A rogue AP was found plugged in and providing Internet access to employees in the break room. Which of the following would be BEST to use to stop this from happening without physically removing the WAP?
Option B, Port security, would be the best option to use to stop the rogue AP in this scenario. Port security is a feature that can be used to limit the number of devices that can be connected to a switchport. By configuring port security on the switchport to which the rogue AP is connected, the network administrator can ensure that only authorized devices are able to connect to the network and receive an IP address. This would prevent unauthorized devices, such as the rogue AP, from providing Internet access to employees in the break room.
C. Wireless client isolation
Wireless client isolation is a security feature that isolates clients connected to an access point (AP) from each other, preventing them from communicating directly with each other over the wireless network. By enabling this feature on the AP, the network administrator can prevent rogue APs from providing Internet access to unauthorized clients, such as employees in the break room.
Wireless client isolation is not the appropriate solution in my opinion as it is the WAP (plugged into the network) that you want to isolate and not the clients. So, the most appropriate would be option B, Port Security.
If I have a rogue AP providing Internet services Port Security on your switch is not going to help you. I could be in an adjacent office connected to my own switch with Internet services.
Tried to test it in Packet Tracer, the port security works as intended. If you set max mac-addresses to 1 and don't use sticky. Port will remain available for use (as it should be as we are not supposed to disable it) but it will allow only 1 device at a time
The answer here will be port security because it, quite literally, prevents someone from plugging something in to create an AP.
The client isolation would be on the router- and would stop your router from being breached via lateral movement, etc - but it would not prevent the scenario.
"A rogue AP was found plugged in" "Which of the following would be BEST to use to stop this from happening without physically removing the WAP?"
Answer for sure is B port security
Enabling wireless client isolation only protects the Internal network (Intranet). Port security would allow you to block external & internal network accesses, but would affect every client on the network lest you were to use a whitelisting protocol authentication service like RADIUS, this change would take time to implement however.
GPT selects:
"The BEST option to stop a rogue Access Point from providing unauthorized Internet access without physically removing the Wireless Access Point would be (C) Wireless client isolation.
Wireless client isolation, also known as wireless isolation or client isolation, is a security feature that prevents wireless devices connected to the same network from communicating directly with each other. This means that devices connected to the same Wi-Fi network cannot interact with or access each other. By enabling wireless client isolation, you can effectively isolate the rogue Access Point from the rest of the network, preventing it from providing unauthorized Internet access to employees."
Correct answer is Port Security; this would prevent the rogue AP from communicating on the network, rendering it useless. IMPORTANT: Wireless Client Isolation would NOT prevent connection, it would only prevent communication to other devices within the network. Port Security prevents the AP from being usable at all and is the better answer
Chatgpt says C, Wireless Client Isolation. I asked it if it was sure the answer is not B, Port Security and got this:
"Port security is a feature that allows network administrators to restrict access to an Ethernet port based on the MAC address of the device connecting to it. While port security can help prevent unauthorized access to the network, it is not the best solution in this scenario. This is because the rogue access point is most likely connected to a switch port that is authorized for use, and as such, port security would not be able to prevent it from providing Internet access to employees.
Wireless client isolation, on the other hand, is a feature that prevents direct communication between wireless devices on the same access point, and can be used to prevent unauthorized access to other devices on the network. This is a more appropriate solution, as it can help prevent the rogue access point from communicating with other devices on the network, even if it is still present."
This section is not available anymore. Please use the main Exam Page.N10-008 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
StevenElev11n
Highly Voted 2 years, 2 months agoJakeCharles
Highly Voted 2 years, 3 months agoAnonymouse1312
1 year, 3 months agoOlazino
1 year, 3 months agoif47276
10 months, 1 week agozuzuonyi
1 year, 7 months agoveggietron9000
Most Recent 8 months, 3 weeks ago33cdd9f
1 year agoineedcarinsurance
11 months, 3 weeks agoK1lroy
1 year agobob_bobbins
1 year, 3 months agocomeragh
1 year, 4 months ago[Removed]
1 year, 4 months agoMehsotopes
1 year, 5 months agoBaloyitum
1 year, 8 months agoBaloyitum
1 year, 8 months agoMitchF
1 year, 8 months agobenejamin
1 year, 9 months agofamco
2 years agoMitchF
1 year, 8 months agoGustitute
2 years agoSebatian20
1 year, 9 months agorabarbar1
2 years ago1stAid
2 years, 1 month ago