itsp215/itsp216
beacon
A ________ frame is an advertisement of the wireless network. It carries specific information about the access point or basic service set, such as the SSID, the RF channel that it is operating on, the available data rates it is configured for, the security parameters, and much more.
translational bridge
A _______________ is defined as a device used to connect two or more dissimilar types of LANs together, such as wireless (IEEE 802.11) and Ethernet (IEEE 802.3).
At least one
A basic service set (BSS) consists of how many access points?
AP radio
A basic service set identifier (BSSID) is the unique identifying MAC address of the ___________
Control
A beacon frame advertises information about the wireless network. A beacon frame is what type of frame?
null data null function
A special type of data frame is the __________, or _______, frame, which helps implement power save features and is not used to carry any data payload.
Which security methods do IEEE 802.11n access points support? (Choose three.) A. WPA Enterprise B. WEP C. PPTP D. RBAC E. MAC filters F. IPSec
A, B, E. WPA Enterprise, WEP, and MAC fi ltering can all be used to secure 802.11g access points. PPTP is a Layer 3 security solution that consists of both tunneling and encryption. IPSec is a Layer 3 VPN encryption mechanism.
Layer 2 Tunneling Protocol commonly uses which encryption method? A. IPSec B. PPTP C. AES D. WEP E. MPPE
A. Layer 2 Tunneling Protocol (L2TP) commonly uses IPSec for encryption. PPTP is another VPN method that uses MPPE 128-bit encryption. AES and WEP are used with Layer 2 802.11-based wireless networks.
Which function does RBAC provide? A. Restricts access to authorized users or groups B. Provides access to only network administrators C. Streamlines hardware installation D. Allows users to install software
A. Role-based access control (RBAC) is a method used to restrict access only to authorized users. RBAC assigns permissions or access to roles to which users can be added.
one or more
According to the IEEE 802.11 standard, an extended service set (ESS) consists of how many interconnected basic service sets?
Mode 1
All devices in _________ must be HT-capable. When a non-HT device—that is, an IEEE 802.11a/b/g access point or wireless client device—is within the hearing range of the HT access point and on the same 20 MHz channel or one of the 20/40 MHz wide channels, this protection mode will be activated.
Mode 2
All devices in _____________ must be HT-capable. The operation of this protection mode is based on the fact that 802.11n devices can use 20 MHz or 20/40 MHz wide channels.
extended service set (ESS)
An ____ is defined as a "set of one or more interconnected basic service sets (BSSs) that appears as a single BSS to the Logical Link Control (LLC) layer at any station (STA) associated with one of those BSSs." It is also a common configuration in most WLAN deployments for small to medium businesses as well as large organizations.
IBSS
An _____ network is also known as an ad hoc or peer-to-peer network. This WLAN operation mode uses no access points and consists of only wireless devices or client computers.
0
An independent basic service set (IBSS) consists of how many access points?
The IEEE 802.1X standard identifies the authenticator as another term for the in wireless networking. A. Client device B. Access point C. RADIUS server D. EAP server
B. In 802.1X networking, the access point is also known as the authenticator. The supplicant is another term for the client device, and the authentication server can be a RADIUS or AAA authentication source.
Which security solution is mandatory for client devices in order to be considered Wi-Fi Protected Setup certified? A. WEP B. PIN C. WPA D. PBC E. TKIP
B. PIN-based security is mandatory for both access points and client devices in order to be considered Wi-Fi Protected Setup certified. PBC or push-button configuration is optional for client devices in this certification. WPA is a pre-802.11i certification that addresses TKIP and is used in either SOHO or enterprise-based wireless networks. Wi-Fi Protected Setup is not intended for enterprise WLAN deployments.
Which security feature provides the strongest security for a home-based wireless network? A. SSID hiding B. Passphrase C. MAC filters D. 128-bit WEP
B. Passphrases are available for use with WPA Personal or WPA2 Personal and are capable of providing strong security for the home user or small offi ce. SSID hiding should not be used for security because the SSID can be found in frames other than beacons. MAC filters are considered legacy solutions and can be easily spoofed using software downloadable from the Internet. 128-bit WEP can be cracked very quickly using software tools and is therefore not a secure solution.
The security amendment to the IEEE 802.11 standard requires _______. A. WEP B. CCMP C. TKIP D. PPTP E. VPN
B. The IEEE 802.11i amendment to the standard requires CCMP. WEP is an optional authentication/encryption method defined in the original 802.11 standard. TKIP is an enhancement to WEP that usually was accomplished as a firmware upgrade for older equipment. PPTP and VPN are both Layer 3 solutions and not defi ned in any IEEE wireless amendment.
target beacon transmission time (TBTT)
By default, beacons for most access points broadcast at about 10 times a second. This value is actually 1024 microseconds and is identified as the _____.
A newly configured wireless intrusion prevention system will . A. Require a network administrator to monitor for intrusions B. Automatically monitor the network for potential attacks C. Require an administrator to manually shut down a rogue access point D. Automatically notify a network administrator regarding a firmware upgrade
B. A wireless intrusion prevention system will automatically monitor the network for signatures that match potential intrusion techniques. An intrusion prevention system has the capability to automatically shut down a rogue access point. An intrusion detection system requires a manual shutdown. A WIPS will not notify a network administrator of a recent fimware upgrade.
A weakness with MAC address filtering is that it allows an intruder to _____ . A. Crack the encryption. B. Spoof an address. C. Cause an RF DoS attack. D. Steal user authentication.
B. An intruder can spoof a MAC address in order to circumvent the MAC fi lter and gain access to the wireless network. Encryption cracking is a different form of intrusion that also could possibly allow an intruder to steal a user's authentication credentials. An RF denial-of-service attack is caused by transmitting high-energy RF to prevent access to the wireless network.
You need to attend a business meeting out of town that requires air travel. You are at the airport and have some extra time. While waiting to board your plane you decide to check your office email using an IEEE 802.11g wireless hotspot access point at the airport. In order to provide a secure connection, you would enable your notebook computer to use _____. A. Passphrase security B. WEP C. A VPN to the corporate network D. IEEE 802.1X/EAP to the corporate network
C. In order to provide a secure connection between your laptop and the offi ce network, a Layer 3 VPN solution would be the best choice. Passphrase security and WEP require the access point to be confi gured, and this typically is not the case in public hotspots. 802.1X/EAP is enterprise security and usually does not apply to public hotspots.
What type of wireless network device is PIN-based security most commonly used with? A. SOHO brands that support WPA 2.0 B. Enterprise brands that support WPA 2.0 C. SOHO brands that support WPS D. Enterprise brands that support WPS
C. PIN-based security is usually used with SOHO brand wireless devices that support Wi-Fi Protected Setup certification (WPS). The devices are typically used in small office/home office installations or by home-based users. WPA 2.0 solutions can use either passphrase or 802.1X/EAP.
Remote Authentication Dial-In User Service (RADIUS) requires users on a wireless network to perform what function? A. Access the corporate network using only the PSTN and a modem. B. Call in to the help desk service and request a username and password. C. Enter a username and password that will be centrally administered. D. Request remote assistance to help solve a software problem on a computer.
C. RADIUS is a centralized authentication method that is used to authenticate users on a wireless network. Accessing a corporate network using a modem is a function of remote access services. Making a call to the help desk and requesting a username and password is not a function of RADIUS; however, the help desk may be able to assist with username and password issues. Requesting remote assistance to help solve a software problem is more related to troubleshooting and not a function of RADIUS.
The length of a WEP key is typically _____ or _____ . A. 5-bit, 10-bit B. 13-bit, 26-bit C. 64-bit, 128-bit D. 128-bit, 256-bit E. 192-bit, 256-bit
C. WEP is typically 64-bit or 128-bit encryption. The numbers 5, 10, 13, and 26 are related to the number of characters the WEP key can be in either ASCII or hexadecimal.
Hiding the service set identifier of a wireless LAN will require a user to in order to gain access to the wireless network. A. Enter a username and password when prompted B. Call the help desk and ask for a new password C. Enable the SSID broadcast on the client device D. Know the SSID and enter it manually
D. If the SSID of the wireless network is hidden, the user will need knowledge of the SSID in order to connect to the wireless network. The SSID broadcast is only enabled on an access point or wireless LAN controller/switch. Getting a new password from the help desk will not provide the SSID of the wireless network. Entering a username and password is user-based authentication.
Which data encryption/authentication method is identified in the original IEEE 802.11 standard? A. TKIP B. AES C. CCMP D. WEP E. EAP
D. The original IEEE 802.11 standard identifies WEP as an optional authentication/ encryption method. AES and CCMP are addressed in the 802.11i amendment to the standard. TKIP is an enhancement to WEP and not identified in the original standard. EAP provides an authentication process and is used with 802.1X networks.
A filter is used to allow or deny wireless barcode scanners access to an 802.11b/g network. A. WEP B. IPSec C. SSID D. RF E. MAC
E. A MAC filter is used to allow or deny wireless LAN devices access to a wireless access point. WEP is a shared key security mechanism. IPSec encryption is used in Layer 3 VPNs. SSIDs are used as a network name and for segmentation. RF is radio frequency and cannot be filtered.
ad hoc, infrastructure
IEEE 802.11 wireless LANs (WLANs) can be configured in one of two operation methods : _________ or ____________ mode.
active mode (AM)
In _________________ a WLAN device or station (STA) may receive frames at any time and is always in an "awake" state.
power save (PS) mode
In _________________, the WLAN device or station (STA) will doze or enter a low power state for very short periods of times.
randomly generated number (with same format as MAC address)
In an ad hoc or IBSS network the BSSID is always a what?
authenticate, associate
In order for a wireless client to become completely part of the basic service set, it must first ________ and then _____________.
protection mechanisms
In order to allow newer, faster WLAN technology such as 802.11n devices to communicate with older wireless devices, technology called _____________were designed to allow for backward compatibility.
SSID, Channel
In order to set up an ad hoc network, a user must know which two parameters? (Name both)
Distribution System (DS)
Infrastructure mode requires at least one access point, but can consist of up to thousands of them. These access points are connected by a common medium known as the ____________.
Mode 0 = No protection Mode 1 = HT nonmember protection mode Mode 2 = HT 20 MHz protection mode Mode 3 = Non-HT mixed mode
Match the HT Protection mode # to its corresponding name. Mode 0 Mode 1 Mode 2 Mode 3 HT nonmember protection mode HT 20 MHz protection mode No protection mode Non-HT mixed mode
single channel architecture (SCA).
Roaming within an IEEE 802.11 WLAN is always decided by the client device with the exception of _________________.
continuous aware mode (CAM)
Some manufacturers refer to active mode as _____.
wildcard
The IEEE 802.11 standard requires access points to respond to devices that are sending a null or blank SSID. The standard refers to this as a ___________ SSID.
802.11e
The IEEE ___________ amendment to the standard fueled the need for more efficient power save mechanisms in wireless networking.
hardware address
The MAC address is the unique identifier of a network adapter or what is known as the ______________________.
service set identifier (SSID)
The _____ is the logical name of the service set used to identify the wireless network, and it is used by devices to select a wireless network to join.
Basic Service Set Identifier (BSSID)
The _______ is defined as the unique identifier, Media Access Control (MAC) address of the basic service set. It is important to note that some manufacturers may allow for several of these to be connected to a single access point radio or for a single common one to be shared among many access points.
Basic service area (BSA)
The ______________ is the area of RF coverage or the RF cell that encompasses a wireless access point and its associated stations. A wireless client device will be contained in this area as long as it has enough required receive signal strength to maintain an association state with the wireless access point.
basic service set (BSS)
The ________________ is the foundation of the wireless network. This mode consists of an access point connected to a network infrastructure and its associated wireless devices.
passive scanning active scanning
The discovery phase consists of the ______________ and _____________ processes.
passive scanning
The first part of the discovery phase in IEEE 802.11 wireless networking is known as _______________. This process allows WLAN devices to "listen" for information about wireless networks in the radio receiving area of the wireless network or the BSA.
XX:XX:XX:YY:YY:YY X, Y
The format of a BSSID is ____________where _ is the number assigned to a manufacturer, and _ is the unique hardware address of the device.
Two
The open system authentication process uses how many frames?
roaming
The process in which a WLAN client connection moves from one access point to another is called __________.
discovery phase
The process in which the SSID is used by devices to select a wireless network to join is called the ___________________.
Extended rate physical (ERP) High-throughput (HT)
There are two broad categories of protection mechanism: ___________________ protection mechanism for IEEE 802.11g networks _________________ protection mechanism for IEEE 802.11n networks.
QoS null frame
There is also a variant of the null frame called the ___________, which is used with quality of service power save mode.
Open System Authentication
This 802.11 authentication method is defined by the IEEE 802.11 standard as a null authentication algorithm and is a two-step authentication process. Two management frames are exchanged between the device and the access point. For the most part, this authentication method cannot fail unless other security measures are put in place that prevent the device from accessing the network.
Shared-key Authentication
This IEEE 802.11 authentication method is a four-way frame exchange. During this process, four management frames are sent between the wireless device wanting to join the wireless network and the access point.
802.11b/g/n Mixed Mode
This mode allows devices that support the IEEE 802.11g/n amendments and IEEE 802.11b devices to operate together in the same BSA and be associated to the same access point.
802.11b-Only Mode
This operation mode disables all the IEEE 802.11g ERP-OFDM data rates of 6, 9, 12, 18, 24, 36, 48, and 54 Mbps and allowing only DSSS data rates of 1 and 2 Mbps and HR/DSSS rates of 5.5 and 11 Mbps.
802.11g-Only Mode
This operation mode is the opposite of 802.11b-only mode. It disables all of the IEEE 802.11b DSSS and HR/DSSS data rates of 1, 2, 5.5, and 11 Mbps, and it allows the IEEE 802.11g ERP-OFDM data rates of 6, 9, 12, 18, 24, 36, 48, and 54 Mbps.
True.
True or False? An IBSS can be created with the IEEE 802.11 WLAN adapter that is built into a wireless computer or other devices.
True.
True or False? For the most part, ESSID and SSID are synonymous terms for the name or segmentation of a wireless network.
False. Only open system authentication is allowed on newer WLAN security.
True or False? IEEE 802.11 open system authentication and shared-key authentication are both valid authentication processes allowed on newer WLAN security.
True.
True or False? In most if not all cases, the BSA for each BSS will overlap to allow roaming from one BSS to another.
True.
True or False? Management frames never cross the Data Link Layer of the OSI model.
False. After version 8.1 it was disallowed.
True or False? Microsoft Windows operating systems after version 7 no longer allow for an ad hoc network to be created from the graphical user interface. However, there are some command-line settings that can be used to allow wireless ad hoc connections from other devices.
True.
True or False? Shared-key authentication is used for both IEEE 802.11 authentication and data encryption.
True.
True or False? Unlike an access point, IBSS has no centralized control or manageable security or accounting features.
C. 802.11a client devices
WLAN devices in an 802.11a peer-to-peer network will connect to which device(s)? A. An access point B. 802.11g client devices C. 802.11a client devices D. A wireless switch
802.11r
What amendment was added to provide a standardized methodology for client station roaming and fast secure transition within the WLAN?
Management Control Data
What are the three frame types used in wireless networks depending on the information being sent?
association ID (AID)
When a WLAN device associates to an access point, the device receives what is known as an ______________. This is a value that will represent that device in various functions, including PS mode.
Passive scanning
When a WLAN device listens for beacon frames, it is participating in which phase?
Independent
When an IEEE 802.11g WLAN consists only of wireless client stations, the network is operating as which type of basic service set?
A. 32 Characters maximum C. contains one ASCII character D. Is case sensitive
Which items describe a service set identifier (SSID)? (Pick three) A. 32 characters maximum B. 64 characters maximum C. contains one ASCII character D. Is case sensitive E. Is not case sensitive
SSID RF Channel Security Config
Which three common parameters must be set on all devices belonging to the same IBSS? (Name three.)
802.11k and 802.11v
Which two amendments work with IEEE 802.11r to provide more information to the wireless device so it can make a more intelligent roaming decision based on the RF environment?
Control
______frames are used to govern access to the wireless medium by allowing devices to reserve the medium and acknowledge data. In addition, some of these frames are used to request data from the access point after returning from a power save state and with IEEE 802.11 protection mechanisms to allow wireless device coexistence.
Data
_____frames are used to carry payloads or Layer 3 information between wireless devices.
You are a wireless network administrator monitoring the reports for a recently installed wireless intrusion prevention system. You receive an alert notifying you of high levels of RF activity detected from an access point operating as a sensor and currently set to channel 6. Which problem could be causing the alert? (Choose two.) A. Interference from a neighboring access point B. RF deauthentication storm C. RF denial-of-service (DoS) attack D. Misconfigured client workstation E. RF encryption attack
A, C. Higher levels of RF activity reported by an intrusion prevention system could mean an RF denial-of-service attack is underway or could be misrepresented as interference from a neighboring access point. A deauthentication storm or encryption attack would be identified differently in a wireless intrusion prevention system. A misconfigured client workstation would not cause this type of alert.
Both and are wireless LAN security methods that support shared key security. (Choose two.) A. WPA2 Personal B. WPA2 Enterprise C. 802.1X/EAP D. WEP E. WPA Enterprise
A, D. Both WPA2 Personal and WEP support shared key security. The WPA2 Personal algorithm creates a 256-bit preshared key. WEP can be used with either a 64-bit or 128-bit key. WPA Enterprise, 802.1X/EAP, and WPA2 Enterprise all use the 802.1X process to create a key.
Which process is a VPN solution intended to provide for users connecting to a network? A. Secure Layer 3 transmissions over a public network infrastructure B. Secure Layer 2 transmissions over a public network infrastructure C. Secure Layer 3 transmissions over a corporate network infrastructure D. Secure Layer 2 transmissions over a corporate network infrastructure
A. A virtual private network (VPN) is a Layer 3 security solution that provides secure data transmissions over a public network infrastructure such as the Internet. WEP, WPA, 802.1X/EAP, and WPA 2.0 are examples of Layer 2 security solutions.
Wireless network discovery
__________________ is the process of a client device scanning for wireless networks and identifying the parameters of the network, including the SSID, supported data rates, and security settings.
Active scanning
___________________ is the second part of the WLAN discovery phase. In this process, WLAN devices wishing to connect to a network send out a management frame known as a probe request.
Disassociation
__________________occurs when an association to an access point is terminated. This may occur when the associated WLAN device roams from one BSS to another.
Deauthentication
_____________occurs when an existing authentication is no longer valid. This can be caused by a WLAN device logging off from the current connection or transitioning to a different BSS.
Management
______________ frames assist WLAN devices in finding and connecting to a wireless network. This includes advertising the capabilities of the WLAN and allowing connections by the authentication and association process.
A. Data rate decreases
As a device moves away from an access point, which of the following is true regarding dynamic rate switching? A. Data rate decreases B. Output power decreases C. Data rate increases D. Output power increases
You are a network administrator and are asked for a security recommendation regarding older wireless 802.11-compliant VoIP handsets. The company does not have the budget to upgrade the equipment at this time. Which would be the best recommendation you could provide? A. Don't worry about securing the handsets because voice transmissions cannot be deciphered. B. Carefully plan a strategy using WEP and VLANs. C. Use a VPN solution with L2TP/IPSec. D. Use a CCMP/AES Layer 2 solution.
B. If WEP must be used on a wireless network, the devices that use WEP should be separated using VLANs. This will protect the rest of the network from being compromised. Voice transmissions can be seen with the correct tools. CCMP/AES is available in newer devices that support the latest wireless security methods but is not available in older devices.
Association
________________ takes place after a wireless device has been successfully 802.11 authenticated either by open system authentication or by shared-key authentication. In this state, the authenticated device can pass traffic across the access point to the network infrastructure or other associated wireless devices.
frames
Wireless networking devices communicate by sending RF waves to each other through the air. These RF waves carry the digital data from one device to another. At this stage, the information traveling through the air is organized into what are known as ________.
C. ERP protection
You are a help desk support technician at a retail department store, and you receive a call from a manager in the administrative offices. He complains that the performance of his 802.11g/n notebook computer decreases several times throughout the day. Upon visiting the customer, you realize several people are performing inventory using 802.11b barcode scanners in the adjacent room. What is most likely the cause of the poor performance for the manager's notebook computer? A. Association B. Authentication C. ERP protection D. HT protection
Dynamic rate switching
You are a sales engineer connected to an IEEE 802.11ac access point with a mobile computer. As you move away from the access point, the connection speed slows to the next lowest supported data rate. The change in data rate is described by which term?
C. Active mode
You are a technical support engineer and provide help desk support for the network in a manufacturing company. You receive a call from the sales manager who wants to know how power save operations should be set up on her notebook computer to optimize the system performance. The notebook computer is plugged into an AC power source and rarely used on battery. Which mode would you recommend her to set on the wireless adapter? A. Power save mode B. Association mode C. Active mode D. Passive mode
B. Mistmatched SSID
You are a technical support engineer and receive a call from a customer regarding a problem with their wireless network connection. The building has an ESS network with five 802.11ac access points. The customer claims that when they move from their office to a conference room using the 802.11ac network they lose their connection and cannot connect to the access point in the conference room. Which is the most likely cause for this user to lose their connection when they roam on the wireless network? A. Different RF channel B. Mismatched SSID C. Different BSSID D. Mismatched association
Automatic power save delivery (APSD)
________ differs from the original power save mode in that a trigger frame will wake a device in order to receive data. This is a more efficient way of performing power save functions.
Mode 0
_________ allows for HT devices only. These HT devices must also share operational functionality and they must match; for example, they must all support 20 MHz or 20/40 MHz channels only.
Mode 3
__________ is used if one or more non-HT stations are associated in the BSS. This mode allows backward compatibility with non-802.11n or IEEE 802.11a/b/g wireless devices. This is the likely the most common mode for IEEE 802.11n HT networks today.
Dual CTS
____________ is a Layer 2 protection mechanism that is used for backward compatibility between IEEE 802.11n HT and IEEE 802.11a/b/g devices.
Dynamic rate switching (DRS) also known as Dynamic rate shifting and dynamic rate selection
____________ is the process which allows an associated wireless device to adapt to the RF signal strength and signal quality in a particular location of the BSA.
