What must assessors confirm about wireless access according to CMMC practice AC.L2-3.1.17?

The correct answer, focusing on the requirements set by CMMC practice AC.L2-3.1.17, emphasizes that wireless access must indeed be protected by authentication and encryption. This requirement is crucial for safeguarding sensitive data and ensuring that only authorized users can connect to the network.

Authentication serves to verify the identity of users before granting them access, while encryption ensures that data transmitted over the wireless network remains secure and confidential, protecting it from interception by unauthorized parties. Together, these measures help mitigate common risks associated with wireless networks, such as eavesdropping and unauthorized access.

In contrast, the other options do not align with the security requirements outlined by CMMC. Without security measures, wireless access could lead to significant vulnerabilities. Unlimited access for all users would compromise the principle of least privilege and could allow unauthorized entities access to sensitive information. Similarly, the idea of freely sharing wireless access undermines the need for controlled and secure connections. Each of these points highlights the essential nature of authentication and encryption in maintaining the integrity and security of wireless communications.