Preventing Rogue Access Points
Question
A network technician has discovered a rogue access point placed under an empty cubicle desk.
Which of the following should the technician perform to ensure another cannot be placed on the network?
A.
Disable unused ports on switches B.
Enable DHCP guard to detect rogue servers C.
Configure WPA2 on all access points D.
Use TACACS+ authentication.
B.
Explanations
A network technician has discovered a rogue access point placed under an empty cubicle desk.
Which of the following should the technician perform to ensure another cannot be placed on the network?
A.
Disable unused ports on switches
B.
Enable DHCP guard to detect rogue servers
C.
Configure WPA2 on all access points
D.
Use TACACS+ authentication.
B.
The correct answer to the question is B. Enable DHCP guard to detect rogue servers.
Explanation:
A rogue access point is a wireless access point that has been installed on a network without authorization, usually with the intention of allowing unauthorized access to the network. Rogue access points can be a security threat as they can provide an entry point for attackers to gain access to the network.
To prevent unauthorized access to the network through rogue access points, network technicians can take several steps. The best option is to implement a combination of these steps to provide the most comprehensive protection.
Option A, Disable unused ports on switches, can be a good security measure to prevent unauthorized access to the network. However, it does not specifically address the issue of rogue access points, as they can be connected to any active network port.
Option C, Configure WPA2 on all access points, is a good security measure for securing wireless networks. However, it does not address the issue of rogue access points as they can still be connected to the network physically using a network cable.
Option D, Use TACACS+ authentication, is a good security measure to ensure that only authorized users can access the network. However, it does not address the issue of rogue access points, as they can be installed and connected to the network by anyone with physical access.
Option B, Enable DHCP guard to detect rogue servers, is the best option to detect rogue access points. DHCP guard is a feature in switches that prevents unauthorized DHCP servers from being connected to the network. When enabled, DHCP guard monitors the network for unauthorized DHCP servers and blocks any DHCP traffic that is not authorized. This helps prevent rogue access points from providing IP addresses to devices on the network.
In conclusion, to prevent unauthorized access to the network through rogue access points, network technicians should implement a combination of security measures, including disabling unused ports, configuring WPA2 on access points, using TACACS+ authentication, and enabling DHCP guard to detect rogue servers. However, the most effective option to detect rogue access points is to enable DHCP guard.
