Question

You are configuring Layer 2 security on a WLAN by using the WLC GUI. You select WPA+WPA2 from the Layer 2 Security drop-down list box. You want to minimize the amount of time it takes an 802.1X client to roam between access points. Which of the following WPA2 key management methods should you select the "Auth Key Mgmt" drop-down list box?

a. CCKM
b. 802.1X + CCKM
c. PSK
d. 802.1X

Answer 1

To minimize roaming time between access points for 802.1X clients in WPA+WPA2 Layer 2 WLAN security configuration, Cisco Centralized Key Management (CCKM) should be selected from the Auth Key Mgmt options.

Step-by-step explanation:

When configuring Layer 2 security on a WLAN using the WLC GUI and selecting WPA+WPA2 for the security protocol, the goal is to choose a key management method that facilitates fast roaming for 802.1X clients. To minimize roaming time between access points for 802.1X clients in WPA+WPA2 Layer 2 WLAN security configuration, Cisco Centralized Key Management (CCKM) should be selected from the Auth Key Mgmt options.

To minimize the amount of time it takes an 802.1X client to roam between access points, the recommended option to select from the Auth Key Mgmt drop-down list is CCKM (Cisco Centralized Key Management). CCKM leverages a fast re-authentication mechanism to enable quicker handoffs between access points, thus improving roaming performance for clients.