployed a new 802.11ac network and discovers some of the legacy POS equipment only supports WPA and 802.11a.
Which of the following is the MOST secure method of connecting all devices while avoiding a performance impact to modern wireless devices?
A.
Configure the APs to use LEAP authentication to support WPA rather than WPA2 for full compatibility.
B.
Connect modern devices under the 5GHz band while dedicating the 2.4GHz band to legacy devices.
C.
Connect the legacy devices with a PSK while the modern devices should use the more secure EAP.
D.
Create two SSIDs, one to support CCMP-AES encryption and one with TKIP-RC4 encryption.
C.
The most secure method of connecting all devices while avoiding a performance impact to modern wireless devices is to connect the legacy devices with a PSK while the modern devices should use the more secure EAP. This is the option C.
Explanation:
Option A, configuring the APs to use LEAP authentication to support WPA rather than WPA2 for full compatibility, is not the most secure method because LEAP is a deprecated and insecure authentication method that has been replaced by more secure protocols like EAP-TLS, PEAP, and EAP-FAST.
Option B, connecting modern devices under the 5GHz band while dedicating the 2.4GHz band to legacy devices, is not the most secure method because the band used does not affect the security of the connection. Both 2.4GHz and 5GHz bands can support the same security protocols.
Option D, creating two SSIDs, one to support CCMP-AES encryption and one with TKIP-RC4 encryption, is not the most secure method because TKIP is also a deprecated and insecure encryption method that has been replaced by more secure methods like CCMP.
Therefore, the most secure method of connecting all devices while avoiding a performance impact to modern wireless devices is to connect the legacy devices with a PSK while the modern devices should use the more secure EAP. This allows the legacy devices to connect using the less secure PSK while the modern devices use the more secure EAP, ensuring that all devices are able to connect to the network while maintaining the highest level of security possible.
