The primary risk of using a wireless network with open authentication is that data is transmitted "in the clear," making it susceptible to interception by malicious actors on the same network. A Virtual Private Network (VPN) mitigates this risk by creating an encrypted tunnel between the specialist's device and a trusted remote server. All network traffic, including sensitive company data, is routed through this secure tunnel. This ensures the confidentiality and integrity of the data, even though the underlying Wi-Fi network is insecure. This is the most direct and effective first action to protect data in transit.

A. Manually configuring an IP address, a subnet mask, and a default gateway only changes how the device is addressed on the network; it provides no encryption or security for the data itself.

C. In Windows, changing the network location to "private" makes the device more discoverable and relaxes firewall rules, which is intended for trusted home or office networks, not insecure public ones.

D. Multi-Factor Authentication (MFA) is an identity and access management control that secures the authentication process. It does not encrypt the data transmitted over the network after a user has logged in.

---

1. National Institute of Standards and Technology (NIST) Special Publication 800-46 Revision 2

Guide to Enterprise Telework

Remote Access

and Bring Your Own Device (BYOD) Security. Section 3.2.2

"Protecting Confidentiality and Integrity

" states

"Organizations should protect the confidentiality and integrity of telework communications... Virtual private networks (VPNs) are the typical solution used to provide confidentiality for communications." This document establishes VPNs as the standard for securing communications over untrusted networks.

2. Carnegie Mellon University

Information Security Office

Public Wireless Security. This university resource advises

"Use a Virtual Private Network (VPN) client. A VPN client encrypts the traffic between your computer and the university's network... When using a public wireless network

a VPN is the most important step you can take to protect your data." This directly supports using a VPN as the primary security measure on an insecure network.

3. Microsoft Corporation

Official Windows Support Documentation. In the article "Make a Wi-Fi network public or private in Windows

" Microsoft explains the network profiles. The "Public" profile is recommended for networks in public places (like coffee shops or airports)

as it hides the computer from other devices on the network and blocks certain apps. The "Private" profile is for trusted networks. This confirms that changing the location to "private" (Option C) would be the incorrect security choice.