Wireless Networking and Security

Question 1

While reviewing wireless router logs, you notice wireless network usage by unfamiliar systems. How can you control which systems connect to your wireless network?

Disable DHCP.

Change the wireless router admin password.

Enable MAC address filtering.

Answer 1

Enable MAC address filtering.

MAC addresses are unique 48-bit hexadecimal identifiers for network cards. You can configure a list of allowed and blocked MAC addresses on your wireless router to limit which devices can connect

Question 2

Enabling WPA on a WLAN provides what? (Choose two.)

Confidentiality

Integrity

Availability

Authorization

Answer 2

Confidentiality

Integrity

Wi-Fi Protected Access (WPA) encrypts packets on a wireless network to prevent unauthorized viewing of data (confidentiality), and it verifies that received data has not been tampered with (integrity)

Question 3

In addition to encrypting wireless traffic, you configure your wireless router to require connecting users to authenticate against a RADIUS server. What type of security have you configured?

WEP

WPA2 Personal

WPA2 Enterprise

Answer 3

WPA2 Enterprise

Wi-Fi Protected Access version 2 (WPA2) Enterprise uses an authentication server to control access to a wireless network

Question 4

You decide to capture network traffic with a sniffer while connected to a busy public Wi-Fi hotspot. After several minutes, you realize you can see only your own network traffic in addition to broadcasts and multicasts. Why can you not see anybody else’s wireless network traffic?

The SSID is not broadcasting.

MAC filtering is enabled.

Isolation mode is enabled.

Answer 4

Isolation mode is enabled.

Wireless isolation mode prevents wireless clients on the same wireless LAN (WLAN) from seeing one another

Question 5

A curious IT professional drives through an industrial park late at night while scanning for unsecured wireless networks with a PDA. What is this called?

Network scanning

War driving

War dialing

Answer 5

War driving

War driving entails searching for wireless networks, often from within a moving vehicle

Question 6

To which of the following security concerns does EAP apply?

Virus scanning

Hard disk encryption

Network authentication

Answer 6

Network authentication

Extensible Authentication Protocol (EAP) is a connecting device network authentication framework supporting methods such as PKI certificates, smartcards, and passwords. Wireless networks that support WPA or WPA2 commonly provide multiple EAP options to choose from for RADIUS authentication of connecting clients. It has several variants, such as a lightweight variant named EAP-FAST and EAP-TLS, which uses the TLS standard. EAP-TTLS doesn’t require the client to be authenticated with a signed PKI certificate, and PEAP encapsulates the EAP connection in an encrypted and authenticated tunnel

Question 7

Which mechanism requires only a server-side PKI certificate to encrypt user authentication traffic?

EAP

PEAP

LEAP

Answer 7

PEAP

Protected Extensible Authentication Protocol (PEAP) creates a secure channel for user authentication using a server-side PKI certificate initially; then a symmetric session key is used for the remainder of the session

Question 8

You are configuring access to a wireless LAN on a Windows 8.1 laptop. When you list available wireless networks, you notice multiple listings of Hidden Network. What wireless router option is in use for these hidden networks?

Disable SSID broadcast

MAC address filtering

WEP

Answer 8

Disable SSID broadcast

Disabling the station set identifier (SSID) suppresses the wireless network name in beacon packets. When scanning for wireless networks, some tools will not display these networks, but Windows 8.1 displays them as Hidden Network

Question 9

Which wireless encryption protocol uses counter mode to make pattern detection difficult?

CCMP

CHAP

WEP

Answer 9

CCMP

Counter Mode CBC Message Authentication Protocol (CCMP) is a WPA2 standard that uses an AES block cipher with counter mode. Counter mode makes pattern detection difficult, thus making this a strong protocol

Question 10

You are conducting a wireless site survey at a client site. The client expresses a desire to keep wireless transmissions secure. There is a single 802.11n wireless router with an omnidirectional antenna in the server room at one end of the building. WPA2 Enterprise and MAC filtering have been configured. What additional security issue should you address?

WPA2 Personal should be used.

MAC filtering is useless; MAC addresses are easily spoofed.

Move the wireless router to the center of the building.

Answer 10

Move the wireless router to the center of the building.

Omnidirectional antennae radiate radio signals in all directions, so a wireless router at one end of a building would allow connectivity from outside the building. Placing the wireless router in the center of the building would allow optimal wireless connectivity from within the building while minimizing radiation outside of the building

Question 11

What can be done to secure a wireless network?

Decrease power transmission level to cover only the intended area.

Use a wireless encryption standard such as 802.3.

Change the DHCP-supplied default gateway address.

Answer 11

Decrease power transmission level to cover only the intended area.

Wireless routers can be configured with a transmit power level (measured in milliwatts). Increasing this value can, to a point, provide better wireless access to clients. Decreasing this value reduces the wireless coverage area, for example, to include a property only where legitimate access is required

Question 12

A Windows user in your company issues the following command on their company wireless laptop: netsh wlan set hosted network mode=allow ssid=AcmeWLAN key=password. What best describes the security problem created by this user?

The user has administrative rights in Windows.

The key is not complex enough.

The user has created a rogue access point.

Answer 12

The user has created a rogue access point.

A rogue access point is either a software or hardware wireless access point that can allow unauthorized wireless access to a secure network, or it can pose as a valid access point. In this case, a Windows 7 computer with a wireless card will advertise itself as a wireless network named AcmeWLAN

Question 13

You are the wireless network administrator. Users report unstable wireless 802.11g network connectivity. After careful examination, you realize 2.4 GHz wireless phones and Bluetooth devices are interfering with the Wi-Fi signal. Which choice offers the best solution?

Replace the 802.11g network with 802.11n.

Purchase a high-gain antenna for your wireless router.

Change the Wi-Fi channel used by your wireless router.

Answer 13

Change the Wi-Fi channel used by your wireless router.

The Wi-Fi 2.4 GHz range is divided into smaller bands (channels) that slightly overlap. If the wireless router is set to use channel 6 and other devices are interfering with it, select a channel furthest away from 6, perhaps channel 1 or 11

Question 14

A hacker configures a rogue access point to appear as a legitimate Wi-Fi hotspot. Which term best describes this configuration?

Evil twin

Bad rogue

War driving

Answer 14

Evil twin

Evil twin is the term used to describe the situation in the question. This is a security risk because users are tricked into connecting to what appears to be a legitimate wireless network when in fact all the network traffic can be controlled and redirected by a malicious user

Question 15

Which of the following refers to unsolicited messages sent to nearby Bluetooth devices?

Bluespamming

Bluejacking

Bluehacking

Answer 15

Bluehacking

Bluejacking refers to a Bluetooth user sending an anonymous message to another Bluetooth device such as a cell phone (assuming Bluetooth is enabled). Bluetooth is a short-range (10 meters) wireless technology running in the 2.4 GHz range

Question 16

Which of the following refers to unauthorized data access of a Bluetooth device over a Bluetooth wireless network?

Bluejacking

Bluesnarfing

Packet sniffing

Answer 16

Bluesnarfing

Bluesnarfing is the act of connecting to and accessing data from a device over a Bluetooth wireless connection. It is considered much more invasive than packet sniffing or port scanning

Question 17

You are working at a client site to solve wireless performance issues. In doing so, you notice WEP is configured on the client’s wireless routers. What type of attack might this network be susceptible to?

DDoS

IV attack

ARP poisoning

Answer 17

IV attack

Initialization vector (IV) attacks are specific to Wired Equivalent Privacy (WEP). The clear-text dynamic IV and static WEP key are included in each packet. Since the IV is a 24-bit value, there are only 16,777,216 (224) possibilities that can be used with a WEP key. Given enough network traffic, an attacker can eventually derive the WEP key using freely available tools

Question 18

How can you control whether all wireless devices will see your WLAN name?

Disable SSID broadcasting.

Block packet sniffing.

Reduce transmission power level.

Answer 18

Disable SSID broadcasting.

Disabling station set identifier (SSID) broadcasting results in clients not seeing the wireless network name when they are within range. Newer operating systems will detect a wireless network, but the name will not be displayed

Question 19

Which of the following items could interfere with an 802.11g wireless network?

Remote garage door opener

Microwave oven

Television infrared remote

Answer 19

Microwave oven

Any wireless devices using the 2.4 GHz range, such as a microwave oven, could potentially interfere with an 802.11g Wi-Fi network

Question 20

In securing a wireless network, you decide to enable EAP-TLS to authorize wireless client access to the wireless LAN. What should you do next?

Install a public key certificate on the client and a smartcard on the server.

Install a smartcard on the client and a public key certificate on the server.

Install MS-CHAP on the client and a public key certificate on the server.

Answer 20

Install a smartcard on the client and a public key certificate on the server.

Extensible Authentication Protocol – Transport Layer Security (EAP-TLS) uses public key cryptography to control network access. Cryptographic keys can be stored on smartcards. Smartcards are not used on servers; they are used on client stations, normally with a PIN, to authenticate to a server that has been configured with a public key certificate

Question 21

TKIP is used primarily by which wireless standard?

802.11n

WEP

WPA

Answer 21

WPA

Temporal Key Integrity Protocol (TKIP) is used by Wi-Fi Protected Access (WPA) for encryption and supersedes Wired Equivalent Privacy (WEP)

Question 22

You are a Wi-Fi IT specialist. Users report that the new 802.11g network is not running at the advertised 54 Mbps. What should you tell your wireless users?

802.11g runs at 11 Mbps.

Wireless encryption will be disabled to increase bandwidth.

Wi-Fi bandwidth is shared by all users connected to the same wireless network.

Answer 22

Wi-Fi bandwidth is shared by all users connected to the same wireless network.

Like a hub, wireless clients share the network bandwidth on a wireless network, so the more wireless clients connected to the same network, the less bandwidth available per client

Question 23

Which standard requires stations to authenticate prior to gaining network access?

802. 11a
803. 11b
804. 1x

Answer 23

802.1x

The IEEE 802.1x standard defines port-based authentication (including wireless) prior to allowing client network access

Question 24

You are securing your Wi-Fi network infrastructure. You configure network-monitoring software with a list of valid wireless access point MACs allowed on the network. What type of threat will this enable you to detect?

Rogue access points

War driving

Bluesnarfing

Answer 24

Rogue access points

Unauthorized (rogue) wireless access points can either allow malicious wireless users unauthorized access to a wired network or fool unsuspecting users to make a connection to what appears to be a legitimate wireless network. There are many methods of detecting rogue access points; in this example the Basic Service Set Identifier (BSSID), or MAC address, of the access point is compared against a list of allowed BSSIDs

Question 25

You are configuring a wireless network for your home office. Which options are applicable to a home network? (Choose two.)

WPA2 PSK

WPA2 Enterprise

EAP-TLS

WPA PSK

Answer 25

WPA2 PSK

WPA PSK

Wi-Fi Protected Access (WPA) and WPA2 pre-shared key (PSK) are for home use. They both require that the same passphrase be configured on the wireless router and connecting wireless clients

Question 26

A traveling user calls the help desk regarding her wireless connectivity problem. When she attempts to connect to a visible wireless network at full strength, it eventually times out with no further messages. What is the problem?

The user does not have the WPA2 PSK configured on her station.

MAC address filtering is blocking her wireless network card.

She must enter the SSID.

Answer 26

MAC address filtering is blocking her wireless network card.

MAC address filtering will prevent connections from unauthorized wireless clients

Question 27

You are enjoying a cup of coffee at the local coffee shop when all of a sudden your cell phone displays an anonymous message complimenting you on your Hawaiian shirt. What are you a victim of?

Bluetoothing

Bluesnarfing

Bluejacking

Answer 27

Bluejacking

Sending messages to users who did not ask for the message over a Bluetooth network is referred to as bluejacking

Question 28

You are the owner of Stacey’s Coffee Spot, a coffee shop providing customers with international coffee flavors in a relaxing environment. To collect payment, you would like to implement a technology whereby your clients can simply wave their smart phone a few centimeters from a payment terminal. Which of the following should you employ?

MIMO

NFC

Channel bonding

Answer 28

NFC

Near Field Communication (NFC) is a wireless technology whereby smart phone users with a specific app installed can transmit information (such as banking or credit card information) to another device in close proximity

Question 29

Which of the following statements regarding replay attacks is true?

They are applicable only to WEP-configured wireless networks.

They can be prevented by disabling SSID broadcasting.

They are conducted by capturing and resending wireless network traffic.

Answer 29

They are conducted by capturing and resending wireless network traffic.

Attackers can capture and resend wireless network traffic to an access point with the intent of cracking wireless encryption, using the appropriate cracking tools

Question 30

You are configuring a new wireless router and notice a PIN on the back of the wireless router. What is the purpose of the PIN?

It allows home users to secure a wireless network easily.

It is a Bluetooth pairing code.

It is the WEP key.

Answer 30

It allows home users to secure a wireless network easily.

The Wi-Fi Protected Setup (WPS) standard was designed to enable home users to secure and connect to a wireless network easily, but it has since been found to be crackable

Question 31

Co-workers complain that they are unable to connect to the wireless network at the office, and you notice that there is a lot of wireless interference. What attack is taking place?

WPS attack

Jamming attack

RFID

Answer 31

Jamming attack

A jamming attack involves an attacker creating enough interference that legitimate clients cannot communicate with the access point

Question 32

Your boss approaches you about implementing a wireless solution where the antennae and controllers are separated for easy upgradability. What attributes are you looking for in an access point to meet these requirements? (Choose two.)

Thin

Fat

Controller-based

Standalone

Answer 32

Thin

Controller-based

A thin and controller-based wireless solution separates the antennae from the controllers, which allows them to be upgraded separately

Question 33

Research users in your organization required access to web applications in a partner organization’s private network. Your organization is currently configured as a trusted authentication provider for both companies. Verification of user credentials should not be conducted by edge devices. What should be configured?

WPA2

RADIUS federation

Active Directory

Answer 33

RADIUS federation

RADIUS federation uses centralized authentication (not performed by edge network devices). Edge devices such as VPN appliances forward user authentication requests to the central RADIUS server. The RADIUS server is configured to trust security tokens issued by the identity provider in the other organization