What must be maintained for wireless infrastructure to comply with the policy?

• A. An inventory of authorized wireless access points is recommended.
• B. A record of all network devices without regard to authorization.
• C. Only a list of SSIDs is required.
• D. An inventory of authorized wireless access points including a documented business justification.

Answer: (D)

Maintaining an up-to-date inventory of authorized wireless access points along with a documented business justification for each one ensures that every AP has a legitimate purpose and is approved through formal governance. This creates clear accountability, supports change control, and makes it easier to spot rogue or misconfigured devices that could expose the network to risk. Without the justification, you can’t easily verify that each device serves a valid business need, and without distinguishing authorized from unauthorized, you lose visibility and control. A mere list of SSIDs or a record of all devices without authorization provides insufficient governance and could obscure unreconciled or risky deployments.