New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CWNP CWSP-207 Exam - Topic 4 Question 19 Discussion

Actual exam question for CWNP's CWSP-207 exam
Question #: 19
Topic #: 4
[All CWSP-207 Questions]

Given: ABC Company is implementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources.

What security best practices should be followed in this deployment scenario?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Floyd at Nov 13, 2024, 11:23 PM

Limited Time Offer

25%

Off

Get Premium CWSP-207 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Francine
3 months ago
Wait, can we really trust all these remote setups?
upvoted 0 times
...
Sherita
3 months ago
Prohibiting remote management over WAN? Definitely a must!
upvoted 0 times
...
Ulysses
3 months ago
RADIUS at branches? That's a solid idea for security!
upvoted 0 times
...
Antonio
4 months ago
I disagree, unique SSIDs can complicate user access.
upvoted 0 times
...
Taryn
4 months ago
A VPN connection for remote APs sounds essential!
upvoted 0 times
...
Monte
4 months ago
I definitely recall that remote management should be secure, so prohibiting Telnet and using SSH instead makes sense, but I wonder if that’s enough for the WAN link.
upvoted 0 times
...
Gaston
4 months ago
I feel like RADIUS at the branch offices is a good idea, but I’m not confident if it’s necessary since we have a centralized controller.
upvoted 0 times
...
Denise
4 months ago
I’m not entirely sure, but I think having unique SSIDs for each branch could help with user accounting, like we practiced in class.
upvoted 0 times
...
Vallie
5 months ago
I remember studying about the importance of using encrypted VPNs for secure communication between remote sites and HQ, so option A seems like a solid choice.
upvoted 0 times
...
Louisa
5 months ago
This question covers a lot of different security aspects - network architecture, authentication, and remote management. I'll need to make sure I address all the key elements in my answer.
upvoted 0 times
...
Onita
5 months ago
I'm a bit confused about the 802.1X/EAP requirement and how that fits in with the remote branch office setup. I'll need to review that part of the material again.
upvoted 0 times
...
Lai
5 months ago
Okay, let's see. Encrypted VPNs, unique SSIDs, RADIUS services, and remote management restrictions - those all sound like good security measures to consider here.
upvoted 0 times
...
Brittni
5 months ago
Hmm, the remote branch offices with minimal IT resources could be tricky. I'll need to think carefully about the best practices for that part.
upvoted 0 times
...
Hildred
5 months ago
This looks like a pretty straightforward 802.11 security question. I think I can handle this one.
upvoted 0 times
...
Denny
1 year ago
Haha, option D is a classic. Prohibiting remote management of the WLAN controller is a no-brainer! Who would even consider allowing that kind of access across the WAN link?
upvoted 0 times
Ruth
1 year ago
Absolutely, it's common sense to prohibit those protocols over the WAN.
upvoted 0 times
...
Jamal
1 year ago
It's a basic security practice to restrict management access like that.
upvoted 0 times
...
Bok
1 year ago
Definitely, allowing remote management over the WAN link is a huge risk.
upvoted 0 times
...
Sage
1 year ago
I agree, option D is a must for security.
upvoted 0 times
...
...
Tori
1 year ago
I also think option A is the most secure choice. It's important to prioritize security in a deployment scenario like this.
upvoted 0 times
...
Johna
1 year ago
I agree with Louisa. Using an encrypted VPN ensures that the communication is secure and protected from potential threats.
upvoted 0 times
...
Louisa
1 year ago
I think option A is the best practice for secure communication between the WLAN controller and remote APs.
upvoted 0 times
...
Britt
1 year ago
I disagree with Hoa. I believe option C is the way to go. Providing RADIUS services at the branch offices will ensure that sensitive authentication credentials are not sent over the internet, which is a major security risk.
upvoted 0 times
...
Hoa
1 year ago
I think option A is the best choice here. Implementing a secure VPN connection between the WLAN controller and each remote AP is crucial to protect the data transmitted over the WAN.
upvoted 0 times
Rosendo
1 year ago
D) Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.
upvoted 0 times
...
Stephaine
1 year ago
C) RADIUS services should be provided at branch offices so that authentication server and supplicant credentials are not sent over the Internet.
upvoted 0 times
...
Deeanna
1 year ago
B) APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID for user accounting purposes.
upvoted 0 times
...
Carman
1 year ago
A) An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.
upvoted 0 times
...
...

Save Cancel