Which of the following should the specialist do FIRST to protect the company’s data?

An implementation specialist is replacing a legacy system at a vendor site that has only one wireless network available. When the specialist connects to Wi-Fi. the specialist realizes the insecure network has open authentication. The technician needs to secure the vendor’s sensitive data.

Which of the following should the specialist do FIRST to protect the company’s data?

A. Manually configure an IP address, a subnet mask, and a default gateway.

B. Connect to the vendor’s network using a VPN.

C. Change the network location to private.

D. Configure MFA on the network.

View Answer

Answer: B

Explanation:

The first thing that the specialist should do to protect the company’s data on an insecure network with open authentication is to connect to the vendor’s network using a VPN. A VPN stands for Virtual Private Network and is a technology that creates a secure and encrypted connection over a public or untrusted network. A VPN can protect the company’s data by preventing eavesdropping, interception or modification of the network traffic by unauthorized parties. A VPN can also provide access to the company’s internal network and resources remotely. Manually configuring an IP address, a subnet mask and a default gateway may not be necessary or possible if the vendor’s network uses DHCP to assign network configuration parameters automatically. Manually configuring an IP address, a subnet mask and a default gateway does not protect the company’s data from network attacks or threats. Changing the network location to private may not be advisable or effective if the vendor’s network is a public or untrusted network. Changing the network location to private does not protect the company’s data from network attacks or threats. Configuring MFA on the network may not be feasible or sufficient if the vendor’s network has open authentication and does not support or require MFA. Configuring MFA on the network does not protect the company’s data from network attacks or threats.

References: CompTIA A+ Core 2 (220-1002) Certification Exam Objectives Version 4.0, Domain 3.3