Lesson 15 - N+

The properties of radio waves include what?

- Amplitude (the height of peaks and troughs) - Frequency (the number of peaks per unit of time) - Phase (the angle of a wave at a point in time)

channel bonding

Capability to aggregate one or more adjacent channels to increase bandwidth.

What mechanism does RTS/CTS support?

Carrier sense multiple access with collision avoidance (CSMA/CA). Rather than try to detect collisions, a wireless station indicates its intent to transmit by broadcasting a Request To Send (RTS) and waits to receive a Clear To Send (CTS) before proceeding.

heat map

In a Wi-Fi site survey, a diagram showing signal strength and channel uitilization at different locations.

Why might an attacker launch a disassociation attack against an access point?

This could be a simple denial of service (DoS) attack to prevent network access, but the attacker could also be attempting to use an evil twin/rogue AP to intercept network traffic.

Wireless Mesh Network (WMN)

Is a communications network made up of radio nodes organized in a mesh topology

antenna cable attenuation

Signal loss caused by an external antenna connected to an access point over cabling.

What value is used as the BSSID?

The MAC address of the access point.

stations (STA)

Wireless network devices

Control And Provisioning of Wireless Access Points (CAPWAP)

interoperable networking protocol that enables a central wireless LAN Access Controller (AC) to manage a collection of Wireless Termination Points (WTPs)

Lightweight Access Point Protocol (LWAPP)

the name of a protocol that can control multiple Wi-Fi wireless access points at once.

What are the colors and what do they mean when referring to a heat map?

- Green : Strong signal - Yellow : Warning - Red : Signal strength drops off

Modulation

Changes one or more of these (Amplitude, Frequency, Phase) properties to encode a signal

disassociation

Management frame handling process by which a station is disconnected from an access point.

Polarization

Orientation of the wave propagating from an antenna.

extended service area (ESA)

The area in which stations can roam between access points to stay connected to the same Extended Service Set Identifier (ESSID)

Co-channel interference (CCI)

Troubleshooting issue where access points within range of one another are configured to use the same channel, causing increased contention.

simultaneous authentication of equals (SAE)

- Personal authentication mechanism for Wi-Fi networks introduced with WPA3 to address vulnerabilities in the WPA-PSK method. - Replaces the 4-way handshake

Wi-Fi authentication comes in three types, what are they?

- personal - open - enterprise

What standards are most wireless LANs based on? A) 802.11 B) Wi-Fi 5 C) MU-MIMO D) Cellular radio

A) 802.11

Which of the following are formats for 2G cellular communications? (Select all that apply.) A) GPRS/EDGE B) GSM C) CDMA D) HSPA+

B) GSM C) CDMA

An administrator is configuring wireless coverage for a public library. What type of authentication should the administrator implement? A) Captive portal via HTTP B) Open authentication C) WPA3 D) Enterprise authentication

B) Open authentication

Wi-Fi 6 uses complex modulation and signal encoding. Why did Wi-Fi 6 reinstate operation in the 2.4 GHz band? A) To approximate 10G connection speeds B) To improve the amount of data sent per packet C) To support IoT D) To reduce latency

C) To support IoT

True or False? Suppressing transmission of the WLAN beacon improves security.

False—the beacon cannot be suppressed completely because clients use it when connecting with the AP. Increasing the broadcast interval reduces network overhead, but it increases the time required to find and connect to the network.

frequency band

Portion of the radio frequency spectrum in which wireless products operate, such as 2.4 GHz band or 5 GHz band.

Basic Service Area (BSA)

The area served by a single acess point

What configuration information is required on an access point to authenticate users joining the wireless network against a network authentication server?

The authentication method must be set to enterprise and the access point must be configured with the IP address and shared secret of the authentication (RADIUS or TACACS+) server.

Users in the corner of an office building cannot get good Wi-Fi reception. Your office manager doesn't want to use his budget to purchase a new AP. He's noticed that the power level control on the AP is set to 3 out of 5 and wants to know why turning up the power isn't the best solution?

This might work, but you should investigate the root cause of the issue and determine whether the solution will have adverse effects. The most obvious issue is that client stations might then be able to hear the AP but not be able to speak to it. Depending on the rest of the WLAN infrastructure, increasing power on one AP may cause more co-channel interference with other cells. A better solution will be to add an access point or to configure a wireless bridge using directional antennas.

open authentication

Wireless network authentication mode where guest (unauthenticated) access is permitted.

The lobby area of your office building has undergone a renovation, the centerpiece of which is a large aquarium in the middle of the room, separating a visitor seating and greeting area from the reception desks, where the AP facilitating guest Internet access is located. Since the renovation, many guests have been unable to connect to Wi-Fi from the seating area. Could the aquarium really be the cause, and what solution could you recommend?

Yes, a dense body of water could cause absorption and refraction of the radio waves, weakening the signal. You could ceiling mount the AP so that signals are less affected by the body of water. You could also add a second AP at the front of the lobby area to act as a repeater. For optimum performance, both APs should be ceiling-mounted, to preserve line of sight.

Time Division Multiple Access (TDMA)

is a digital modulation technique used in digital cellular telephone and mobile radio communication.

Hybrid Wireless Mesh Protocol (HWMP)

part of IEEE 802.11s, is a basic routing protocol for a wireless mesh network.

If clients are disassociated unexpectedly and there is no roaming, interference, or driver issue, what should you consider?

you should consider the possibility of a malicious attack.

Which IEEE WLAN standards specify a data transfer rate of up to 54 Mbps?

802.11a and 802.11g.

What type of AP requires a wireless controller?

A lightweight or thin AP (or one working in thin mode).

A small organization is securing their wireless network with Wi-Fi Protected Access 3 (WPA3) personal. What are some of the issues with this method of authentication? (Select all that apply.) A) Group authentication B) No accountability C) SAE D) PAKE

A) Group authentication B) No accountability

fat AP

An AP whose firmware contains enough processing logic to be able to function autonomously and handle clients without the use of a wireless controller

spectrum analyzer

Device that can detect the source of interference on a wireless network.

Electromagnetic interference (EMI)

Interference from a powerful radio or electromagnetic source working in the same frequency band, such as a Bluetooth device, cordless phone, or microwave oven.

The interval at which the beacon is broadcast (measured in milliseconds) can be modified. What is the default?

The default is usually 100 ms.

Extended Service Set (ESS)

is one or more interconnected basic service sets (BSSs) and their associated LANs.

Overcapacity

occurs when too many client devices connect to the same AP.

Which of the following are reasons why a client would unexpectedly disassociate from an access point? (Select all that apply.) A) Access Point Proximity B) MAC spoofing C) BYOD D) Interference

A) Access Point Proximity B) MAC spoofing D) Interference

802.11 relies on a shared physical bus running at half-duplex. How does this standard manage contention? A) CSMA/CA B) ACK C) RTS D) CTS

A) CSMA/CA

An administrator is implementing encryption on the wireless network. What standard should the administrator implement? A) TKIP B) WPA C) WEP D) WPA2

D) WPA2

Wi-Fi analyzer

Device or software that can report characteristics of a WLAN, such as signal strength and channel utilization.

access point (AP)

Device that provides a connection between wireless devices and can connect to wired networks, implementing an infrastructure mode WLAN.

IEEE 802.11

IEEE standards for wireless networking based on spread spectrum radio transmission in the 2.4 GHz and 5 GHz bands. The standard, known as Wi-Fi, has six main iterations: a, b, g, Wi-Fi 4 (n), Wi-Fi 5 (ac), and Wi-Fi 6 (ax). These specify different modulation techniques, supported distances, and data rates, plus special features, such as channel bonding, MIMO, and MU-MIMO.

Complementary Code Keying (CCK)

- Is a modulation method used in wireless local area networks (WLANs). - To achieve data rates higher than 2 Mbps, although this was at the expense of shorter range distances.

2.4 GHz

- Is better at propagating through solid surfaces, making it ideal for providing the longest signal range. - Does not support a high number of individual channels and is often congested

LTE Advanced (LTE-A)

- Is intended to provide a 300 Mbps downlink - Current typical performance for LTE-A is up to 90 Mbps.

5 GHz

- Is less effective at penetrating solid surfaces and so does not support the maximum ranges achieved with 2.4 GHz standards - The band supports more individual channels and suffers less from congestion and interference, meaning it supports higher data rates at shorter ranges.

Long Term Evolution (LTE)

- Packet data communications specification providing an upgrade path for both GSM and CDMA2000 cellular networks. LTE Advanced is designed to provide 4G standard network access. - Has a maximum downlink of 150 Mbps in theory - Current typical performance for LTE is around 20 Mbps

wired equivalent privacy (WEP)

- Standards for authenticating and encrypting access to Wi-Fi networks.

Wi-Fi 5 (802.11ac)

- Wi-Fi 5 is designed to work only in the 5 GHz band. - It supports more channel bonding (up to 80 or 160 MHz channels), up to 8 spatial streams, rather than 4, and denser modulation (at close ranges).

Wi-Fi 6 (802.11ax)

- Wi-Fi 6 uses more complex modulation and signal encoding to improve the amount of data sent per packet by about 40%. - Wi-Fi 6 reinstates operation in the 2.4 GHz band, mostly to support Internet of Things (IoT) device connectivity.

ad hoc topology

- the wireless adapter allows connections to and from other devices. - Does not require an access point - All the stations within an ad hoc network must be within range of one another.

What is the difference between a Wi-Fi analyzer and a spectrum analyzer?

A Wi-Fi analyzer is a software-based tool that interrogates the wireless adapter to display detailed information, based on what the Wi-Fi radio can receive. A spectrum analyzer uses dedicated radio hardware to report on frequency usage outside of Wi-Fi traffic, and so can be used more reliably to detect interference sources.

A device supporting the Wi-Fi standard should have an indoor range of what?

A device supporting the Wi-Fi standard should have an indoor range of at least 30 m (100 feet).

Extensible Authentication Protocol (EAP)

A framework for transporting authentication protocols that defines the format of the messages.

Dynamic Frequency Selection (DFS)

A technology in which IEEE 802.11n WLANs using 40- MHz channels can automatically move to another channel or switch to 20- MHz operation to minimize interference.

An administrator is testing the signal strength in a concrete building and measures a 12 dB loss between the office where the access point is located and the office next door. What is the cause of the decibel loss? A) Absorption B) Refraction C) Reflection D) EMI

A) Absorption

An administrator is evaluating the wireless coverage in a conference hall. There are enough access points to provide for 25 clients per access point, but many users are finding the wireless network to be unresponsive and timing out requests. What could be causing this issue? (Select all that apply.) A) CCI B) ACI C) Overcapacity D) Bandwidth saturation

A) CCI B) ACI D) Bandwidth saturation

An administrator wants the ability to centrally configure and manage access points (APs). What are some solutions the administrator could use for this? (Select all that apply.) A) Hardware B) Software C) Fat AP D) Thin AP

A) Hardware B) Software

A wireless administrator is receiving reports that users cannot connect to the wireless network in certain areas of the building. What can the administrator use to locate dead zones? A) Heat map B) Site survey C) DRS D) Beacon

A) Heat map

An administrator is investigating issues with intermittent connection to the wireless network. The administrator verified the access point configurations are correct. What are some other areas the administrator should investigate? (Select all that apply.) A) Signal strength B) Cabling C) Interference D) Power

A) Signal strength C) Interference

The IEEE 802.11 standards use two frequency bands. Which of the following statements regarding the frequency bands are true? (Select all that apply.) A) The 2.4 GHz band is ideal for providing the longest signal range B) The 5 GHz band is ideal for providing the longest signal range C) The 2.4 GHz band supports a high number of individual channels D) The 5 GHz band supports a high number of individual channels

A) The 2.4 GHz band is ideal for providing the longest signal range D) The 5 GHz band supports a high number of individual channels

Mesh Basic Service Set (MBSS)

Access point creates a wireless mesh connection to the nearest access point available towards Wired infrastructure. One or more Aps can be connected to Wired network and rest can connect to each other wirelessly.

A wireless administrator is troubleshooting dead zones in a building. Although the administrator used a heat map to determine the optimum position for access points (APs), some areas that should have coverage have very low signal strength which is unusable to clients. What should the administrator check? (Select all that apply.) A) Throughput B) Antenna placement C) Antenna cable attenuation D) EIRP

B) Antenna placement C) Antenna cable attenuation D) EIRP

An administrator is configuring a wireless LAN (WLAN) extended service area. Which of the following will the administrator need to configure the same on each access point? (Select all that apply.) A) BSSID B) ESSID C) BSS D) Security information

B) ESSID D) Security information

What protocol can an administrator configure in a wireless mesh network (WMN) to allow the stations to perform path discovery and forwarding between peers? A) MBSS B) IBSS C) HWMP D) BSSID

C) HWMP

An administrator responsible for implementing network coverage in a historical monument cannot install cabling in many areas of the building. What are some ways the administrator can take advantage of wireless distribution systems (WDS) to help? (Select all that apply.) A) To create a beacon B) To create a BSA C) To create an ESA D) To create a bridge

C) To create an ESA D) To create a bridge

A library user connected their tablet to the library's open access point. Which of the following items will NOT secure the open connection and protect the user's communications? A) Using a VPN B) Using HTTPS C) Using a screen protector D) Enabling SSL/TLS

C) Using a screen protector

What options may be available for an 802.11n network that are not supported under 802.11g?

Channel bonding, Multiple-Input-Multiple-Output (MIMO), and use of either 2.4 GHz or 5 GHz frequency bands.

Service Set Identifier (SSID)

Character string that identifies a particular wireless LAN (WLAN).

A wireless installer is networking a conference room with 9' ceilings. What is the best type of antenna for wireless devices? A) Vertical rod B) Yagi C) Parabolic/dish or grid D) Polarization

A) Vertical rod

What standard(s) are intended to support 4G mobile wireless services?

Long Term Evolution (LTE) and LTE Advanced (LTE-A).

wireless distribution system (WDS)

a system enabling the wireless interconnection of access points in an IEEE 802.11 network.

Insufficient wireless coverage

refers to spots within a building with no or weak Wi-Fi signal.

Temporal Key Integrity Protocol (TKIP)

is a security protocol used in the IEEE 802.11 wireless networking standard.

Direct Sequence Spread Spectrum (DSSS)

is a spread-spectrum modulation technique primarily used to reduce overall signal interference.

Throughput

is the amount of data that can be transferred at the network layer, discarding overhead from layers 1 and 2.

Speed

is the data rate established at the physical and data link layers.

Received Signal Strength Indicator (RSSI)

is the strength of the signal from the transmitter at the client end.

thin AP

requires a wireless controller in order to function

radio frequency interference (RFI)

the conduction or radiation of electrical noise or radio frequency energy produced by electrical and electronic equipment.

wireless LAN controller

Device that provides wireless LAN management for multiple APs.

site survey

Documentation about a location for the purposes of building an ideal wireless infrastructure; it often contains optimum locations for wireless antenna and access point placement to provide the required coverage for clients and identifying sources of interference.

True or false? To support client roaming within an extended service area, each access point must be configured with the same SSID, security parameters, and Wi-Fi channel.

False—the SSID and security parameters must be the same, but the access points should use different channels where their coverage overlaps.

Widget Corporation has provided wireless access for its employees using several APs located in different parts of the building. Employees connect to the network using 802.11g-compatible network cards. On Thursday afternoon, several users report that they cannot log on to the network. What troubleshooting step would you take first?

Following troubleshooting methodology, establish the scope of the problem early on the in the process. In this case, check whether the problem machines are trying to use the same AP. If the problem is apparent across multiple APs, suspect a wireless controller disabling 802.11g compatibility mode.

Refraction

Glass or water can cause radio waves to bend and take a different path to the receiver. This can also cause the data rate to drop.

radio frequency (RF) attenuation

Loss of signal strength due to distance and environmental factors.

Basic Service Set Identifier (BSSID)

MAC address of an access point supporting a basic service area.

Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)

Mechanism used by 802.11 Wi-Fi standards to cope with contention over the shared access media.

Code Division Multiple Access (CDMA)

Method of multiplexing a communications channel using a code to key the modulation of a particular signal. CDMA is associated with Sprint and Verizon cellular phone networks.

Reflection/bounce (multipath interference)

Mirrors or shiny surfaces cause signals to reflect, meaning that a variable delay is introduced. This causes packets to be lost and consequently the data rate to drop.

cellular radio

Mobile telephony standards divided into 2G (GSM; up to about 14 Kbps), 2.5G (GPRS, HSCSD, and EDGE; up to about 48 Kbps), and 3G (WCDMA; up to about 2 Mbps).

Extended Service Set Identifier (ESSID)

Network name configured on multiple access points to form an extended service area.

What is a heat map?

Output from a site survey plotting the strength of wireless signals and channel utilization in different parts of a building.

You are planning WLAN for an office building with an attached warehouse. Where would you recommend placing Wi-Fi antennas for the best coverage in an office full of cubicles as well as in the warehouse?

Placing omnidirectional antennas on the ceiling would provide the best coverage with good line-of-sight and reduced interference between the APs and stations. Depending on the height of the warehouse ceiling, you may need to obtain APs with downtilt antennas.

Effective Isotropic Radiated Power (EIRP)

Signal strength from a transmitter, measured as the sum of transmit power, antenna cable/connector loss, and antenna gain.

antenna type

Specially arranged metal wires that can send and receive radio signals, typically implemented as either an omnidirectional or a unidirectional type.

Global System for Mobile Communication (GSM)

Standard for cellular radio communications and data transfer. GSM phones use a SIM card to identify the subscriber and network provider. 4G and later data standards are developed for GSM.

Wi-Fi Protected Access (WPA)

Standards for authenticating and encrypting access to Wi-Fi networks.

What are the advantages of deploying a wireless mesh topology over an IBSS?

Stations in a wireless mesh network are capable of discovering one another, forming peering arrangements, and performing path discovery and forwarding between peers (routing). These factors make a mesh-based network more scalable than an ad hoc network or independent basic service set (IBSS).

channel

Subdivision of frequency bands used by Wi-Fi products into smaller channels to allow multiple networks to operate at the same location without interfering with one another.

The 2.4 GHz band is subdivided into how many channels?

The 2.4 GHz band is subdivided into up to 14 channels, spaced at 5 MHz intervals from 2412 MHz up to 2484 MHz.

The 5 GHz band is subdivided into how many non-overlapping channels?

The 5 GHz band is subdivided into 23 non-overlapping channels, each of which is 20 MHz wide.

Which frequency band is less likely to suffer from co-channel interference?

The 5 GHz band.

Signal-To-Noise Ratio (SNR)

The comparative strength of the data signal to the background noise

Your company has a lobby area where guest access is provided so that visitors can get Internet access. The open guest WLAN is currently connected to the production network. The only protection against visitors and hackers getting into the organization's data is file and directory rights. What steps should be taken to provide guest access and better protect the organization's data?

The guest WLAN should be connected to a separate network segment, isolated from the production network. Typically, this would be accomplished using a virtual LAN (VLAN) and a router/firewall to inspect and filter traffic using the Internet link. You could configure a captive portal so that users must register before accessing the WLAN. You could also change to using PSK authentication, with the passphrase obtained from the receptionists.

Absorption

This refers to the degree to which walls and windows will reduce signal strength (some of the radio wave's energy is lost as heat when passing through construction materials).

Adjacent channel interference (ACI)

Troubleshooting issue where access points within range of one another are configured to use different but overlapping channels, causing increased noise.

True or False? Stations with 802.11ac capable adapters must be assigned to the 5 GHz frequency band.

True—802.11ac is designed to work only in the 5 GHz frequency band, with the 2.4 GHz band used for legacy clients.

Independent Basic Service Set (IBSS)

Type of wireless network where connected devices communicate directly with each other instead of over an established medium.

Multiple Input Multiple Output (MIMO)

Use of multiple reception and transmission antennas to boost bandwidth via spatial multiplexing and to boost range and signal reliability via spatial diversity.

Multiuser MIMO (MU-MIMO)

Use of spatial multiplexing to connect multiple MU-MIMO-capable stations simultaneously, providing the stations are not on the same directional path.

IEEE 802.11b

Uses the 2.4 GHz frequency band and was released in parallel with 802.11a. It standardized the use of the carrier method Direct Sequence Spread Spectrum (DSSS), along with Complementary Code Keying (CCK) signal encoding.

roam

WLAN configured with multiple access points in an extended service set allowing clients to remain connected to the network within an extended service area.

What is the main difference between WPA and WPA2?

WPA2 supports a stronger encryption algorithm, based on the Advanced Encryption Standard (AES). AES is deployed within the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). WPA uses the same RC4 cipher as WEP. WPA uses a mechanism called the Temporal Key Integrity Protocol (TKIP) to make it stronger than WEP, but WPA2 offers better security.

captive portal

Web page or website to which a client is redirected before being granted full network access.

Orthogonal Frequency Division Multiplexing (OFDM)

Whereas DSSS uses a high modulation rate for the symbols it sends, OFDM uses a relatively slow modulation rate for symbols. This slower modulation rate, combined with the simultaneous transmission of data over 52 data streams, helps OFDM support high data rates while resisting crosstalk between the various data streams.

pre-shared key authentication (PSK)

Wireless network authentication mode where a passphrase-based mechanism is used to allow group authentication to a wireless network. The passphrase is used to derive an encryption key.

enterprise authentication

Wireless network authentication mode where the access point acts as pass-through for credentials that are verified by an AAA server.

Basic Service Set (BSS)

a term used to describe the collection of Stations which may communicate together within an 802.11 network.

Dynamic Rate Switching/Selection (DRS)

adjusts the data rate in order to reduce retransmissions.