Free Preparation Discussions
MENU
Cyber AB CMMC-CCA Exam - Topic 1 Question 13 Discussion
Topic #: 1
While conducting a CMMC Level 2 gap analysis with a large defense contractor, a CMMC RP confirms that the organization uses a RADIUS server for authentication. What additional method could be used to comply with AC.L2-3.1.17: Wireless Access Protection?
Applicable Requirement: AC.L2-3.1.17 --- ''Authorize wireless access prior to allowing such connections.''
Correct Interpretation: Strong authentication and encryption methods (e.g., WPA2-Enterprise, WPA3-Enterprise) are required to protect wireless communications and enforce authorization.
Why C is Correct: WPA2-Enterprise uses 802.1X authentication (often with RADIUS), ensuring that only authorized users/devices can connect. This directly supports AC.L2-3.1.17.
Why Other Options Are Insufficient:
A (Layer 3 switch): Network hardware but not specifically a wireless access control mechanism.
B (IDS): Detects intrusions but does not prevent or authorize wireless access.
D (Frequency-hopping): Obsolete method, not aligned with modern encryption/authentication requirements.
Reference (CCA Official Sources):
NIST SP 800-171 Rev. 2 --- AC.L2-3.1.17
NIST SP 800-171A --- AC.L2-3.1.17 Assessment Objectives
CMMC Assessment Guide -- Level 2, AC.L2-3.1.17
===========
Christa
17 days agoMaddie
22 days agoGerald
27 days ago