In wireless environments connected to the cardholder data environment, what must be changed at installation?

When wireless devices connect to the cardholder data environment, you must replace every vendor default during installation. Default credentials and keys are widely published and easily exploited, so changing all of them—encryption keys, passwords, and SNMP community strings—creates unique, strong values for each device and removes easy entry points. This comprehensive hardening reduces the risk of unauthorized access, credential theft, or remote tampering that could lead to access to the cardholder data environment. If only one item is changed, such as just the Wi‑Fi password or just the SSID, other defaults remain and can still be exploited, undermining the security you’re trying to establish. Establishing a secure baseline by changing all defaults is essential for protecting wireless components in the environment.