After completing the installation of a new overlay WIPS for the purpose of rogue detection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify security threats?
A.
Authorized PEAP usernames must be added to the WIPS server’s user database.
B.
WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.
C.
Separate security profiles must be defined for network operation in different regulatory domains
D.
Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements are being met.
After deploying a WIPS, an essential baseline activity is to classify all detected devices in the RF environment. These classifications allow the system to enforce security policies and detect policy violations. Classifications include:
Authorized (managed devices)
Rogue (unauthorized, possibly dangerous)
Neighbor (not part of your network but legitimate)
External or Ad hoc devices
Without this initial classification, WIPS cannot properly assess threats or trigger alarms.
[References:, , CWSP-208 Study Guide, Chapter 7 – WIPS Classification and Threat Management, , CWNP CWSP-208 Objectives: “Device Classification and Policy Enforcement”, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit