Ch4

Question 1

What does WLAN stand for?

Answer 1

Wireless Local Area Network

Question 2

What is the primary benefit of WLAN?

Answer 2

Increased mobility and flexibility for network users

Question 3

What device acts as a central node to connect wireless devices to a network?

Answer 3

Access Point (AP)

Question 4

What are the two main types of access points?

Answer 4

Autonomous (standalone) and Controller-based APs

Question 5

What does BSS stand for in wireless networking?

Answer 5

Basic Service Set

Question 6

What element connects multiple BSSs into an ESS?

Answer 6

Distribution System (DS)

Question 7

What does ESS stand for?

Answer 7

Extended Service Set

Question 8

What is an SSID?

Answer 8

Service Set Identifier (network name broadcast by an AP)

Question 9

How can MAC address filtering improve wireless security?

Answer 9

By allowing only specified MAC addresses to connect

Question 10

What is Ad‑Hoc mode also known as?

Answer 10

Independent BSS

Question 11

In which mode do clients communicate via an AP?

Answer 11

Infrastructure mode (BSS)

Question 12

What protocol encapsulates traffic between APs and a wireless LAN controller?

Answer 12

CAPWAP protocol (Control And Provisioning of Wireless
Access Points)

Question 13

Which protocol carries EAP packets in wireless authentication?

Answer 13

RADIUS

Question 14

What does WEP stand for?

Answer 14

Wired Equivalent Privacy

Question 15

Why is WEP considered insecure?

Answer 15

It creates detectable patterns and can be easily broken

Question 16

What encryption protocol replaced WEP in WPA?

Answer 16

TKIP (Temporal Key Integrity Protocol)

Question 17

What key length does WPA’s TKIP use?

Answer 17

256‑bit keys

Question 18

Which encryption standard is used by WPA2?

Answer 18

AES (Advanced Encryption Standard)

Question 19

What authentication mechanism does WPA2 use?

Answer 19

CCMP (Cipher Block Chaining Message Authentication Code Protocol)

Question 20

How many steps are in the WPA2 4‑WAY handshake?

Answer 20

Four

Question 21

What new handshake protocol does WPA3 use?

Answer 21

SAE (Simultaneous Authentication of Equals)

Question 22

What is a Honeypot AP?

Answer 22

A fake AP meant to lure clients for attack attempts

Question 23

What is a Rogue AP?

Answer 23

An unauthorized AP installed on a network

Question 24

What happens in node replication attacks?

Answer 24

Captured nodes are reprogrammed to eavesdrop

Question 25

What is MAC Spoofing?

Answer 25

Changing a device’s MAC address to impersonate another

Question 26

Name two passive wireless attacks.

Answer 26

Traffic analysis and eavesdropping

Question 27

What type of attack floods a wireless network to disrupt service?

Answer 27

DoS attack

Question 28

Why segment a wireless LAN?

Answer 28

To apply different access rules for stronger security

Question 29

What are the three components of AAA in wireless security?

Answer 29

Authentication, Authorization, Accounting

Question 30

Name two modern wireless encryption protocols.

Answer 30

WPA2 and WPA3

Question 31

What does IPSec provide for transmitted packets?

Answer 31

Confidentiality, integrity, and authenticity

Question 32

What does AH stand for in IPSec?

Answer 32

Authentication Header

Question 33

What does ESP stand for in IPSec?

Answer 33

Encapsulation Security Payload

Question 34

What key exchange protocol is used by IPSec?

Answer 34

IKE (Internet Key Exchange)

Question 35

Which IPSec mode protects only the IP payload?

Answer 35

Transport Mode

Question 36

Which IPSec mode encapsulates the entire IP packet?

Answer 36

Tunnel Mode

Question 37

Give one advantage of IPSec.

Answer 37

1. Strong security 1. Scalability 1. Interoperability 1. Improved network performance

Question 38

Give one disadvantage of IPSec (NO NEED)

Answer 38

Configuration complexity

Question 39

What increases administrative overhead but provides stronger access control than SSID alone?

Answer 39

MAC address filtering

Question 40

What must be removed to harden an AP?

Answer 40

Default SSID and default passwords

Question 41

Which protocol is used as a fallback in WPA2 for devices not supporting AES?

Answer 41

TKIP

Question 42

What does CAPWAP stand for?

Answer 42

Control And Provisioning of Wireless Access Points

Question 43

In the context of WLAN, what is a Station?

Answer 43

Any device that has the capability to use 802.11protocol. E.g. Laptop, mobile phone

Question 44

Why is AES preferred over TKIP?

Answer 44

Stronger encryption and larger key size

Question 45

What does CCMP stand for?

Answer 45

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol

Question 46

What is the main goal of Wireless Security?

Answer 46

To prevent unauthorized access and protect data confidentiality

Question 47

Which handshake does WPA3 replace from WPA2?

Answer 47

PSK 4‑WAY handshake

Question 48

What type of AP configuration is automatically managed by a WLC?

Answer 48

Controller‑based AP

Question 49

What organization’s recommendations can be used for AP hardening?

Answer 49

CIS (Center for Internet Security)

Question 50

What encapsulation transport does CAPWAP use?

Answer 50

UDP tunnels for control and data

Question 51

What layer of the OSI model does WLAN operate on?

Answer 51

Data Link Layer (Layer 2)

Question 52

What IEEE standard defines Wi‑Fi?

Answer 52

IEEE 802.11

Question 53

Which 802.11 amendment introduced mesh networking?

Answer 53

802.11s

Question 54

What 802.11 standard first introduced 54 Mbps data rates?

Answer 54

802.11a

Question 55

What frequency bands do 802.11b/g/n use?

Answer 55

2.4 GHz

Question 56

What frequency bands do 802.11a/ac use?

Answer 56

5 GHz

Question 57

What modulation technique does 802.11g use?

Answer 57

OFDM (Orthogonal Frequency-Division Multiplexing)

Question 58

What does CSMA/CA stand for?

Answer 58

Carrier Sense Multiple Access with Collision Avoidance

Question 59

What is the purpose of the RTS/CTS mechanism?

Answer 59

To reduce collisions in a busy WLAN

Question 60

What is a beacon frame in Wi‑Fi?

Answer 60

A management frame broadcast by AP to announce presence

Question 61

What is a probe request in Wi‑Fi?

Answer 61

Frame sent by client to discover nearby SSIDs

Question 62

What is a probe response in Wi‑Fi?

Answer 62

Frame sent by AP in reply to probe request

Question 63

What is the default maximum range for 2.4 GHz Wi‑Fi?

Answer 63

Approximately 100–150 feet indoors

Question 64

What is the default maximum range for 5 GHz Wi‑Fi?

Answer 64

Approximately 50–70 feet indoors

Question 65

What is co‑channel interference?

Answer 65

Interference from multiple APs using the same channel

Question 66

What is adjacent‑channel interference?

Answer 66

Interference from APs using overlapping channels

Question 67

What tool is commonly used for Wi‑Fi site surveys?

Answer 67

Ekahau or AirMagnet

Question 68

What is a site survey in WLAN planning?

Answer 68

Analysis of coverage, interference, and capacity

Question 69

What is the purpose of directional antennas?

Answer 69

To focus RF energy in a specific direction

Question 70

What is MIMO?

Answer 70

Multiple Input Multiple Output

Question 71

How does MIMO improve throughput?

Answer 71

By using multiple spatial streams

Question 72

What does beamforming do?

Answer 72

Focuses Wi‑Fi signal toward a specific client

Question 73

What is 802.11ax also known as?

Answer 73

Wi‑Fi 6

Question 74

What new technology does Wi‑Fi 6 introduce for dense environments?

Answer 74

OFDMA (Orthogonal Frequency-Division Multiple Access)

Question 75

What is BSSID?

Answer 75

Basic Service Set Identifier, the MAC of the AP radio

Question 76

What is fast roaming in enterprise WLAN?

Answer 76

802.11r

Question 77

What security feature does 802.11w provide?

Answer 77

Protected Management Frames (PMF)

Question 78

What is captive portal authentication?

Answer 78

Web‑based login before granting full network access

Question 79

What is the difference between WPA2‑Enterprise and WPA2‑PSK?

Answer 79

Enterprise uses RADIUS; PSK uses a shared key

Question 80

What is a dynamic PSK?

Answer 80

Per‑user pre-shared keys centrally managed by a controller

Question 81

What protocol is used for passphrase to PMK derivation in WPA/WPA2?

Answer 81

PBKDF2

Question 82

What is a PMK in 802.11 security?

Answer 82

Pairwise Master Key

Question 83

What is a PTK in 802.11 security?

Answer 83

Pairwise Transient Key

Question 84

What is a GTK in 802.11 security?

Answer 84

Group Temporal Key

Question 85

What is KRACK?

Answer 85

Key Reinstallation Attack against WPA2

Question 86

What is the function of a RADIUS server?

Answer 86

Centralized authentication and accounting

Question 87

What port does RADIUS authentication use by default?

Answer 87

UDP 1812

Question 88

What port does RADIUS accounting use by default?

Answer 88

UDP 1813

Question 89

What is Tacacs+?

Answer 89

Cisco’s proprietary AAA protocol

Question 90

What is wireless intrusion prevention system (WIPS)?

Answer 90

Real‑time detection and blocking of rogue APs

Question 91

What metric measures signal strength?

Answer 91

RSSI (Received Signal Strength Indicator)

Question 92

What metric measures noise level?

Answer 92

SNR (Signal-to-Noise Ratio)

Question 93

What does DFS stand for in Wi‑Fi?

Answer 93

Dynamic Frequency Selection

Question 94

Why is DFS required in 5 GHz?

Answer 94

To avoid interfering with radar systems

Question 95

What is airtime fairness?

Answer 95

Equalize usage time among clients

Question 96

What is a Wi‑Fi Alliance?

Answer 96

Industry group that certifies Wi‑Fi interoperability

Question 97

What does WPA3‑Enterprise introduce over WPA2‑Enterprise?

Answer 97

192‑bit encryption suite

Question 98

What is a client isolation feature?

Answer 98

Prevents clients on same AP from talking directly

Question 99

What is network slicing in Wi‑Fi?

Answer 99

Logical segmentation of WLAN resources