What is WLAN security (WPA2 vs WPA3)?
Why Interviewers Ask This
Candidates at the intermediate level are expected to not only know this concept but explain the trade-offs involved. Interviewers use this question to see if you can reason about design decisions, not just recall facts.
Answer
WPA2 (Wi-Fi Protected Access 2) has been the standard wireless security protocol since 2004. WPA2-Personal uses a Pre-Shared Key (PSK) — everyone uses the same password; WPA2-Enterprise uses 802.1X with a RADIUS server for individual user authentication. WPA2-AES (CCMP) is secure; WPA2-TKIP is deprecated and weak. Major WPA2 vulnerability: KRACK (Key Reinstallation Attack) — allows decryption of traffic through manipulation of the 4-way handshake. WPA3 (2018) addresses WPA2 weaknesses: SAE (Simultaneous Authentication of Equals) replaces PSK — uses Dragonfly key exchange, making offline dictionary attacks against captured handshakes impossible. Forward secrecy — even if the password is later compromised, past sessions cannot be decrypted. OWE (Opportunistic Wireless Encryption) for open networks (encrypts without passwords). WPA3-Enterprise uses 192-bit cryptographic strength. Transition mode allows WPA2 and WPA3 devices to coexist. Enable WPA3 where supported; never use WEP or WPA.
Pro Tip
Back up your answer with a specific project or situation. Saying 'In my last Networking project, I used this when...' immediately makes your answer more credible and memorable.
Previous
What is Link Aggregation (LAG/LACP)?
Next
What is DNS over HTTPS (DoH) and DNS over TLS (DoT)?