Certified Incident Handler (CIH) Practice Ecam

Which practice helps incident responders secure the wireless networks and devices in an organization?

• A. Set up a RADIUS server for WLAN authentication
• B. Implement a centralized logging system
• C. Use open Wi-Fi networks for guest access
• D. Regularly rotate encryption keys

The correct answer is: Set up a RADIUS server for WLAN authentication

Setting up a RADIUS server for WLAN authentication is an effective practice for securing wireless networks and devices within an organization. RADIUS, which stands for Remote Authentication Dial-In User Service, provides a centralized way to manage authentication and authorization for users accessing the wireless network. By ensuring that only authorized users can connect to the WLAN, this practice helps to create a more secure networking environment. A RADIUS server enhances security in several ways: 1. **Strong Authentication**: It facilitates stronger authentication mechanisms such as EAP (Extensible Authentication Protocol), allowing the use of certificates or other secure methods to verify user identities. 2. **Accountability**: Centralized logging of authentication requests helps in tracking who connected to the network and when. This is crucial for incident response activities and for auditing purposes. 3. **Enforcement of Policies**: RADIUS can enforce access policies (such as role-based access) to ensure that devices and users are granted only the permissions they need. 4. **Dynamic Access Control**: It allows for the implementation of dynamic VLAN assignment, which can segregate data traffic and enhance network security. The other options mentioned do not directly contribute to securing wireless networks in the same manner. A centralized logging system, while important for tracking incidents,