Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?
A.
Configure logging on each access point
B.
Install a firewall software on each wireless access point.
C.
Provide IP and MAC address
D.
Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
IP and MAC addresses associated with network activity provide crucial identifiers for tracing a user's activity. This is especially helpful for law enforcement when investigating illegal activities.
Why IP and MAC Address Are Critical:
IP Address: Helps identify network traffic origin during a specific time frame.
MAC Address: Provides device-specific identification.
Why Not Other Options:
A. Configure logging on each access point: While useful, it does not directly assist without extracting IP and MAC addresses.
B. Install firewall software: Does not help track user activity retroactively.
D. Disable SSID broadcast and enable MAC filtering: Prevents unauthorized access but doesn’t support investigations.
EC-Council CISO Alignment:
Proper logging and identification practices ensure legal compliance and effective support during investigations.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit