Wireless Networking Guide 2026 — 802.11 Standards, WPA3, Site Surveys, EAP

⚡ Quick overview

Wireless networking uses radio waves to transmit data without physical cables. The IEEE 802.11 standard defines how Wi-Fi works — different versions (802.11a/b/g/n/ac/ax) offer different speeds and frequency bands. WPA3 is the current security standard; WEP and WPA are deprecated and broken. All three CompTIA exams test wireless standards, security protocols, and common wireless attacks.

802.11 wireless standards — the complete reference table

Every 802.11 standard has a maximum theoretical speed, frequency band, and Wi-Fi generation name. The exam tests these details — particularly which standard introduced which frequency band and the generational Wi-Fi names:

Standard	Wi-Fi Name	Frequency	Max Speed	Status
802.11a	Wi-Fi 1	5 GHz	54 Mbps	Legacy
802.11b	Wi-Fi 2	2.4 GHz	11 Mbps	Legacy
802.11g	Wi-Fi 3	2.4 GHz	54 Mbps	Legacy
802.11n	Wi-Fi 4	2.4 GHz / 5 GHz	600 Mbps	Common
802.11ac	Wi-Fi 5	5 GHz	3.5 Gbps	Common
802.11ax	Wi-Fi 6 / 6E	2.4 / 5 / 6 GHz	9.6 Gbps	Current

⚡ 802.11 memory shortcuts

802.11a = first to use 5 GHz (remember: "a" = alone on 5 GHz initially)

802.11b/g = both 2.4 GHz only — most prone to interference (microwaves, Bluetooth)

802.11n = first dual-band standard (2.4 AND 5 GHz) — introduced MIMO

802.11ac = 5 GHz only, much faster — MU-MIMO, beamforming

802.11ax = Wi-Fi 6, adds 6 GHz band (in 6E variant) — most efficient in dense environments

2.4 GHz vs 5 GHz — the key tradeoff

Frequency band comparison

2.4 GHz
  Advantages:   Longer range, better penetration through walls
  Disadvantages: Slower, more interference (microwaves, Bluetooth, neighbours)
  Only 3 non-overlapping channels (1, 6, 11) in 20 MHz width
  Standards: 802.11b, 802.11g, 802.11n

5 GHz
  Advantages:   Faster speeds, less interference, more non-overlapping channels
  Disadvantages: Shorter range, worse wall penetration
  Up to 25 non-overlapping channels
  Standards: 802.11a, 802.11ac, 802.11n (dual-band), 802.11ax

Wireless security protocols — WEP, WPA, WPA2, WPA3

Wireless security protocols encrypt traffic between devices and access points. This progression from WEP to WPA3 is one of the most consistently tested topics across A+, Network+, and Security+:

⚠️ Broken — Never Use

WEP

Wired Equivalent Privacy (1999)

RC4 stream cipher — fundamentally flawed

Can be cracked in minutes with basic tools

Appears on exam as example of weak security

No legitimate use case today

✓ Secure — Widely Deployed

WPA2

Wi-Fi Protected Access 2 (2004)

AES-CCMP encryption — strong

Personal (PSK) and Enterprise (802.1X) modes

Vulnerable to KRACK attack (2017) — patched

Still widely used and acceptable

✓✓ Current Standard

WPA3

Wi-Fi Protected Access 3 (2018)

SAE (Simultaneous Authentication of Equals) replaces PSK handshake

Forward secrecy — past sessions protected if key compromised

192-bit security suite for enterprise

Required on new Wi-Fi 6 certified devices

⚡ WPA2 Personal vs Enterprise

WPA2 Personal (PSK): Everyone uses the same pre-shared key. Simple to set up but if the key is compromised everyone is affected. Used in homes and small offices.

WPA2 Enterprise (802.1X): Each user authenticates with individual credentials via a RADIUS server. More secure and scalable — used in corporate environments. If one user's credentials are compromised, others are not affected.

The exam will ask which is appropriate for a business with 200 employees — always Enterprise/802.1X.

Wireless network components

Component	What it does	Exam note
Access Point (AP)	Connects wireless clients to a wired network — bridges wireless and wired	Unlike a router, a standalone AP only handles wireless — doesn't route traffic
Wireless Router	AP + router + switch in one device — typical home network device	Routes between wireless clients and the internet
SSID	Service Set Identifier — the name of the wireless network	Hiding the SSID is security through obscurity — not effective protection
BSS / ESS	Basic Service Set = single AP. Extended Service Set = multiple APs with same SSID	ESS allows roaming between APs — enterprise Wi-Fi deployments use ESS
MIMO / MU-MIMO	Multiple Input Multiple Output — uses multiple antennas to increase throughput	Introduced in 802.11n. MU-MIMO (multiple users simultaneously) in 802.11ac/ax
Channel	Specific frequency range within a band used for communication	On 2.4 GHz use channels 1, 6, or 11 to avoid overlap with neighbouring APs

Wireless attacks

Attack	How it works	Defence
Evil Twin / Rogue AP	Attacker sets up a fake AP with the same SSID as a legitimate network to intercept traffic	Wireless intrusion detection, certificate-based authentication (802.1X)
Deauthentication Attack	Sends forged deauth frames to disconnect clients — often used to capture WPA handshakes	802.11w (Management Frame Protection), WPA3
WPS Attack	Wi-Fi Protected Setup PIN is only 8 digits — brute-forceable in hours	Disable WPS entirely on all access points
Wardriving	Driving around to discover and map wireless networks using a laptop and antenna	Strong encryption (WPA3), avoid broadcasting SSID (limited protection)
KRACK Attack	Key Reinstallation Attack — exploits WPA2 four-way handshake to reinstall an already-used key	Patched via firmware updates — keep devices updated
Jamming	Flooding the frequency with noise to prevent legitimate wireless communication — denial of service	Difficult to fully prevent — detect with spectrum analyser, change channels

Wi-Fi 6 and Wi-Fi 6E — Network+ Deep Dive

Wi-Fi 6 (802.11ax) introduced several technologies that the Network+ exam specifically tests. Understanding what each technology does — and why — is more important than memorising the acronyms alone.

Technology	What It Does	Benefit
OFDMA	Orthogonal Frequency Division Multiple Access — divides channels into sub-channels (resource units)	Multiple devices transmit simultaneously on one channel — eliminates the "take turns" limitation of older Wi-Fi
MU-MIMO (8×8)	Multi-User MIMO expanded to 8 simultaneous spatial streams (up from 4 in Wi-Fi 5)	AP serves 8 clients simultaneously rather than sequentially
BSS Coloring	Tags each BSS (network) with a colour so devices can distinguish overlapping networks on the same channel	Reduces interference in dense deployments — devices ignore frames from other networks rather than waiting
TWT	Target Wake Time — AP schedules when IoT devices wake up to transmit	Dramatically improves battery life for IoT sensors and mobile devices
WPA3 required	Wi-Fi 6 certification mandates WPA3 support	SAE replaces PSK — resistant to offline dictionary attacks and provides forward secrecy
6 GHz band (Wi-Fi 6E)	Wi-Fi 6E adds the 6 GHz spectrum (5.925–7.125 GHz) — 59 additional 20 MHz channels	Massive capacity in dense environments — stadiums, hospitals, offices. Less congestion than 5 GHz.

⚡ Network+ exam tip — Wi-Fi 6 vs 6E vs Wi-Fi 7: Wi-Fi 6 = 802.11ax (2.4 + 5 GHz). Wi-Fi 6E = 802.11ax with 6 GHz band added. Wi-Fi 7 = 802.11be (adds 320 MHz channels and Multi-Link Operation). The exam tests 802.11ax specifically — know OFDMA and BSS Coloring as the defining features.

Site Surveys — Planning and Validating Wireless Deployments

A wireless site survey is the process of planning, deploying, and validating a wireless network's coverage and performance. Network+ tests all three types — and Security+ tests the security implications of rogue AP detection during surveys.

Survey Type	When Used	What It Involves
Passive Survey	Before deployment — planning phase	Walk the area with a laptop in monitor mode, capturing existing RF signals without transmitting. Maps interference sources and existing networks. No APs required.
Active Survey	During/after deployment — validation	Associates with APs and measures actual throughput, signal strength (RSSI), and SNR at various locations. Requires APs to be installed.
Predictive Survey	Pre-deployment — uses software modelling	Uses floor plan software to model RF propagation based on building materials and AP placement. Produces heat maps without physical walkthrough. Less accurate than active survey.

Key Site Survey Metrics

Metric	Description	Target Value
RSSI	Received Signal Strength Indicator — measures how strong the signal is at the client	-65 dBm or better for good performance; -80 dBm = weak; -90 dBm = unusable
SNR	Signal-to-Noise Ratio — difference between signal strength and background noise floor	25 dB minimum; 40+ dB excellent. Low SNR = interference problem even with good RSSI.
Channel utilisation	Percentage of time the channel is in use	Below 50% — above 80% causes performance degradation
Heat map	Visual representation of signal strength coverage across a floor plan	Tool output — identifies dead zones and areas of overlap between APs

⚡ Network+ exam tip — interference sources: Common sources of 2.4 GHz interference include microwave ovens, baby monitors, Bluetooth devices, and neighbouring Wi-Fi networks. The 5 GHz band has less interference but shorter range. A spectrum analyser identifies RF interference sources that a standard Wi-Fi adapter cannot.

EAP Types — 802.1X Authentication (Security+)

When using WPA2/WPA3 Enterprise, clients authenticate via 802.1X — which uses EAP (Extensible Authentication Protocol) as the authentication framework. Security+ tests the specific EAP types and what makes each one secure or insecure.

EAP Type	Authentication Method	Security Level	Exam Note
EAP-TLS	Mutual certificate-based — both client AND server present certificates	Strongest	Most secure but requires PKI infrastructure to issue client certs — high overhead
PEAP	Protected EAP — server cert only, client uses username/password inside TLS tunnel	Strong	Most common in enterprises — no client certs needed. Uses MSCHAPv2 inside the tunnel.
EAP-TTLS	Tunnelled TLS — server cert only, supports any inner auth method inside tunnel	Strong	More flexible than PEAP — can use PAP or CHAP inside tunnel. Common on Linux clients.
EAP-FAST	Flexible Authentication via Secure Tunnelling — uses Protected Access Credentials (PACs)	Moderate	Cisco proprietary — designed for environments where PKI is impractical
LEAP	Lightweight EAP — early Cisco proprietary, username/password only	Weak — deprecated	Vulnerable to offline dictionary attacks — replaced by EAP-FAST. Do not use.

802.1X flow — how it works: Client (Supplicant) → Switch/AP (Authenticator) → RADIUS Server (Authentication Server). The switch/AP passes EAP messages between the client and the RADIUS server. The client is in an unauthorised state until RADIUS approves — only EAPOL frames pass through. Once authenticated, the port opens for normal traffic.

Channel Bonding and Antenna Types

Channel Bonding

Channel bonding combines adjacent channels to increase bandwidth. A standard channel is 20 MHz wide. Bonding doubles or quadruples that width for higher throughput — at the cost of using more spectrum and increasing potential interference.

Width	Channels Bonded	Use Case	Tradeoff
20 MHz	1 channel	Dense deployments, 2.4 GHz	Lower throughput, less interference
40 MHz	2 bonded	802.11n, moderate density	2× throughput; only 1 non-overlapping channel on 2.4 GHz — avoid bonding on 2.4 GHz
80 MHz	4 bonded	802.11ac, good for 5 GHz	High throughput; uses significant spectrum
160 MHz	8 bonded	802.11ax/Wi-Fi 6, 6 GHz band	Maximum throughput — only practical on 6 GHz where spectrum is available

Antenna Types

Antenna Type	Pattern	Best Use Case
Omnidirectional	360° horizontal radiation — broadcasts in all directions equally	General office/home coverage — most common AP antenna
Directional (Yagi)	Focused beam in one direction — high gain, narrow pattern	Point-to-point links between buildings — long distance, targeted coverage
Directional (Patch)	Flat panel, forward-focused	Corridors, warehouses — covers a specific area without radiating behind
Parabolic dish	Very high gain, extremely narrow beam	Long-distance point-to-point links — miles between sites

Wireless Troubleshooting Methodology

Network+ and Security+ both include wireless troubleshooting scenarios. The methodology follows a logical pattern — identify symptoms, isolate the layer, and test fixes in order.

Wireless Troubleshooting Flow

1

Check signal strength (RSSI)
Poor RSSI → move closer to AP, check for physical obstructions (concrete, metal). Below -75 dBm = connection quality issues.

2

Check for interference (SNR)
Low SNR despite good RSSI → RF interference. Check channel utilisation, scan for competing networks, look for microwave/Bluetooth sources.

3

Verify correct SSID and security settings
Client connecting to wrong SSID or wrong security type (WPA2 vs WPA3) will fail authentication — check client settings match AP config.

4

Check IP address assignment
Associated but no internet → run ipconfig/ip addr. APIPA address (169.254.x.x) = DHCP failure. Check DHCP scope and lease availability.

5

Check AP channel and overlap
Slow speeds in specific areas → co-channel interference. Use site survey tool to check channel utilisation and adjust AP channel assignments to 1, 6, or 11 (2.4 GHz) or non-overlapping 5 GHz channels.

Exam scenarios

💬 "Which 802.11 standard operates on the 5 GHz band and offers speeds up to 3.5 Gbps?" → 802.11ac (Wi-Fi 5)

💬 "A company needs wireless security where each employee logs in with individual credentials. What should they implement?" → WPA2 Enterprise with 802.1X / RADIUS

💬 "Which wireless security protocol is considered broken and should never be used?" → WEP

💬 "A user connects to what appears to be the corporate Wi-Fi but their credentials are being captured. What type of attack is this?" → Evil Twin / Rogue AP

💬 "Which 802.11 standard was the first to support both 2.4 GHz and 5 GHz?" → 802.11n (Wi-Fi 4)

💬 "An organisation wants to allow employees to roam between multiple access points without reconnecting. What should they configure?" → ESS (Extended Service Set) with the same SSID

💬 "Which wireless feature should be disabled because its 8-digit PIN can be brute-forced?" → WPS (Wi-Fi Protected Setup)

💬 "A 2.4 GHz network is experiencing interference from a neighbouring network. Which channels avoid overlap?" → Channels 1, 6, and 11

💬 "Which WPA3 feature protects previously recorded traffic if the encryption key is later compromised?" → Forward secrecy (via SAE)

💬 "An attacker sends forged frames to disconnect wireless clients from an AP. What attack is this?" → Deauthentication attack

💬 "A network engineer needs to plan AP placement before installation. Which type of site survey uses software modelling rather than physical walkthrough?" → Predictive survey

💬 "After deploying APs, a technician walks the building measuring actual signal strength and throughput. What type of survey is this?" → Active survey

💬 "A wireless network requires each user to authenticate with a digital certificate — both the client and server present certificates. Which EAP type is this?" → EAP-TLS

💬 "An enterprise needs 802.1X authentication but cannot deploy client certificates. Which EAP type uses only a server certificate with username/password inside a TLS tunnel?" → PEAP

💬 "Wi-Fi 6 introduces which technology that allows multiple devices to transmit on the same channel simultaneously by dividing it into sub-channels?" → OFDMA

💬 "Users in a dense office environment report that despite strong signal, Wi-Fi performance is poor. The same channel is used by three nearby networks. What is the likely cause and solution?" → Co-channel interference — change AP channels so nearby networks use non-overlapping channels (1, 6, 11 on 2.4 GHz)

💬 "Which wireless antenna type is most appropriate for a point-to-point link between two buildings 500 metres apart?" → Directional antenna (Yagi or parabolic dish)

💬 "A device connects to Wi-Fi successfully but receives a 169.254.x.x address. What is the problem?" → DHCP failure — the device fell back to APIPA. Check DHCP server availability and scope lease pool.

Studying for Network+ or Security+?

The study guides, practice exams, and free courses worth your time for both certifications.

See Study Resources →

Wireless Networking Explained