Module 11 Textbook & Quiz | ITE-249-02 Wireless Network Security
19. Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend? a. EAP-FAST b. EAP-SSL c. EAP-TLS d. EAP-TTLS
a. EAP-FAST
9. Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack? a. IEEE 802.iw separate b. Jamming c. Disassociation d. Manipulate duration field values
a. IEEE 802.iw separate
5. Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability? a. It allows an attacker to bypass network security configurations. b. It requires the use of vulnerable wireless probes on all mobile devices. c. It conflicts with other network firewalls and can cause them to become disabled. d. It uses the weaker IEEE 80211i protocol.
a. It allows an attacker to bypass network security configurations.
11. Which of these is a vulnerability of MAC address filtering in a WLAN? a. MAC addresses are initially exchanged unencrypted. b. Not all operating systems support MACs. c. APs use IP addresses instead of MACs. d. The user must enter the MAC.
a. MAC addresses are initially exchanged unencrypted.
1. Choose which statement is wrong by applying your knowledge from the reading. a. Most RFID tags are active and require their own power supply. b. An AP primarily consists of an antenna and a radio transmitter/receiver to send and receive wireless signals, special bridging software to interface wireless devices to other devices, and a wired network interface that allows it to connect by cable to a standard wired network. c. Bluetooth LE also supports a many-to-many topology, known as a mesh.
a. Most RFID tags are active and require their own power supply.
13. Which of these does not require authentication? a. Open method b. PSK c. Enterprise method d. Initialization method
a. Open method
3. What is a difference between NFC and RFID? a. RFID is designed for paper-based tags while NFC is not. b. NFC is based on wireless technology while RFID is not. c. RFID is faster than NFC. d. NFC devices cannot pair as quickly as RFID devices.
a. RFID is designed for paper-based tags while NFC is not.
2. Choose which statement is wrong by applying your knowledge from the reading. a. There are three common WPS methods. b. An initialization vector (IV) is a 24-bit value that changes each time a packet is encrypted. c. Filtering by MAC address has several vulnerabilities, most notably that MAC addresses are initially exchanged between wireless devices and the AP in an unencrypted format.
a. There are three common WPS methods.
2. Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be? a. Blueswiping b. Bluesnarfing c. Bluejacking d. Bluestealing
b. Bluesnarfing
8. Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered? a. Authenticated portal b. Captive portal c. Control portal d. Rogue portal
b. Captive portal
10. Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing? a. Bluetooth grabber b. Evil twin c. Rogue access point d. WEP-II
b. Evil twin
18. Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP? a. It is a technology used by IEEE 802.11 for encryption. b. It is a framework for transporting authentication protocols. c. It is a subset of WPA2. d. It is the transport protocol used in TCP/IP for authentication.
b. It is a framework for transporting authentication protocols.
Quiz: 1. Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate? a. Wi-Fi b. Near field communication (NFC) c. Bluetooth d. Radio frequency ID (RFID)
b. Near field communication (NFC)
3. Choose which statement is wrong by applying your knowledge from the reading. a. The encryption protocol used for WPA2 is the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) and specifies the use of CCM (a general-purpose cipher mode algorithm providing data privacy) with AES. b. There are two modes of WPA2, WPA2 Professional and WPA2 Enterprise. c. EAP-TLS uses digital certificates for authentication.
b. There are two modes of WPA2, WPA2 Professional and WPA2 Enterprise.
4. Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network? a. Alliance IBSS b. Wi-Fi Direct c. Ad hoc II d. Dynamic ad hoc
b. Wi-Fi Direct
6. Which of these is NOT a risk when a home wireless router is not securely configured? a. Malware can be injected into a computer connected to the WLAN. b. Wireless endpoints must be manually approved to connect to the WLAN. c. An attacker can steal data from any folder with file sharing enabled. d. Usernames, passwords, credit card numbers, and other information sent over the WLAN could be captured by an attacker.
b. Wireless endpoints must be manually approved to connect to the WLAN.
14. Which of these is the encryption protocol for WPA2? a. CPB b. CMAC-RSTS c. CCMP d. CBD-MAC
c. CCMP
16. Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC? a. Standalone AP b. Fat AP c. Any type of AP can be managed by a WLC d. Controller AP
d. Controller AP
12. Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key? a. RC b. SL c. SSD d. IV
d. IV
7. Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable? a. Piconet method b. Push-button method c. Click-to-connect method d. PIN method
d. PIN method
15. Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust? a. Frequency band b. Channel width c. Channel selection d. RFID spectrum
d. RFID spectrum
17. Which WPA3 security feature is designed to increase security at the time of the handshake? a. OWE b. MIT c. WEP d. SAE
d. SAE
20. Which of these is NOT a type of wireless AP probe? a. Dedicated probe b. Wireless device probe c. AP probe d. WNIC probe
d. WNIC probe
