A network engineer needs to build a solution that will allow guests at the company's headquarters to access the Internet via WiFi.
This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet.
Which of the following should the engineer employ to meet these requirements?
A.
Implement open PSK on the APs B.
Deploy a WAF C.
Configure WIPS on the APs D.
Install a captive portal.
D.
A network engineer needs to build a solution that will allow guests at the company's headquarters to access the Internet via WiFi.
This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet.
Which of the following should the engineer employ to meet these requirements?
A.
Implement open PSK on the APs
B.
Deploy a WAF
C.
Configure WIPS on the APs
D.
Install a captive portal.
D.
The solution that the network engineer needs to build must provide internet access to guests at the company's headquarters while preventing access to the internal corporate network. Additionally, the solution should require guests to agree to an acceptable use policy before accessing the internet.
The best solution for this scenario is to install a captive portal. A captive portal is a web page that is displayed to guests before they can access the internet. The page can contain the acceptable use policy that guests must agree to before accessing the internet.
When a guest connects to the WiFi network, the captive portal will redirect them to the policy page, and they must accept the terms before they can access the internet. Once the guest has accepted the policy, they will be granted access to the internet, but they will not be able to access the internal corporate network.
Option A, implementing open PSK on the access points, is not a suitable solution because it uses a pre-shared key that guests can use to connect to the WiFi network. This would allow them to potentially gain access to the internal corporate network.
Option B, deploying a WAF, is not a suitable solution for this scenario because a WAF is used to protect web applications from attacks, and it does not provide a mechanism for guest WiFi access.
Option C, configuring WIPS on the access points, is not a suitable solution for this scenario because WIPS is used to detect and prevent wireless intrusions, and it does not provide a mechanism for guest WiFi access.
Therefore, the best solution for this scenario is to install a captive portal to require guests to agree to an acceptable use policy before accessing the internet while preventing access to the internal corporate network.