10.1 - 10.7 Wireless Networking

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

How many total channels are available for 802.11g wireless networks? 3 11 12 23 54

11 802.11b and 802.11g use the 2.4 GHz range which has a total of 11 channels in the US. 802.11a wireless uses the 5.75 GHz range which has a total of 23 channels.

Which data transmission rate is defined by the IEEE 802.11b wireless standard? 2 Mbps 10 Mbps 11 Mbps 56 Mbps

11 Mbps The IEEE 802.11b standard defines wireless transmission rates up to 11 Mbps. Wireless network interface cards and wireless access points (also called wireless hubs or wireless routers) will automatically negotiate the best transmission speed up to 11 Mbps based on current network traffic load and the quality of the wireless connection between the client and access point. The wireless communications are affected by distance, dense physical obstructions, and other electromagnetic interference producing devices. The IEEE 802.11a standard defines wireless transmission rates up to 2 Mbps. The IEEE 802.11g standard defines wireless transmission rates up to 56 Mbps. The IEEE 802.3 standard defines Ethernet 10baseT cable based transmissions of 10 Mbps.

Which technologies are used by the 802.11ac standard to increase network bandwidth? (Select two.) Data compression Four MIMO radio streams 40 MHz bonded channels 160 MHz bonded channels Eight MIMO radio streams

160 MHz bonded channels Eight MIMO radio streams

Which of the following are frequencies defined by 802.11 committees for wireless networking? (Select two.) 700 MHz 1.9 GHz 2.4 GHz 5.75 GHz 10 GHz

2.4 GHz 5.75 GHz 802.11 specifications for wireless include standards for operating in the 2.4 GHz range (802.11b, 802.11g, and 802.11n) and the 5.75 GHz range (802.11a and dual-band devices using 802.11n)

How many total channels are available for 802.11a wireless networks? 3 11 12 23 54

23 802.11a wireless uses the 5.75 GHz range which has a total of 23 channels. 802.11b and 802.11g use the 2.4 GHz range which has a total of 11 channels in the US.

What is the frequency of 802.11a networking? 900 MHz 1.2 GHz 2.4 GHz 5.75 GHz

5.75 GHz 802.11a wireless operates in the 5.75 GHz range. 802.11b and 802.11g operate in the 2.4 GHz range.

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation? 802.11a 802.11g 802.11b 802.11d 802.11c

802.11a 802.11a is the best choice for this client. While both 802.11a and 802.11g each operate at 54 Mbps, 802.11g operates in the 2.4 GHz to 2.4835 GHz range; which will cause interference with the client's wireless phone system. 802.11a, on the other hand, operates in the 5.725 GHz to 5.850 GHz frequency range; which won't interfere with the phone system.

Frame Composition

802.11ac added four fields to the wireless frame, which identify the frame as very high throughput (VHT).

802.11ac

802.11ac increased bandwidth and communication speeds by using the following technologies:

After installing a new 2.4Ghz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely using? (Select two.) 802.11b 802.11a 802.11g Bluetooth

802.11b 802.11g Both the 802.11b and 802.11g wireless networking standards use the 2.4Ghz frequency range. A cordless phone system on the same frequency range may affect the performance of the wireless network. 802.11a uses the 5Ghz frequency range, so it would not be affected by a cordless phone system that uses the 2.4Ghz frequency range. Bluetooth does use the 2.4Ghz frequency range, but is used more widely as a mechanism to connect consumer electronic devices like personal digital assistants (PDAs), cameras, and phones, rather than as a wireless local area networking (LAN) method.

Which IEEE standard describes wireless communication? 802.11b 802.2 802.7b 802.5 802.3

802.11b One IEEE standard for wireless is 802.11b.

Which IEEE wireless standards specify transmission speeds up to 54 Mbps? (Select two.) 802.11g Bluetooth 802.11a 802.11b 802.1x

802.11g 802.11a Both the 802.11a and the 802.11g wireless standards specify maximum transmission speeds up to 54 Mbps. Bluetooth is a wireless standard commonly used to connect peripheral devices and operates at 720 Kbps. The 802.11b wireless standard provides transmission speeds of 11 Mbps. 802.1x is a wireless security standard that provides an authentication framework for 802-based networks.

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates at 2.4 GHz. Which 802.11 standards will work best in this situation? (Select two.) 802.11n 802.11d 802.11a 802.11b 802.11g

802.11n 802.11a 802.11a or 802.11n are the best choices for this client. While both 802.11a and 802.11g each operate at 54 Mbps, 802.11g operates in the 2.4 GHz to 2.4835 GHz range—which will cause interference with the client's wireless phone system. 802.11a and 802.11n, on the other hand, operate in the 5.725 GHz to 5.850 GHz frequency range. This won't interfere with the phone system. 802.11n can operate at speeds up to 600 Mbps.

You are designing an update to your client's wireless network. The existing wireless network uses 802.11b equipment; which your client complains runs too slowly. She wants to upgrade the network to run up to 600 Mbps. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless network boards in her users' workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation? 802.11d 802.11a 802.11b 802.11c 802.11n

802.11n 802.11n is the best choice for this client and provides up to 600 Mbps. With 802.11n, you may have a single device that uses multiple radios, one that can operate at one frequency and another that can operate on a different frequency. Because of this, 802.11n usually allows for compatibility between all 802.11 standards, depending upon the specific implementation. While 802.11g is compatible with 802.11b, it only provides up to 54 Mbps.

You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation? 802.11b 802.11g 802.11n 802.11a

802.11n 802.11n is the best choice for this client. 802.11b and 802.11g both operate in the 2.4 GHz to 2.4835 GHz range, which will cause interference with the client's wireless phone system. 802.11a operates in the 5.725 GHz to 5.850 GHz frequency range. While this won't interfere with the phone system, its maximum speed is limited to 54 Mbps.

You are designing an update to your client's wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs too slowly. She wants to upgrade the network to run at 150 Mbps or faster. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless NICs in the workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation? 802.11a 802.11d 802.11b 802.11n

802.11n 802.11n is the best choice for this client. 802.11a operates at a maximum speed of 54 Mbps. 802.11a isn't compatible with 802.11g network boards. 802.11b runs at only 11 Mbps. 802.11n access points are backwards compatible with 802.11g equipment and run at speeds of up to 600 Mbps. Using this type of access point will allow the wireless network to continue to function during the transition.

You have been contacted by OsCorp to recommend a wireless Internet solution. The wireless strategy must support a frequency range of 5 GHz, and provide the highest possible transmission speeds. Which of the following wireless solutions would you recommend? WEP Bluetooth 802.11n 802.11a 802.11b

802.11n Of the technologies listed, only the IEEE 802.11n wireless standard addresses the desired requirements. Bluetooth operates at the 2.4GHz radio frequency range and is limited to theoretical speeds of 1 to 3 Mbps and transmission distances of 33 feet. The 802.11a wireless standard offers speeds of 54 Mbps but uses the 5 GHz frequency range. 802.11b uses the 2.4 GHz frequency range but supports only 11 Mbps transfer speeds.

Frame Composition

802.11n changes the frame composition, resulting in increased efficiency of data transmissions (less overhead). *When running at 802.11n speeds, 802.11a and 802.11g are considered high throughput (HT) and sometimes referred to as 802.11a-ht and 802.11g-ht.

802.11n

802.11n modified the previous 802.11a (5 GHz) and 802.11g (2.4GHz) standards to increase their potential bandwidth and transmission distance. The following table describes the technologies implemented as part of this modification.

802.1x Authentication

802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients.

802.1x

802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients. Originally designed for Ethernet networks, the 802.1x standards have been adapted for use in wireless networks to provide secure authentication. 802.1x authentication requires the following components: > A RADIUS server to centralize user account and authentication information. A centralized database for user authentication is required to allow wireless clients to roam between cells but authenticate using the same account information. > A PKI for issuing certificates. At a minimum, the RADIUS server must have a server certificate. To support mutual authentication, each client must also have a certificate. *Use 802.1x authentication on large, private networks. Users authenticate with unique usernames and passwords. Security for wireless networking is provided from the following standards:

You are designing a wireless network implementation for a small business. The business deals with sensitive customer information, so data emanation must be reduced as much as possible. The floor plan of the office is shown below. Match each type of access point antenna on the left with the appropriate location on the floor plan on the right. Each antenna type can be used once, more than once, or not at all.

A Directional B Directional C Omni-Directional D Directional E Directional F Directional G Directional There are three types of antennas you should be aware of: A directional antenna creates a narrow, focused signal in a particular direction. The focused signal provides greater signal strength, increasing the transmission distance. It provides a stronger point-to-point connection, better equipping devices to handle obstacles. An omni-directional antenna disperses the RF wave in an equal 360-degree pattern. It is used to provide access to many clients in a radius. A parabolic antenna uses a parabolic reflector shaped like a dish. It is highly directional, concentrating the radio waves transmitted from the sender into a very narrow beam. Using a parabolic antenna on the receiver restricts it to receiving radio signals from only a single, very specific direction. It supports very high gain radio signals that can be transmitted over long distances, but requires a clear line-of-sight (LOS) between the sender and the receiver. In this scenario, data emanation can be reduced as follows: Directional antennae should be implemented along the perimeter of the office in locations A, B, D, E, F, and G with the radio pattern aimed towards the center of the office. An omnidirectional antenna can be implemented in the center of the office in location C. A parabolic antenna is not appropriate in this scenario and should not be implemented. A site survey should be conducted to verify that the radio signal from all of the access points does not emanate excessively outside the office.

Your consulting firm has been hired by a small business to implement a wireless network. The company leases two office suites within a business park approximately 200m apart, as shown below. The objectives of the implementation are as follows: Create a secure wireless network that doesn't emanate beyond each office space by implementing access points in locations A-D in each building. Connect the wireless networks at each office together with a secure outdoor wireless link using locations E and F. Drag the antenna type from the list on the left to the appropriate location on the right. Each antenna type can be used more than once or not at all.

A Normal gain directional antenna aimed east B Normal gain directional antenna aimed south C Normal gain directional antenna aimed north D Normal gain directional antenna aimed west E High-gain directional antenna aimed east F High-gain directional antenna aimed west In this scenario, directional antennae can be implemented along the exterior walls that are aimed inward. This reduces signal emanation outside the organization. To reduce coverage gaps, you could also implement an omni-directional antenna in the center of each office complex with the power turned to prevent signal emanation. To establish a wireless link between offices, you can implement high-gain directional parabolic antennae at each site. Because this radio signal will be transmitted outdoors, you will need to use the strongest encryption available on the link.

Basic Service Set (BSS)

A BSS, also called a cell, is the smallest unit of a wireless network. All devices in the BSS can communicate with each other. The devices in the BSS depend on the operating mode. > In an ad hoc implementation, each BSS contains two devices that communicate directly with each other. > In an infrastructure implementation, the BSS consists of one AP and all its associated STAs. > All devices within the BSS use the same radio frequency channel to communicate

Basic Service Set (BSS)

A BSS, also called a cell, is the smallest unit of a wireless network. All devices in the BSS can communicate with each other. The devices in the BSS depend on the operating mode. All devices within the BSS use the same radio frequency channel to communicate.

Access Point (AP)

A access point (AP), sometimes called a wireless access point, is the device that allows a Wi-Fi device to connect to a wired network.

Configure the Beacon

A beacon is a frame that is sent out by the AP periodically. The beacon announces the AP and the characteristics of the network, like the SSID, supported speeds, and the signaling method used. > When you turn off SSID broadcast, you prevent the AP from including the SSID in the beacon. > Wireless clients listen for beacons to identify APs in the area. > The beacon is sent at periodic intervals (typically 100 ms by default). > Sending the beacon uses some of the available bandwidth of the wireless network. You can reduce the traffic generated by the beacon by increasing the beacon interval. > Increasing the beacon interval can increase the time it takes wireless clients to locate the wireless network. To improve access times, decrease the beacon interval.

Deauthentication Attack

A deauthentication attack is when an attack spoofs your MAC address and then tells you wireless network to disconnect you from the network. Attackers may use a deauthentication attack to stage evil twin or man-in-the-middle attacks.

Deauthentication

A deauthentication attack is when an attack spoofs your MAC address and then tells your wireless network to disconnect you from the network. Attackers may use a deauthentication attack to stage evil twin or man-in-the-middle attacks.

Directional Antenna

A directional antenna creates a narrow, focused signal in a particular direction, which increases the signal strength and transmission distance. It provides a stronger point-to-point connection and is better equipped to handle obstacles.

You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for customers who want internet access. You decide to check your email before the meeting begins. When you open the browser, you cannot gain internet access. Other customers are using the internet without problems. You are sure your laptops wireless adapter works because you use a wireless connection at work. What is the likely cause of the problem? WAP is out of range. Antenna strength on the WAP is too low. Different LAN protocols are being used. PPP is not configured correctly. A mismatched SSID.

A mismatched SSID. A wireless client and the access point must be configured to use the same SSID. In this case, the client system was used on a different wireless network and may still be using the SSID from that network. To log onto this network, the system will need to be configured to use the same SSID as other customers in the coffee shop. Sometimes the SSID will automatically be detected by a wireless monitoring program. As a new SSID is detected, it will attempt to connect and use the new SSID and new access point. When this does not happen, you need to change the the SSID manually. The problem is not with LAN protocols, as TCP/IP is the protocol used on the internet, so there are no other choices. The WAP is not out of range, as other clients are accessing it. PPP is not required to make the internet connection.

Rogue Access Point

A rogue access point is any unauthorized access point added to a network.

Rogue Access Point

A rogue access point is any unauthorized access point added to a network. Several techniques are used to create a rogue access point. > An attacker or an employee with access to the wired network installs a wireless AP on a free port. The access port then provides a method for remotely accessing the network. > An attacker near a valid wireless AP installs an AP with the same (or similar) SSID. The AP is configured to prompt for credentials, allowing the attacker to steal those credentials or use them in a man-in-the-middle attack to connect to the valid wireless AP. > An attacker configures a wireless AP in a public location, monitors the traffic of users who connect to the wireless AP, and captures sensitive information, such as usernames and passwords. *Rogue APs can be used to carry out pharming attacks. In a pharming attack, users are redirected to fake websites that prompt for credentials, allowing the attacker to steal those credentials. To mitigate and protect your network against rogue APs: > Monitor nearby radio frequencies to identify APs broadcasting in your area. > Put APs in separate VLANs and implement some type of intrusion detection to help identify when an attacker sets up a rogue AP or uses a brute force attack to gain access. > When you find an unauthorized AP, unplug the Ethernet cable on the AP to disconnect it from the wired network. *A rogue AP that is configured to mimic a valid AP is known as an evil twin.

Spectrum Analyzer

A spectrum analyzer is a device that displays signal amplitude (strength) as it varies by signal frequency. The frequency appears on the horizontal axis, and the amplitude is displayed on the vertical axis.

You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? (Select two.) Preshared keys AES encryption TKIP encryption WEP encryption Open authentication 802.1x

AES encryption 802.1x To configure WPA2 Enterprise, you need a RADIUS server to support 802.1x authentication. WPA2 uses AES for encryption. WPA2-PSK, also called WPA2 Personal, uses pre-shared keys for authentication. WPA uses TKIP for encryption.

Change the Default Name and Password

APs typically come configured with a default username and password that is used to configure AP settings. It's important to change the administrator account name and password from the defaults. This prevents outsiders from breaking into your system by guessing the default username and password.

Absorption

Absorption is when a signal passes through objects and the signal loses power.

Absorption

Absorption is when a signal passes through objects they lose power or get weaker.

Site Survey Report

After the site survey is completed, you should create a site survey report containing: > A physical network diagram, including each access point, controller, and the media that connects them. > An RF model that includes a frequency/channel plan. The spectrum analysis results. > A logical network diagram containing SSIDs, IP addressing, and VLAN information. > Photographs and diagrams of each access point mounting site. > A list of structural modifications required to build the network. > A list of alternate mounting locations (if necessary). > A list of equipment that must be purchased. > A cost estimate for equipment and labor.

Access Point (AP)

An AP, sometimes called a wireless AP (WAP), is the device that coordinates all communications between wireless devices, as well as the connection to the wired network.

Access Point (AP)

An AP, sometimes called a wireless AP (WAP), is the device that coordinates all communications between wireless devices, as well as the connection to the wired network. It acts as a hub on the wireless side and a bridge on the wired side. It also synchronizes the stations within a network to minimize collisions.

Extended Service Set (ESS)

An ESS consists of multiple BSSs with a distribution system (DS). In an ESS, BSSs that have an overlapping transmission range use different frequencies.

Extended Service Set (ESS)

An ESS consists of multiple BSSs with a distribution system (DS). The graphic above is an example of an ESS. In an ESS, BSSs that have an overlapping transmission range use different frequencies.

Independent Basic Service Set (IBSS)

An IBSS is a set of STAs configured in ad hoc mode.

Station (STA)

An STA is a wireless NIC in an end device such as a laptop or wireless PDA. STA often refers to the device itself, not just the NIC.

Ad Hoc

An ad hoc network works in peer-to-peer mode without an access point. The wireless NICs in each host communicate directly with one another. An ad hoc network: > Uses a physical mesh topology with a logical bus topology. > Is cheap and easy to set up. > Cannot handle a large number of hosts. > Requires special modifications to reach wired networks. *You will typically only use an ad hoc network to create a temporary direct connection between two hosts.

Infrastructure

An infrastructure wireless network uses an access point (AP) that functions like a hub on an Ethernet network. Infrastructure networks have the following characteristics: > The network uses a physical star topology with a logical bus topology. > You can easily add hosts without increasing administrative efforts. > The AP can be connected to a wired network easily, allowing clients to access both wired and wireless hosts. > The placement and configuration of APs require planning to implement effectively. *You should implement an infrastructure network for all but the smallest of wireless networks.

Omnidirectional Antenna

An omnidirectional antenna disperses the radio frequency wave in an equal 360-degree pattern. This provides access to many clients in a radius.

Ant+

Ant+ is a protocol used to monitor sensor data. It uses a 2.4 GHz ISM band and has fast transmission rates. It is compatible with the mesh topology, but can also be used with the point-to-point, star, and tree topologies.

10.4.6 Wireless Site Survey Facts

As you conduct your site survey, keep the following in mind:

Internet of Things (IoT)

As you plan your network, remember to include other technologies that facilitate the Internet of Things (IoT), like home security and device data sharing. > Z-Wave is a wireless communication protocol that's broadly used in home security and home automation. If you have either of these systems, you probably use Z-Wave technology. It uses a mesh topology so that each device acts as a repeater. As you increase the number of devices you have, it increases the power of your signal. Unlike most newer wireless protocols, Z-Wave uses low-energy radio waves that are capable of little bandwidth. This is because devices that use Z-Wave are designed to need very little bandwidth to interact with each other. > Ant+ is a protocol used to monitor sensor data. It uses a 2.4 GHz ISM band and has fast transmission rates. Like the Z-Wave protocol, it's compatible with the mesh topology, but can also be used with the point-to-point, star, and tree topologies. It's been used for things like geocaching and health monitors. > Near-field communication (NFC) allows devices to communicate and share data with each other. It requires devices to be about four inches apart to communicate with each other. It's very common to see NFC used with cell phones and mobile pay applications. It's also used to pair devices that will then use other technologies to communicate.

10.1 Wireless Concepts

As you study this section, answer the following questions: > Under what circumstances might you choose an ad hoc wireless network? > What device is used to create an infrastructure wireless network? > How do wireless networks control media access? > What is the difference between a BSS and an ESS? > What do wireless clients use to identify a specific wireless access point? > How do multiple access points identify themselves as part of the same network? The key terms for this section include:

10.2 Wireless Standards

As you study this section, answer the following questions: > What are the differences between 802.11a and 802.11g specifications? > Devices that support the 802.11g standards are typically compatible with which other wireless standard? > How does MIMO differ from channel bonding? > Why is channel bonding typically not used with the 2.4 GHz range? > What happens when an 802.11a device connects to an access point that supports both 802.11n and 802.11a? What happens if the access point uses MIMO and supports dual band? > Which types of devices typically use Bluetooth wireless? In this section, you will learn to: > Configure Bluetooth Connections The key terms for this section include:

10.6 Wireless Security

As you study this section, answer the following questions: > What does open authentication use to authenticate a device? > Why is open authentication an unsecure solution? > Which two additional components are required to implement 802.1x authentication? > What is the difference between WPA Personal and WPA Enterprise? > How can geofencing protect your network? > Which default values should you always change on your wireless network? In this section, you will learn to: > Secure an Enterprise wireless network. The key terms for this section include:

10.3 Wireless Configuration

As you study this section, answer the following questions: > What information does the wireless profile contain? > What is the strongest encryption method? > How does a MAC access list help keep a network secure? > What is the purpose of a beacon? > How are wireless networks listed in the notification area? In this section, you will learn to: > Create a Home Wireless Network. > Secure a Home Wireless Network. > Configure Wireless Profiles. The key terms for this section include:

10.4 Wireless Network Design

As you study this section, answer the following questions: > What is device density? > What is the difference between received signal length and signal to noise ratio? > Which implementation automatically partitions a single broadcast domain into multiple VLANs? > What information is specified in a logical network diagram? > How do you measure the signal strength at a given distance from the access point? > What is the Z-Wave protocol commonly used for? In this section, you will learn to: > Design an Indoor Wireless Network. > Design an Outdoor Wireless Network. The key terms for this section include:

10.5 Wireless Network Implementation

As you study this section, answer the following questions: > What is the difference between a hub-and-spoke infrastructure and a distributed wireless mesh infrastructure? > What is a lightweight access point used for? > Which protocol is used to route frames back and forth between the wireless network and the wired LAN? > Which enterprise deployment has limited mobility and is difficult to manage? In this section, you will learn to: > Implement an Enterprise wireless network. The key terms for this section include:

10.7 Wireless Troubleshooting

As you study this section, answer the following questions: > Where is the best place to situate your wireless access point? > What types of objects might obstruct radio frequency wireless transmissions? > How many channels should separate two different wireless networks? > Which types of wireless networks require line-of-sight connections? > How do range and antenna placement affect wireless networks? > How does refraction affect your RF signal? In this section, you will learn to: > Optimize a wireless network. > Explore wireless network problems. > Troubleshoot wireless network problems. The key terms for this section include:

10.6.2 Wireless Security Facts

Authentication to wireless networks is implemented using the following methods:

Bandwidth Saturation

Bandwidth saturation is the point at which all of the available bandwidth on an internet connection has achieved maximum capacity and cannot pass any more data through the connection.

Wireless Network Implementation Facts

Be aware of the following regarding wireless network implementation. > Transmission speeds are affected by distance, obstructions (such as walls), and interference. > Maximum signal distance depends on several factors, including obstructions, antenna strength, and interference. For example, for communications in a typical environment (with one or two walls), the actual distance would be roughly half of the maximum. > Because transmission speeds decrease with distance, you can either achieve the maximum distance or the maximum speed, but not both. > Newer devices' ability to communicate with older devices depends on the capabilities of the transmit radios in the access point. - Some 802.11n devices are capable of transmitting at either 2.4 GHz or 5 GHz. However, a single radio cannot transmit at both frequencies at the same time. - Most 802.11g devices can transmit using DSSS, CCK, DQPSK, and DBPSK for backwards compatibility with 802.11b devices. However, the radio cannot transmit using both DSSS and OFDM at the same time. *When you connect a legacy device to the wireless network, all devices on the network operate at the legacy speed. For example, connecting an 802.11b device to an 802.11n or 802.11g access point slows down the network to 802.11b speeds. > A dual band access point can use one radio to transmit at one frequency and a different radio to transmit at a different frequency. For example, you can configure many 802.11n devices to use one radio to communicate at 5 GHz with 802.11a devices, and the remaining radios to use 2.4 GHz to communicate with 802.11n devices. Dual band 802.11a and 802.11g devices are also available. > When you configure an access point, some configuration utilities use the term mixed mode to designate a network with both 802.11n and non-802.11n clients. In this configuration, one radio transmitter is used for legacy clients, and the remaining radio transmitters are used for 802.11n clients. > Many 802.11n access points can support clients running other wireless standards (802.11a/b/g). When a mix of clients using different standards are connected, the access point must disable some 802.11n features to be compatible with non-802.11n devices, which decreases the effective speed. > Some newer 802.11a and 802.11g devices provide up to 108 Mbps using 802.11n pre-draft technologies (MIMO and channel bonding).

Devices

Below are some common devices that are used on a wireless network: > A wireless NIC sends and receives signals. > A wireless AP is the equivalent of an Ethernet hub. The wireless NICs connect to the AP, and the AP manages network communication. > A wireless bridge connects two wireless APs into a single network or connects a wireless AP to a wired network. Most APs include bridging features. *Many wireless APs include ports (hubs, switches, or routers) to connect the wireless network to the wired portion of the network.

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.) Infrared Bluetooth 802.11b 802.11a 802.3a

Bluetooth 802.11b Both the 802.11b and Bluetooth wireless standards use the 2.4 GHz RF range to transmit data. Cordless phones that operate at the same frequency can cause interference on the wireless network. Other devices, such as microwaves and electrical devices, may also cause interference. 802.11a uses the 5 GHz radio frequency, so they would not be affected by the 2.4 GHz phones used in the office. Infrared uses a light beam to connect computer and peripheral devices to create a personal area network (PAN).

Bluetooth

Bluetooth is designed to allow devices to communicate within a personal area network (PAN) of close proximity. PAN devices include cell phones, personal digital assistants (PDAs), printers, mice, and keyboards. Bluetooth: > Is designed for longer distances than IR and for lower power consumption. > Requires devices to be in discovery mode to find each other and synchronize. > Operates in the 2.4 GHz frequency range and uses adaptive frequency hopping (AFH). Eavesdropping on Bluetooth is difficult because it implements authentication and key derivation with custom algorithms based on the SAFER+ block cipher, and it uses the E0 stream cipher for encrypting packets. Bluetooth is one of the most secure protocols for mobile device communication, but it is still susceptible to the following attacks. Bluejacking is a harmless practice that anonymously sends business cards to a Bluetooth recipient within a distance of 10-100 meters, depending on the class of the Bluetooth device. The business cards usually include a flirtatious message to elicit a visual reaction from the recipient. An attacker will send multiple messages to the device if they think there is a chance the user will add him as a contact. Bluetooth devices are not susceptible to bluejacking if they are set to non-discoverable mode. Bluesnarfing is when an attacker gains unauthorized access to an existing Bluetooth connection between phones, desktops, laptops, or PDAs. Bluesnarfing allows access to the calendar, emails, text messages, and contact lists. Many Bluetooth devices have built-in features that prevent bluesnarfing, but it is still a known vulnerability. Bluebugging gives an attacker access to all mobile phone commands that use Bluetooth technology, such as initiating phone calls, sending and receiving messages, listening to phone calls, and reading and writing phonebook contacts. Only highly skilled individuals can perform bluebugging. Implement the following to mitigate Bluetooth risks: > Disable Bluetooth completely if it is not required. Bluetooth and the 802.11b wireless standard both operate on the same frequency range, which can lead to signal interference. > Turn off discovery mode if a Bluetooth connection is used on a mobile device.

Bluetooth

Bluetooth is the standard for short-range wireless interconnection and is designed to allow devices to communicate within a personal area network (PAN) of close proximity. PAN devices include cell phones, personal digital assistants (PDAs), printers, mice, and keyboards.

You are building a wireless network within and between two buildings. The buildings are separated by more than 3000 feet. The wireless network should meet the following requirements: Wireless data within Building 1 should be protected with the highest degree of security. Wireless data within Building 2 should be accessible and permitted by any wireless client. Wireless signals between Buildings 1 and 2 should be protected with the highest degree of security. Wireless signals within Buildings 1 and 2 should cover the whole structure, but not extend to the outside. For each location on the image below, you need to select the following: Antenna option Security option Drag the items from the list on the left to the location identifier on the right. Items may be used more than once. Not all items will be used.

Building 1 - Location A Right-facing directional antenna WPA2 with CCMP Building 1 - Location B Omni-directional antenna WPA2 with CCMP Building 1 - Location C Left-facing directional antenna WPA2 with CCMP Building 1 - Location D Right-facing high-gain directional antenna WPA2 with CCMP Building 2 - Location A Omni-directional antenna WEP with open authentication Building 2 - Location B Left-facing high-gain directional antenna WPA2 with CCMP Be aware of the following types of antennas: Directional antenna: Creates a narrow, focused signal in a particular direction. Focuses the signal to provide greater signal strength, thus increasing the transmission distance. Provides a stronger point-to-point connection, better equipping them to handle obstacles. A parabolic directional antenna is highly focused, sending and receiving signals in far greater distances than achieved with a typical directional antenna. Omni-directional antenna: Disperses the RF wave in an equal 360-degree pattern. Provides access to many clients in a radius. Be aware of the following types of security: Wired Equivalent Privacy (WEP) is an optional component of the 802.11 specifications, but is easily broken. When using WEP, use open authentication. Wi-Fi Protected Access 2 (WPA2) resolves the weaknesses inherent in WEP. WPA2 uses counter mode with the CBC-MAC protocol (CCMP), also known as AES-CCMP. Note that WPA2 does not use TKIP.

10.1.5 Practice Questions

CIST 1401

10.2.6 Practice Questions

CIST 1401

10.3.7 Practice Questions

CIST 1401

10.4.9 Practice Questions

CIST 1401

10.5.5 Practice Questions

CIST 1401

10.6.7 Practice Questions

CIST 1401

All of the 802.11 standards for wireless networking support which type of communication path sharing technology? Token passing CSMA/CD Polling CSMA/CA

CSMA/CA 802.11x standards for wireless networking all support the CSMA/CA (carrier sense multiple access with collision avoidance) type of communication path sharing technology. This CSMA/CA allows multiple baseband clients to share the same communication medium. CSMA/CA works as follows: 1. The system asks for permission to transmit. 2. A designated authority (such as a hub, router, or access point), grants access when the communication medium is free. 3. The system transmits data and waits for an ACK (acknowledgment). 4. If no ACK is received, the data is retransmitted. Polling is a mechanism where one system is labeled as the primary system. The primary system polls each secondary system in turn to inquire whether they have data to transmit. Token passing is a mechanism that uses a digital pass card. Only the system holding the token is allowed to communicate. CSMA/CD is the technology used by Ethernet. CSMA/CD works as follows: 1. The system listens for traffic. If the line is clear, the system begins transmitting. 2. During the transmission, the system listens for collisions. 3. If no collisions are detected, the communication succeeds. If collisions are detected, an interrupt jam signal is broadcast to stop all transmissions. Each system waits a random amount of time before starting over at step 1.

To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria: Non-overlapping Low utilization Low interference You performed a spectrum analysis to identify 2.4 GHz wireless channel utilization, as shown in the exhibit. (To read the spectrum analysis, imagine a line coming down from the center of the highest point of each wave. For example, the four waves whose crests are over channel 11 belong to channel 11.) Based on the results, which channel should you configure your wireless AP to use? Channel 11 Channel 3 Channel 8 Channel 6 Channel 1

Channel 1 You should use channel 1. Based on the results, the only channel that meets all the criteria is channel 1. Channels 3 and 8 overlap. Channel 6 is heavily utilized and would cause issues. Channel 11 isn't used as much as channel 6, but the signal interference is much stronger.

Channel Bonding

Channel bonding combines two non-overlapping 20 MHz channels into a single 40 MHz channel, resulting in slightly more than double the bandwidth.

Channel Bonding

Channel bonding combines two non-overlapping 20 MHz channels into a single 40 MHz channel, resulting in slightly more than double the bandwidth. > The 5 GHz range has a total of 23 channels, 12 of which are non-overlapping. This allows for a maximum of 6 non-overlapping bonded (combined) channels. > The 2.4 GHz range has a total of 11 channels, three of which are non-overlapping. This allows for a maximum of 1 non-overlapping channel. For this reason, channel bonding isn't usually practical for the 2.4 GHz range.

Channel Bonding

Channel bonding is used to combine even more channels in the 5 GHz band, allowing for up to 160 MHz wide channels. *Even though 160-MHz-wide channels are supported, most 802.11ac networks use 80-MHz-wide channels.

Match each wireless term or concept on the left with its associated description on the right. Each term may be used more than once; not all descriptions have a matching term.

Compares the level of the Wi-Fi signal to the level of background radio signals. Signal to noise ratio Checks channel utilization and identifies sources of RF inference. Spectrum analysis Identifies how strong a radio signal is at the receiver. Received signal level Identifies the number of useful bits delivered from the sender to the receiver. *BLANK* Causes multiple copies of the same radio signal to be received by the receiving antenna. Bounce Degrades wireless network performance. Device saturation You should be familiar with the following wireless networking concepts and terms: Bounce can cause multiple copies (one from each path) of the same signal to be received by the receiving antenna. Received Signal Level (RSL) identifies how strong the radio signal is at the receiver. The closer you are to the transmitter, the stronger the RSL. Signal to Noise Ratio (SNR) compares the level of the wireless network signal (RSL) to the level of background noise. A spectrum analysis is used to check channel utilization and to identify sources of RF inference at each location where you plan to deploy an access point. Device saturation occurs when the wireless network is fully utilized and can no longer support additional wireless clients. Adding more clients can severely degrade network performance.

You have configured a wireless access point to create a small network. For security, you have disabled SSID broadcast. From a client computer, you try to browse to find the access point. You see some other wireless networks in the area, but cannot see your network. What should you do? Set the channel on the client to match the channel used by the access point. Decrease the beacon interval on the access point. Configure a profile on the wireless client. Enable the wireless card on the client.

Configure a profile on the wireless client. When the SSID broadcast is turned off, you must manually configure a profile on the client computer to identify the SSID of the access point. If you disable the SSID broadcast, you must statically configure wireless devices with the SSID before they can connect because they will be unable to dynamically detect the SSID. A beacon is a frame that the access point sends out periodically. When you turn off SSID broadcast, you prevent the access point from including the SSID in the beacon. On the client, the channel is typically detected automatically and is configured to match the channel used by the access point. In this scenario, the wireless card on the client is already enabled because you can see other wireless networks in the area.

You are the wireless network administrator for your organization. As the size of the organization has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of using preshared keys. To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is a part of the complete solution.) Configure all RADIUS clients with a preshared key. Configure the RADIUS server with a server certificate. Configure all wireless workstations with client certificates. Configure the RADIUS server with a preshared key. Configure all wireless access points with client certificates.

Configure the RADIUS server with a server certificate. Configure all wireless access points with client certificates. When using 802.1x authentication for wireless networks, a RADIUS server is implemented to centralize authentication. A centralized authentication database is used to allow wireless clients to roam between cells and authenticate to each using the same account information. PKI is required for issuing certificates. At a minimum, the RADIUS server must have a server certificate; however, to support mutual authentication, each RADIUS client must also have a certificate. Remember that each wireless access point in a RADIUS solution is a RADIUS client, not the wireless devices. The wireless access points forward the credentials from wireless devices to the RADIUS server for authentication. Preshared keys are not used for authentication in an 802.1x solution.

Wireless Connection and Windows

Consider the following wireless connection details when using the Windows operating system. > When a wireless network adapter is installed and configured on the Windows computer, a wireless network icon appears in the notification area. > Some devices include a physical switch that turns the integrated wireless network adapter on or off. - When the adapter is in the on position, Windows automatically detects wireless networks that are broadcasting the SSID. - When the adapter is in the off position, no wireless networks are displayed as available. > Wireless networks are listed in order of signal strength in the wireless network icon in the notification area. > To connect to a listed network, select the network from the wireless network icon in the notification area and click Connect. - You will be prompted to supply a key value (if one is required) before connecting to secured networks. > To connect to a wireless network that is not broadcasting the SSID, you must create the wireless profile manually. You can: - Use the Manually Create A Network Profile option to set up each client individually with network information. - Use the Copy this network profile to a USB flash drive option to save wireless network settings to a USB flash drive. On each additional client, run the utility to copy the profile settings to the client.

Identify Key Design Considerations

Create an initial design document by laying out the network on paper. Identify key wireless network design considerations, such as: > Environmental conditions. > Physical RF obstructions that could disrupt a wireless radio signal. > Dynamic RF obstructions that are transient in nature. > Future construction that could disrupt an RF signal. > Sources of RF interference, both internal and external. > The availability of mounting points for networking hardware, such as poles, suspended tile ceilings, and so on. > Estimated bandwidth utilization requirements. > Zoning and permitting requirements. This is usually only required for outdoor deployments. Check your local laws for specific requirements. *Later, you will conduct a site survey to validate the initial design.

Disable DHCP

DHCP servers dynamically assign IP addresses, gateway addresses, subnet masks, and DNS addresses whenever a computer on the wireless network starts up. Disabling DHCP on the wireless APs allows only users with a valid, static IP address in the range to connect.

Which wireless networking component is used to connect multiple APs together? STA IBSS BSS DS

DS The distribution system (DS) is the backbone or LAN that connects multiple APs (and BSSs) together. The DS allows wireless clients to communicate with the wired network and with wireless clients in other cells. An IBSS is a set of STAs configured in ad hoc mode. A BSS, or cell, is the smallest unit of a wireless network. An STA is a wireless NIC in an end device such as a laptop or wireless PDA. The term STA often refers to the device itself, not just the NIC.

You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do? Create a wireless profile on the client. Decrease the beacon interval. Change the channel on the access point to a lower number. Enable SSID broadcast.

Decrease the beacon interval. A beacon is a frame that the access point sends out periodically. The beacon announces the access point and the characteristics of the network (such as the SSID, supported speeds, and the signaling method used). To improve access times, decrease the beacon interval. As long as clients are configured with the SSID, they will be able to locate access points even if the SSID is not broadcasted in the beacon. The beacon is still sent to announce the access point. Adding the SSID to the beacon does not change how often the beacon is broadcast.

Device Saturation

Device saturation is when the percentage of CPU time where I/O requests are issued to a device or the bandwidth utilization for the device is close to 100%.

You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. What type of wireless antennae should you use on each side of the link? (Select two.) Omni-directional Normal-gain Directional Bridge High-gain

Directional High-gain You should use high-gain directional antennae on each side of the link. A high-gain antenna usually has a gain rating of 12 dBi or higher. A highly directional antenna concentrates the radio waves transmitted from the sender in to a very narrow beam. When the receiver uses a directional antenna, it can only receive a signal from one specific direction. It supports very high-gain radio signals that can be transmitted over long distances, but it requires a clear line-of-sight (LOS) between the sender and the receiver. A normal-gain antenna usually has a gain rating between 2 and 9 dBi. An omnidirectional antenna radiates and absorbs signals equally in every direction around the antenna. Because it spreads its gain in a 360-degree pattern, the overall range of an omnidirectional antenna is typically much less than the range of a directional antenna. A directional antenna focuses its radiation and absorption of signals in a specific direction, but typically has a much shorter range than a parabolic antenna.

Which of the following measures will make your wireless network invisible to the casual attacker performing war driving? Change the default SSID Disable SSID broadcast Use a form of authentication other than open authentication Implement WPA2 Personal

Disable SSID broadcast Wireless access points are transceivers that transmit and receive information on a wireless network. Each access point has a service set ID (SSID) that identifies the wireless network. By default, access points broadcast the SSID to announce their presence and make it easy for clients to find and connect to the wireless network. Turn off the SSID broadcast to keep a wireless 802.11x network from being automatically discovered. When SSID broadcasting is turned off, users must know the SSID to connect to the wireless network. This helps to prevent casual attackers from connecting to the network, but any serious hacker with the right tools can still connect to the wireless network. Using authentication with WPA or WPA2 help prevent attackers from connecting to your wireless network, but does not hide the network. Changing the default SSID to a different value does not disable the SSID broadcast.

Which of the following enterprise wireless deployment models uses access points with enough intelligence to allow the creation of guest WLANs for keeping public wireless traffic separate from private traffic? Independent access points Hub-and-spoke infrastructure Distributed wireless mesh infrastructure Lightweight access point (LWAP) with wireless controller infrastructure

Distributed wireless mesh infrastructure A distributed wireless mesh architecture moves some of the network intelligence from the controller out to the individual access points. In this configuration, the controller is no longer a bottleneck. The APs are smart enough to communicate directly with each other to create more efficient data paths for network traffic. With the hub-and-spoke infrastructure, the individual access points contain very little embedded intelligence and are sometimes referred to as lightweight access points (LWAPs). Independent access points offer limited mobility and require the individual configuration of each AP.

Your wireless network consists of multiple 802.11n access points that are configured as follows: SSID (hidden): CorpNet Security: WPA2-PSK using AES Frequency: 5.7 GHz Bandwidth per channel: 20 MHz This network is required to support an ever-increasing number of devices. To ensure there is sufficient capacity, you want to maximize the available network bandwidth. What should you do? Implement antenna diversity. Switch to TKIP encryption. Upgrade to 802.11a access points. Double the bandwidth assigned per channel to 40 MHz.

Double the bandwidth assigned per channel to 40 MHz. 802.11n access points provide an option to allocate double the bandwidth per channel (increasing it to 40 MHz), which results in double the data rate. The 802.11a standard only supports data rates up to 54 Mbps, which is much slower than 802.11n. Antenna diversity implements multiple antennas to combat multipath interference and improve the reliability of a wireless link; however, it does not increase throughput. TKIP is considered less secure than AES and does not increase the throughput of a wireless network.

Spectrum Analysis and Channel Plan

During the survey, you should use a spectrum analyzer at different times of day to check channel utilization and to identify sources of RF inference at each location where you plan to deploy an access point. You can use freeware tools such as NetStumbler or Kismet to create a snapshot of wireless spectrum usage by nearby home and business networks, along with their proximity to your network. When you perform your spectrum analysis, you should record the number of other APs in the area and the channel utilization in the 2.4 and 5.x GHz bands to aid in channel planning. When you run your spectrum analysis, you should gather data at the heights where the AP will be installed and user devices will be located. A spectrum analyzer can determine the noise floor in the desired frequency range, allowing you to select the best available wireless channel. To determine the noise floor, identify the: > Received signal level (RSL), which identifies how strong the radio signal is at the receiver. The closer you are to the transmitter, the stronger the RSL. The farther away you are, the lower the RSL. > Signal to noise ratio (SNR), which compares the level of the wireless network signal (RSL) to the level of background noise (measured in decibels). - The number of other APs in the area. - Channel utilization in the 2.4 and 5.x GHz bands to aid in channel planning. *When running your spectrum analysis, you should gather data at the height where: - The AP will be installed. - User devices will be located. *A spectrum analyzer can determine the noise floor in the desired frequency range, allowing you to select the best available wireless channel. To do this, identify the: - Received Signal Level (RSL), which identifies how strong the radio signal is at the receiver. The closer you are to the transmitter, the stronger the RSL. The farther away you are, the lower the RSL. - Signal to Noise Ratio (SNR), which compares the level of the wireless network signal (RSL) to the level of background noise (measured in decibels). > An SNR higher than 1:1 indicates more signal than noise, which is desirable. The farther a receiver is from a transmitter, the lower the RSL and the SNR. If the RSL falls below the noise floor, connectivity is lost. > Using the spectrum analyzer data, develop a channel plan that will work in your environment. Be sure to identify all of the frequencies that will be used.

Which of the following features are supplied by WPA2 on a wireless network? Network identification Traffic filtering based on packet characteristics Client connection refusals based on MAC address A centralized access point for clients Encryption

Encryption Wi-Fi protected access (WPA) provides encryption and user authentication for wireless networks. MAC address filtering allows or rejects client connections based on the hardware address. The SSID is the network name or identifier. A wireless access point (called an AP or WAP) is the central connection point for wireless clients. A firewall allows or rejects packets based on packet characteristics (such as address, port, or protocol type).

Enable MAC Address Filtering

Every network board has a unique MAC address. By specifying which MAC addresses are allowed to connect to your network, you can prevent unauthorized MAC addresses from connecting to the AP. Configuring a MAC address filtering system is very time consuming and demands upkeep. *Attackers can still use tools to capture packets and retrieve valid MAC addresses. An attacker could spoof their wireless adapter's MAC address and circumvent the filter.

An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using AirSnort to capture packets, but found that she couldn't break the encryption. As an alternative, she used software to configure her laptop to function as an access point. She configured the fake access point with the same SSID as the wireless network she is trying to break into. When wireless clients connect to her access point, she presents them with a web page asking them to enter the WPA2 passphrase. When they do, she then uses it to connect a wireless client to the real access point. Which attack techniques did the attacker use in this scenario? (Select two.) Evil twin Pharming Denial of service Man-in-the-middle Smurf

Evil twin Pharming The attacker in this scenario used the following attack techniques: Evil twin: In this exploit, an attacker near a valid wireless access point installs an access point with the same (or similar) SSID. Pharming: In this exploit, the access point is configured to display a bogus web page that prompts for credentials, allowing the attacker to steal those credentials. Denial of service attacks overload a target system to the point that it can no longer perform its desired function on the network. A man-in-the-middle attack occurs when the attacker gets in between a sender and receiver, posing as the sender to the receiver and as the receiver to the sender. A Smurf attack is a type of denial of service attack that uses spoofed ICMP echo response packets from an amplifier network to overload a target host.

Clearly Identify Expectations

Expectations should be clearly set and managed to ensure that the network design will fulfill the criteria identified in the previous step. Continue to meet with all stakeholders regularly throughout the process to communicate status, discuss anticipated changes, and review expectations. Document all discussions and decisions.

Frequency Hopping Spread Spectrum (FHSS)

FHSS uses a narrow frequency band and hops data signals in a predictable sequence from frequency to frequency over a wide band of frequencies. > Because FHSS shifts automatically between frequencies, it can avoid interference that may be on a single frequency. > Hopping between frequencies increases transmission security by making eavesdropping and data capture more difficult.

Antenna Orientation

For radio frequency wireless devices, the antenna orientation might have a small effect on signal strength. There are two types of antennas that are commonly used in wireless networks, directional antennas and omindirectional antennas. > A directional antenna: Creates a narrow, focused signal in a particular direction, which increases the signal strength and transmission distance. Provides a stronger point-to-point connection. Is better equipped to handle obstacles. > An omnidirectional antenna: Disperses the RF wave in an equal 360-degree pattern. Provides access to many clients in a radius. *For devices such as infrared or satellite, the orientation of the receiving device is critical. For these types of devices, make sure the receivers have a line-of-sight path for communication.

802.11b

Frequency - 2.4 GHz (ISM) Max Speed - 11 Mbps Maximum Distance - 150 ft. Channels (Non-overlapped) - 11 (3) Modulation Technique - DSSS, CCK, DQPSK, DBPSK Backwards Compatibility - None

802.11g

Frequency - 2.4 GHz (ISM) Max Speed - 54 Mbps Maximum Distance - 150 ft. Channels (Non-overlapped) - 11 (3) Modulation Technique - DSSS (and others) at lower data rates | OFDM, QPSK, BPSK at higher data rates Backwards Compatibility - 802.11b

802.11n

Frequency - 2.4 GHz (ISM) or 5 GHz (U-NII) Max Speed - 600 Mbps Maximum Distance - 300 ft. Channels (Non-overlapped) - 2.4 GHz: 11 (3 or 1) | 5 GHz: 23 (12 or 6) Modulation Technique - OFDM (and others, depending on implementation) Backwards Compatibility - 802.11a/b/g, depending on implementation

802.11ac

Frequency - 5 GHz (U-NII) Max Speed - 1.3 Gbps Maximum Distance - 150 ft. Channels (Non-overlapped) - Depends on configuration Modulation Technique - OFDM Backwards Compatibility - 802.11b/g/n

802.11a

Frequency - 5 GHz (U-NII) Max Speed - 54 Mbps Maximum Distance - 100 ft. Channels (Non-overlapped) - 23 (12) Modulation Technique - OFDM Backwards Compatibility - N/A

Frequency Mismatch

Frequency mismatch is when devices on the network are not broadcasting on the same frequency.

Geofencing

Geofencing requires users to be in a physical location by using virtual boundaries, or fences, can add another layer of security to your network.

Which of the following is true of a wireless network SSID? Allows devices to find a specific AP within an ESS. Groups wireless devices together into the same logical network. Is used by STAs as they roam between APs. Is a 48-bit value that identifies an AP.

Groups wireless devices together into the same logical network. The SSID, also called the network name, groups wireless devices together into the same logical network. - All devices on the same network (within the BSS and ESS) must have the same SSID. - The SSID is a 32-bit value that is inserted into each frame. The SSID is case sensitive. - The SSID is sometimes called the ESSID (extended service set ID) or the BSSID (basic service set ID). In practice, each term means the same thing; however, SSIDs, ESSIDs, and BSSIDs are technically different.

You have been hired to design a wireless network for a SOHO environment. You are currently in the process of gathering network requirements from management. Which of the following questions should you ask? (Select three.) How many devices will need to be supported? What type of data will be transmitted on the network? Where can network hardware be mounted in the building? Is the size of the business expected to grow in the future? Are there microwaves or cordless phones that can cause interference?

How many devices will need to be supported? What type of data will be transmitted on the network? Is the size of the business expected to grow in the future? The first thing you do when designing a wireless network is gather network requirements. Meet with all stakeholders and decision-makers to discuss the implementations and gather detailed information. For example, you should: Identify the intended use of the wireless network. Identify the location of wireless service areas. Anticipate the number of wireless devices that need to be supported in each area. Discuss future network needs so that you can plan for expansion. Discuss data encryption and network security requirements. Mounting points or sources of interference should be considered in the network design phase, after all requirements have been gathered.

An access point that conforms to the IEEE 802.11b standard behaves similarly to what other networking device? Gateway Hub Patch bay Router Terminal

Hub An access point functions like a hub by connecting multiple wireless hosts to a wired Ethernet network.

Your wireless network consists of multiple 802.11n access points that are configured as follows: SSID (hidden): CorpNet Security: WPA2-PSK using AES Frequency: 5.75 GHz Bandwidth per channel: 40 MHz Because of the unique construction of your organization's facility, there are many locations that do not have a clear line of sight between network clients and access points. As a result, radio signals are reflected along multiple paths before finally being received. The result is distorted signals that interfere with each other. What should you do? Reduce the power of the access point radio signals. Install directional access points. Implement antenna diversity. Switch to RADIUS authentication for wireless clients.

Implement antenna diversity. Antenna diversity implements two or more radio antennae to improve the quality and reliability of a wireless link. In environments where there is no clear line of sight between transmitter and receiver, the radio signal is reflected along multiple paths before finally being received. This can introduce phase shifts, time delays, attenuation, and distortion that interfere with each another on the receiving antenna. You can rectify the situation by implementing antenna diversity two ways: Spatial diversity uses multiple antennas that are physically separated from one another. Pattern diversity uses two or more co-located antennas with different radiation patterns. Using a RADIUS authentication solution increases wireless network security, but it doesn't address the issue of multipath interference. Reducing radio power could help solve multipath interference issues in some situations, but it may make it worse in others. This is also true of directional access points.

Hub-and-Spoke

In a hub-and-spoke configuration, a wireless controller is connected to all APs through wired links. The individual APs contain very little embedded intelligence and are sometimes referred to as lightweight access points (LWAPs).

Hub-and-Spoke Infrastructure

In a hub-and-spoke configuration, a wireless controller is connected to all APs through wired links. The individual APs contain very little embedded intelligence and are sometimes referred to as lightweight access points (LWAPs). The wireless controller: > Manages all of the APs that are connected to it. Configuration changes are made once on the controller and are then pushed out to all connected APs. > Usually provides DHCP services to dynamically assign IP addressing information to wireless clients. > Connects the wireless network to the internal wired network. > Routes wireless traffic from the wireless network to the internal wired network (and vice versa). The hub-and-spoke infrastructure is more efficient and allows for much larger wireless networks. However, the controller itself becomes a bottleneck. All wireless data must pass through the controller, even if it is destined for another wireless host on the same wireless network. The APs are not able to communicate directly with each other; they can communicate only with the wireless controller. If the controller goes down, the entire wireless network will cease to function even if the APs remain functional.

Obstructions

In situations where there is no clear line of sight between transmitter and receiver due to obstructions (such as concrete, window film, or metal studs), the wireless signal is reflected along multiple paths before finally being received. This can cause phase shifts, time delays, and attenuation. To address this, use two or more antennas to increase the quality and reliability of a wireless link. There are two common antenna diversity implementations: > Spatial diversity uses multiple antennas that are physically separated from one another. > Pattern diversity uses two or more co-located antennas with different radiation patterns.

Independent Access Points

In the early days of wireless networking, large organizations implemented independent access points through their facilities. Each AP stood alone, providing separate wireless networks by using its own independent configuration. Independent APs offered limited mobility and were difficult to manage. To enable roaming using independent access points, you must configure all access points in the network: With the same SSID. To use the same channel. To function on the same IP subnet. If you don't do these things, then mobile devices must get a new IP address every time they move to a different AP, which disrupts connectivity.

Match each type of access point on the left with the wireless network architecture where it is commonly used on the right. Each type of access point may be used once, more than once, or not at all.

Independent access point infrastructure Intelligent AP Hub-and-spoke infrastructure Lightweight AP Distributed wireless mesh infrastructure Intelligent AP

Independent Access Points

Independent access points (APs) are where each AP stands alone, providing separate wireless networks by using its own independent configuration.

Atmospheric and EMI Conditions

Interference from weather or EMI can degrade the signal and cause service interruptions.

Jamming

Jamming is signal interference that is created intentionally by an attacker to make a wireless network impossible to use.

Jamming

Jamming is signal interference that is created intentionally by an attacker. Jamming's purpose is to make a wireless network impossible to use. The following are the most common jamming techniques. > Spark jamming is the most effective type of Wi-Fi interference attack. It repeatedly blasts receiving equipment with high-intensity, short-duration RF bursts at a rapid pace. Experienced RF signal technicians can usually identify this type of attack quickly because of the regular nature of the signal. > Random noise jamming produces radio signals using random amplitudes and frequencies. While not as effective as a spark attack, the random noise attack is harder to identify due to the intermittent jamming it produces and the random nature of the interference. In fact, this type of signal is frequently mistaken for normal background radio noise that occurs naturally. > Random pulse jamming uses radio signal pulses of random amplitude and frequency to interfere with a Wi-Fi network.

Latency

Latency on wireless networks is affected by several factors. Wireless communication operates in half-duplex (shared two-way communication). Devices can both send and receive, but not at the same time. Therefore, devices must take turns using the transmission channel. Typically, once a device begins receiving a signal, it must wait for the transmitter to stop transmitting before replying. An unstable wireless network signal can increase the processing that is performed on the signal by both the hardware and software.

Multiple-Input, Multiple-Output (MIMO)

MIMO increases bandwidth by using multiple antennas for both the transmitter and receiver.

Multiple-Input, Multiple-Output (MIMO)

MIMO increases bandwidth by using multiple antennas for both the transmitter and receiver. A system is described by the number of sending and receiving antennas. The 802.11n specifications allow up to four sending and four receiving antennas. The benefit of adding additional antennas declines as the number increases; going above 3x3 provides a negligible performance increase.

Multi-user MIMO(MU-MIMO)

MU-MIMO is an enhancement to MIMO that allows multiple users to use the same channel. In addition to adding MU-MIMO, 802.11ac doubled the number of MIMO radio streams from four to eight.

Multi-User MIMO (MU-MIMO)

MU-MIMO is an enhancement to MIMO that allows multiple users to use the same channel. In addition to adding MU-MIMO, 802.11ac doubled the number of MIMO radio streams from four to eight.

Match each wireless device on the left with its corresponding characteristics on the right. Each device may be used once, more than once, or not at all.

Manages all of the APs that are connected to it. Wireless controller Supports 30 to 50 wireless clients per access point. Wireless controller Provides NAT routing and an Ethernet switch in one device. Consumer-grade (SOHO) wireless router Supports a maxiumum of 5-10 wireless clients. Consumer-grade (SOHO) wireless router Pushes wireless configuration settings to connected access points. Wireless controller When you implement a wireless network, you should use the appropriate equipment for the type of deployment. The equipment used in an enterprise wireless network is very different from the wireless equipment used in homes or small businesses. For home or small business wireless networks, you typically use a consumer-grade SOHO wireless router that combines many functions into a single device, including a: Wireless access point Ethernet switch NAT router These devices work reasonably well in small environments. However, they have very limited capacity, typically supporting a maximum of 5-10 wireless clients at a time. If you connect more clients than this, the bandwidth of the entire wireless network is severely impacted. In a larger deployment, you must use high-end equipment designed to support a larger number of users. For example, a wireless controller is typically deployed that manages a large number of individual access points. A wireless controller: Manages all of the APs that are connected to it. Supports 30 to 50 wireless clients per access point. Some manufacturers' equipment can support up to 80 clients per access point. Pushes wireless configuration settings to connected access points.

Change Default SSID and Broadcast

Many manufacturers use a default SSID, so it's important to change your SSID from the default. You can also disable the SSID broadcast for further protection; this is known as SSID suppression, or cloaking. *Even if the SSID broadcast is turned off, a determined hacker can still identify the SSID by analyzing wireless broadcasts.

Conduct Initial RF Modeling and Mapping

Map and model the initial RF design on paper as follows: > Compile all available asset information. This includes existing mounting locations, network media, and network hardware. > Create an initial RF model. RF modeling is the process of identifying initial access point locations, assigning frequencies, and planning power levels.

Open Authentication

Means that the correct SSID is being used.

Gather Network Requirements

Meet with all stakeholders and decision makers to discuss the implementations and gather detailed information. For example, you should: > Identify the intended use of the wireless network. > Identify the location of wireless service areas. > Anticipate the number of wireless devices to be supported in each area. > Discuss future network needs so that you can plan for expansion. > Discuss data encryption and network security requirements.

Enable the Firewall on the AP

Most wireless APs come with a built-in firewall that connects the wireless network to a wired network.

Match the wireless networking term or concept on the left with its appropriate description on the right. Each term may be used once, more than once, or not at all.

Moving an wireless device between access points within the same wireless network. Roaming Used by Cisco wireless equipment to route frames back and forth between the wireless network and the wired LAN. LWAPP Specifies the number of clients that utilize the wireless network. Device density Automatically partitions a single broadcast domain into multiple VLANs. VLAN pooling Graphically displays wireless signal strength within an area. Heat map Connects two wired networks over a Wi-Fi network. Wireless bridge Identifies relative strength of a radio signal at the receiver. Heat map The number of useful bits delivered from sender to receiver within a specified amount of time. Goodput You should be familiar with the following wireless networking terms and concepts: Device density specifies the number of clients that utilize the wireless network. Roaming is moving an wireless device between access points within the same wireless network. The Lightweight Access Point Protocol (LWAPP) is used by Cisco wireless equipment to route frames back and forth between the wireless network and the wired LAN. VLAN pooling automatically partitions a single broadcast domain into multiple VLANs. A wireless bridge connects two wired networks over a Wi-Fi network. A heat map graphically displays the relative wireless signal strength within a wireless deployment. Goodput refers to the number of useful bits delivered from the sender to the receiver within a specified amount of time.

What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell? In common or community work areas Near a window Above the 3rd floor In the center of the building

Near a window The least secure location for a wireless cell access point is against a perimeter wall. Placement near a window would be the worst option from this list of selections. For the best security, access points that use directional antennae would be a more appropriate choice for placement near an exterior wall. This placement reduces the likelihood that the wireless cell's access radius will extend outside of the physical borders of your environment. It is important to place wireless cell access points where they are needed, such as in a common or community work area.

Near-Field Communication (NFC)

Near-field communication (NFC) allows devices to communicate and share data with each other. It requires devices to be about four inches apart to communicate with each other. It's very common to see NFC used with cell phones and mobile pay applications.

You are an administrator of a growing network. You notice the network you have created is broadcasting, but you cannot ping systems on different segments of your network. What device should you use to fix this issue? Range extender Access point Network bridge Network hub

Network bridge A network bridge is used to connect different segments of a network. A range extender increases the strength of a signal or widen the range a network can reach. An access point is used to broadcast the wireless network so users can access the network. A network hub is not very common today, but acts as a simple device that pushes data or traffic through to all users connected to the hub and would not be a good tool for connecting network segments.

Distributed Wireless Mesh Infrastructure

Newer wireless networks can be deployed using a distributed wireless mesh architecture. These networks still use a controller, but they move some of the network intelligence from the controller out to the individual APs.

Distributed Wireless Mesh Infrastructure

Newer wireless networks can be deployed using a distributed wireless mesh architecture. These networks still use a controller, but they move some of the network intelligence from the controller out to the individual APs. In this configuration, the controller is no longer a bottleneck. The APs are smart enough to communicate directly with each other to create more efficient data paths for network traffic. For example, if one wireless host needs to send data to another wireless host, the data moves from AP to AP using wireless links until it reaches the destination host. The controller is still used to manage, direct, and scale the network, but the work of moving data as efficiently as possible through the wireless LAN is taken care of by the individual APs. Because the links are wireless instead of wired, the APs can quickly re-associate themselves with a different wireless controller if its primary controller becomes unavailable for some reason. Many vendors allow you to configure each AP with primary, secondary, and tertiary wireless controllers to provide a high degree of redundancy. As with the hub-and-spoke architecture, a wireless controller in a distributed mesh deployment is usually the gateway to the wired network. It routes data from the wireless network to the wired network, and vice versa. For example, on Cisco wireless equipment the lightweight access point protocol (LWAPP) is used to route frames back and forth between the wireless network and the wired LAN.

Orthogonal Frequency-Division Multiplexing (OFDM)

OFDM breaks data into very small data streams to send the information across long distances where environmental obstacles may be an issue. OFDM: > Modulates adjacent radio signals orthogonally, meaning a linear transfer that preserves length and distance. This allows for a very large number of small data streams in a single frequency. > Reduces the effects of signal interference caused by environmental obstacles such as walls or buildings. > Is used by 802.11g/a/n and ac wireless networks to achieve higher transfer speeds.

You are setting up a wireless hotspot in a local coffee shop. For best results, you want to disperse the radio signals evenly throughout the coffee shop. Which of the following antenna types would you use on the AP to provide a 360-degree dispersed wave pattern? Multi-point Uni-directional Omni-directional Directional Multi-directional

Omni-directional An omni-directional antenna provides a 360-degree dispersed wave pattern. In this configuration, signals are dispersed evenly in all directions, making this antenna well suited for environments where clients are accessing the network from various locations, such as coffee shops. A dispersed wireless signal is weaker and, therefore, is restricted to shorter signal distances. A directional wireless antenna focuses a signal in a particular direction. The focused signal allows for greater transmission distances and a stronger signal. Directional antennas are sometimes used to establish a wireless point-to-point connection where greater transmission distances are often required.

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication? On the wireless access point On a certificate authority (CA) On the wireless access point and each wireless device On a RADIUS server

On a RADIUS server 802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients. Authentication requests received by the wireless access point are passed to a RADIUS server that validates the logon credentials (such as the username and password). If you are using preshared keys for authentication, configure the same key on the wireless access point and each wireless device. A CA is required to issue a certificate to the RADIUS server. The certificate proves the identity of the RADIUS server or can be used to issue certificates to individual clients.

You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point? In the basement Near the backup generators On the top floor In the kitchen area

On the top floor In general, place access points high up to avoid interference problems caused by going through building foundations. Do not place the access point next to sources of interference such as other wireless transmitting devices (cordless phones or microwaves) or other sources of interference (motors or generators).

Open

Open authentication requires that clients provide a MAC address in order to connect to the wireless network. > You can use open authentication to allow any wireless client to connect to the AP. Open authentication is typically used on public networks. > You can implement MAC address filtering to restrict access to the AP to only known (or allowed) MAC addresses. *Because MAC addresses are easily spoofed, this provides little practical security.

You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer, and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems? The SSIDs of the two server systems match. The SSIDs of the two client systems match. Crosstalk between the RF signals. WEP overlap. Overlapping channels.

Overlapping channels. Overlapping wireless networks should use different channels to ensure that they do not conflict with each other. In this case, each WAP is using the default channel which, by default, is the same for each WAP. The solution to the problem would be to configure different channels for each access point. To configure client connectivity, the wireless client and the access point must share the same SSID, channel, and WEP encryption strength. In this case, the SSIDs were changed for each station, so they are not the problem.

Packet Sniffing

Packet sniffing (also known as eavesdropping) is the interception and decoding of wireless transmissions.

Packet Sniffing

Packet sniffing (also known as eavesdropping) is the interception and decoding of wireless transmissions. Wireless transmissions are easily intercepted. Encrypt all data transmitted through your AP to mitigate threats from packet sniffing.

Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building? Place access points above where most clients are. Place access points near outside walls. Place access points in the basement. Place multiple access points in the same area.

Place access points above where most clients are. Follow a few guidelines for placing wireless access points: Devices often get better reception from access points that are above or below. If possible, place access points higher up to avoid interference problems caused by going through building foundations. For security reasons, do not place APs near outside walls. The signal will extend outside beyond the walls. Placing the AP in the center of the building decreases the range of the signals available outside of the building. When using multiple access points, place access points evenly through the area, taking care to minimize the overlap of the broadcast area while ensuring adequate coverage for all areas.

Core Network Planning

Plan out the core network. You should identify the IP addressing scheme and the VLAN configuration. Avoid a VLAN configuration that has a large number of wireless clients in the same VLAN because it will likely result in an excessive amount of broadcast traffic. To remedy this situation, you can: > Create multiple, smaller VLANs. This will reduce broadcast traffic, but it will also require additional routers to route traffic between VLANs. > Implement VLAN pooling. In this configuration, each wireless client is randomly assigned a VLAN from a pool of VLANs on the same SSID. This strategy automatically partitions a single broadcast domain into multiple VLANs. >Use this information to create a logical network diagram that can be used during the actual deployment of the wireless network.

You have a small wireless network that uses multiple access points. The network uses WPA and broadcasts the SSID. WPA2 is not supported by the wireless access points. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop? (Select two.) Preshared key BSSID AES encryption Channel TKIP encryption

Preshared key TKIP encryption To connect to the wireless network using WPA, you need to use a preshared key and TKIP encryption. A preshared key used with WPA is known as WPA-PSK or WPA Personal. AES encryption is used by WPA2. The channel is automatically detected by the client. The basic service set identifier (BSSID) is a 48-bit value that identifies an AP in an infrastructure network or a STP in an ad hoc network. The client automatically reads the BSSID and uses it to keep track of APs as they roam between cells.

You want to implement 802.1x authentication on your wireless network. Which of the following will be required? WPA TKIP WPA2 RADIUS

RADIUS

Radio Frequency (RF)

Radio frequency (RF) refers to the rate of oscillation of electromagnetic radio waves in the range of 3 kHz to 300 GHz, as well as the alternating currents carrying the radio signals. This is the frequency band that is used for communications transmission and broadcasting.

Refraction

Refraction is when radio waves pass through objects of different densities and cause the signal to bend or change speeds.

Refraction

Refraction is when radio waves pass through objects of different densities, which cause the signal to bend or change speeds.

10.7.3 Wireless Network Troubleshooting Facts

Regardless of the type of wireless network you use, the actual transmission speed will likely be less than the rated speed. This is because various factors cause a degradation of the signal. If a single connection drops below 2 Mbps, the connection could be terminated. If you are having trouble establishing or keeping a wireless connection, consider the factors in the following table.

You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360-dispersed RF wave design. After installation, the signal between the two systems is weak, as many obstacles interfere with the signal. Which of the following strategies could you try to increase signal strength? Increase the RF power on the isotropic antenna. Replace the directional antenna with an omni-directional antenna. Increase the RF setting on the AP. Replace the omni-directional antenna with a directional antenna. Increase the RF setting on the client system.

Replace the omni-directional antenna with a directional antenna. A directional antenna is designed to create a narrow, focused signal in a particular direction. This focused signal provides greater signal strength between two points and increases the distance that the signal can travel. Because directional antennas provide a stronger point-to-point connection, they are better equipped to handle obstacles that may be in the way of the signal. The default antenna used with this configuration is an omni-directional antenna that disperses the RF wave in an equal 360-degree pattern. This antenna is commonly used to provide access to many clients in a radius.

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this? Rogue access point Man-in-the-middle Social engineering Phishing Physical security

Rogue access point A rogue access point is an unauthorized access point added to a network or an access point that is configured to mimic a valid access point. Examples include: An attacker or an employee with access to the wired network installs a wireless access point on a free port. The access port then provides a method for remotely accessing the network. An attacker near a valid wireless access point installs an access point with the same (or similar) SSID. The access point is configured to prompt for credentials, allowing the attacker to steal those credentials or use them in a man-in-the-middle attack to connect to the valid wireless access point. An attacker configures a wireless access point in a public location, then monitors traffic of those who connect to the access point. A man-in-the-middle attack is used to intercept information passing between two communication partners. A rogue access point might be used to initiate a man-in-the-middle attack, but in this case the rogue access point was connected without malicious intent. Social engineering exploits human nature by convincing someone to reveal information or perform an activity. Phishing uses an email and a spoofed website to gain sensitive information.

You want to connect your client computer to a wireless access point that is connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client? (Select three.) TKIP Username and password Channel SSID AES Preshared key

SSID AES Preshared key WPA2 Personal uses a shared key for authentication. Once authenticated, dynamic keys are generated to be used for encryption. WPA2 supports AES and TKIP encryption, with AES being the stronger encryption method. With the SSID broadcast turned off, you will need to manually configure the SSID on the client. Channels are detected automatically as well. If you were using WPA2 Enterprise, you would need to configure the authentication method, such as a username and password or a smart card.

You have physically added a wireless access point to your network and installed a wireless networking card in two laptops running Windows. Neither laptop can find the network, and you have come to the conclusion that you must manually configure the wireless access point (AP). Which of the following values uniquely identifies the network AP? WEP PS Channel SSID

SSID The SSID (service set identifier) identifies the wireless network. All PCs and access points in a LAN share the same SSID. WEP (Wired equivalent privacy) is used to add a layer of security to the transmission, while the channel identifies the frequency that the card and AP will communicate on.

Which of the following wireless network protection methods prevents the broadcasting of the wireless network name? 802.1x SSID broadcast MAC filtering Shared secret key

SSID broadcast

You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point and have the ability to roam between the two access points. How should you configure the access points? Same SSID, same channel Same SSID, different channel Different SSID, same channel Different SSID, different channel

Same SSID, different channel When you configure multiple access points as part of the same extended service set (ESS), configure both access points with the same service set identifier (SSID). The SSID is like a network name and groups wireless devices together into the same logical network. All devices, including wireless clients, use the same SSID. Wireless access points that are in the same area should use different channels. If the channels are the same or overlap, devices connected to one access point might interfere with devices connected to the other access point in locations where the signal overlaps.

Mobile devices in your organization use the access points shown in the figure below to connect to your wireless network. Recently, a catastrophic early morning power surge occurred. It was followed by an outage that lasted longer than your backup equipment could supply temporary power. After you powered the equipment back on, everything initially appeared to work correctly. However, ever since this event, some mobile users report that wireless network connections sometimes get dropped or perform very poorly. What should you do? (Select two.) Set the channel used by access point B to 8. Configure each access point to use a different SSID. Set the channel used by access point A to 5. Set access point B to use 802.11n wireless networking. Configure each access point to use 802.1x authentication. Set the channel used by access point B to 11. Set the channel used by access point C to 7. Set access points A and C to use 802.11b wireless networking.

Set access point B to use 802.11n wireless networking. Set the channel used by access point B to 11. During the power surge and/or power outage, some of the configuration settings on access point B were lost or reset to default values. To fix the issues users are experiencing, you need to: Set access point B to use 802.11n wireless networking. This will rectify the poor performance users are experiencing while accessing the wireless network through access point B. Set the channel used by access point B to 11. 2.4 GHz channels overlap. In this scenario, the channel used by access point B (4) overlaps with the channels used by access points A (1) and C (6). This will rectify the dropped connections users are experiencing. Channels 5, 7, and 8 overlap with channel 6, so setting any access point to these channels will cause a conflict with access point C. Using the same SSID on all access points allows users to roam about the facility and stay connected to the same wireless network. While using 802.1x authentication would make the wireless network more secure, it will not address the issues users are experiencing. Configuring access points A and C to use 802.11b will cause all users to experience poor network performance.

Wireless On/Off Switch

Some portable devices have a physical wireless switch on the outside of the device. The wireless switch turns the device's integrated wireless network adapter on and off. When adapter is in the off position, no wireless networks are displayed as available.

Data Emanation

Specific threats associated with data emanation (wireless signals extending beyond the intended area of coverage) include the following: > Wardriving is a technique that hackers use to find wireless networks. They use detection tools that locate wireless APs within an area even if the SSID broadcast has been disabled. Once a wireless network is detected, it is often easy for hackers to gain access to it, even if they are not physically present in your building or even on your property. > Warchalking is when marks that indicate the presence of a wireless network are drawn outside of buildings. Attackers might use these marks to alert others of open or secured wireless networks. Businesses might even use these marks to advertise their free wireless networks. To mitigate and protect your network against data emanation threats: > Do not place APs near outside walls. > Conduct a site survey to identify the coverage area of and optimal placement for wireless APs. This helps prevent signals from going beyond identified boundaries. A site survey uses tools to identify the presence and strength of wireless transmissions. > Implement a Faraday cage or Faraday shield. A Faraday cage is an enclosure that prevents radio frequency signals from emanating out of a controlled environment. It is made of conducting material or a mesh of conducting material that blocks external static electrical fields. Unfortunately, Faraday cages can also prevent cell phone usage. > Encrypt all data transmitted through your AP. > Use firewalls on each network AP.

Channel Interference

The 2.4 GHz frequency range is divided into 11 channels, and each channel has some overlap with the channels next to it. You might experience problems with your wireless network when other devices are trying to use the same or adjacent channels. There are also numerous devices that operate in the 2.4 GHz and 5 GHz ranges, which can create background noise and additional interference. > Cordless telephones that operate in the 2.4 GHz range (900 MHz cordless phones do not cause interference) > Other APs in the area (for example, each of your neighbors might have a wireless network, with each configured to use a similar channel) > Microwave ovens > Bluetooth devices > Wireless game controllers To avoid interference, try changing the channel used on the AP. If the area has different wireless networks, configure each with a different channel, with at least two channels separating the channels in use. For example, you might use channels 1, 6, and 11. The strength of your Wi-Fi signal compared to the level of background noise is known as the signal-to-noise ratio (SNR). If the SNR is low, your wireless network will have problems with interference.

Basic Service Set Identifier (BSSID)

The BSSID is a 48-bit value that identifies an AP in an infrastructure network or an STA in an ad hoc network. The BSSID allows devices to find a specific AP within an ESS that has multiple access points, and STAs use it to keep track of APs as they roam between BSSs. The BSSID is the MAC address of the AP and is set automatically.

Basic Service Set Identifier (BSSID)

The BSSID is a 48-bit value that identifies an AP in an infrastructure network or an STA in an ad hoc network. The BSSID allows devices to find a specific AP within an ESS that has multiple access points, and STAs use it to keep track of APs as they roam between BSSs. The BSSID is the MAC address of the AP and is set automatically. *Do not confuse the BSSID with the SSID. They are not the same thing.

Distribution System (DS)

The DS is the LAN that connects multiple APs (and BSSs) together. The DS allows wireless clients to communicate with the wired network and with wireless clients in other cells.

Distribution System (DS)

The DS is the backbone or LAN that connects multiple APs (and BSSs) together. The DS allows wireless clients to communicate with the wired network and with wireless clients in other cells.

Set the SSID

The SSID is also referred to as the network name. > All devices on the same network must use the same SSID. > The SSID is case sensitive. > To provide some level of security, consider using a cryptic name for the SSID. Using your business name for your network SSID makes it too easy to identify the network owner and could help hackers gain access.

Service Set Identifier (SSID)

The SSID, also called the network name, groups wireless devices into the same logical network.

Service Set Identifier (SSID)

The SSID, also called the network name, groups wireless devices together into the same logical network. > All devices on the same network (within the BSS and ESS) must have the same SSID. > The SSID is a 32-character value that is inserted into each frame. The SSID is case sensitive. > The SSID is sometimes called the ESSID (extended service set ID) or the BSSID (basic service set ID). In practice, each term means the same thing; however, they are technically different. *Using the term BSSID to describe the SSID of a BSS is technically incorrect.

A user on your network has been moved to another office down the hall. After the move, she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem? The client system has moved too far away from the access point. An SSID mismatch between the client and the WAP. The client has incorrect WEP settings. An SSID mismatch between the client and the server. The encryption level has been erroneously set back to the default setting.

The client system has moved too far away from the access point. In this case, the wireless client system has had no problems accessing the wireless access point until she moves to the new office. In some cases, moving a system will cause signal loss either from the increased distance away from the WAP or from unexpected interference by such things as concrete walls or steel doors. There are several ways to correct the problem, including reducing the physical distance to the client, using a wireless amplifier, upgrading the antennae on the wireless devices, or adding another WAP to the infrastructure. Because the client could previously access the WAP and still has occasional access, it is likely that the move was the cause of the problem and not any configuration setting on the client system.

Data Emanation

The electromagnetic field generated by a network cable or network device, such as wireless router, which can be manipulated in order to eavesdrop on conversations or steal data.

10.1.4 Wireless Infrastructure Facts

The following diagram shows a sample enterprise wireless network operating in infrastructure mode.

10.6.4 Wireless Attack Facts

The following table describes security attacks that wireless networks are vulnerable to.

Wireless Standards

The following table describes the various wireless standards and their specifications.

Internet of Things (IoT)

The internet of things is the network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators, and connectivity. These embedded features enable these things to connect, collect, and exchange data.

AP Placement

The location of the AP can affect signal strength and network access. Keep in mind the following: > Omnidirectional antennas broadcast radio waves in every direction, so the AP should be located in the middle of the area that needs network access. > Devices often get better reception from APs that are above or below them. > In general, placing APs higher up prevents interference problems caused by going through building foundations. > For security reasons, APs should not be placed near outside walls. The signal will emanate beyond the walls. Placing the AP in the center of the building decreases the range of the signals available outside of the building.

Incorrect Configuration

The most common source of problems with wireless networking is incorrect configuration. Before considering other problems, verify that the correct SSID and WPA keys have been configured. Remember that WPA keys are not case sensitive, but passphrases are case sensitive. In the case of a standalone (or thick) configuration, make sure each individual AP is properly configured. With a controller-based (or thin) configuration, make sure each AP can communicate with the wireless controller. A similar form of an incorrect configuration is trying to access a wireless network that uses one standard, perhaps 802.11a, with a wireless card that supports a different standard, like 802.11b or 802.11g.

Select the Network Mode

The network mode you choose depends on the type of clients that will connect to your network. For the 5 GHz band, you can typically select: > Mixed, which supports connections from > 802.11a or 802.11n clients > 802-11a only > 802.11-11n only > Disabled For the 2.4 GHz band, you can typically select: > Mixed > 802.11-B/G only > 802.11-B only > 802.11-G only > 802.11-N only > Disabled

10.2.5 Wireless Standards Facts

The original 802.11 specification operated in the 2.4 GHz range and provided up to 2 Mbps transfer speeds. Since then, additional IEEE subcommittees have further refined wireless networking.

Configure the Region (AP only)

The region identifies the physical area where the AP operates.

Testing Procedure

The site survey test procedure involves the following tasks: > Mount > Align > Test > Move > Test > Perform a spectrum analysis While testing, you should measure goodput. Goodput refers to the number of useful bits delivered from the sender to the receiver over the wireless network connection. Errors due to lost, corrupt, or dropped packets require retransmission and reduce the goodput of the connection. Part of your testing is to measure goodput.

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee room two floors above the floor where she normally works. What is the most likely cause of her connectivity problem? The user has not yet rebooted her laptop computer while at her new location. The user has not yet logged off and back on to the network while at her new location. The wireless network access point on the user's normal floor has failed. The user is out of the effective range of the wireless access point on her floor. The user needs a new IP address because she is working on a different floor.

The user is out of the effective range of the wireless access point on her floor. Because the user is only experiencing intermittent problems, the most likely cause is that she is out of the effective range of the wireless network access point. All of the other answers listed may be appropriate if the user was unable to connect to the network at all. However, as the user is experiencing only intermittent problems, none of the other answers is likely to cure the problem.

Wireless Network Components

The various components of a wireless network are described in the following table:

Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: A wireless television distribution system running at 2.4 GHz A wireless phone system running at 5.8 GHz A wireless phone system running at 900 MHz An 802.11a wireless network running in the 5.725 - 5.850 GHz frequency range An 802.11j wireless network running in the 4.9 - 5.0 GHz frequency range Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame? The 900 MHz wireless phone system The wireless TV system The 802.11j wireless network The 802.11a wireless network The 5.8 GHz wireless phone system

The wireless TV system Because the 802.11b standard operates within the 2.4 GHz to 2.4835 GHz radio frequency range, the most likely culprit is the wireless TV distribution system.

10.4.4 Wireless Network Design Facts

The wireless network design process is composed of the following steps:

What is the risk associated with smart technology used in networked devices such as smart refrigerators, environmental controls, or industrial equipment? They are vulnerable to exploits due to weaker security. They are not physically secure, so they can be reconfigured by anyone who has access to them. They use redundant paths for fault tolerance that can cause message loops to develop on the network. They are not compatible with routing protocols, which causes a burden on network bandwidth.

They are vulnerable to exploits due to weaker security. Devices with embedded smart technology are not designed to be customized or directly configured by system administrators. For example, you cannot install anti-malware software on a smart TV. Because of this weaker security, smart technology devices are vulnerable to exploits and attacks.

What purposes does a wireless site survey fulfill? (Choose two.) To identify the coverage area and preferred placement of access points. To document existing infrared traffic in the 5.4 GHz spectrum. To identify existing or potential sources of interference. To identify the recommended 100 degree separation angle for alternating access points.

To identify the coverage area and preferred placement of access points. To identify existing or potential sources of interference. Wireless site surveys provide layout and design parameters for access point coverage and placement. Site surveys can also identify rogue access points and other forms of interference that reduce security and prevent the proper operation of authorized network devices. Radio frequency spectrum and protocol analyzers are used to conduct the surveys.

10.3.2 Wireless Configuration Tasks

To set up a wireless network, configure the wireless APs, network bridges, wireless range extenders, and wireless NICs. Most APs are configured to work right out of the box. However, you may need to perform some configuration to customize settings or enable security. > Most APs have at least one wired port that you can use to connect to the AP and perform configuration tasks. Many come with a simple web interface that you can use to perform initial configuration tasks. > Determine if you will require a bridge to connect different segments of your network. > If your wireless network is not reaching where you need it to, then you may need a wireless range extender to increase the range of your network. > Depending on the operating system, wireless NICs might be configured automatically, or you might need to install special software before (or after) installing the hardware in the computer. Consult the NIC documentation to identify the necessary installation steps.

Untested Updates

Untested updates are updates that have not been tested in a test environment on your network before you applied them to your network. You should never deploy an update that you have not tested on your network first.

Update the Firmware

Update the firmware on the AP from the manufacturer's website frequently to prevent your system from being exposed to known bugs and security vulnerabilities. *While it's extremely important to keep your devices up to date, it's just as important to properly test new updates before pushing them out to the entire network. Proper testing will save you the headache of troubleshooting new bugs or problems on the live network that the update may have introduced.

While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks? Use a different channel ID. Use the same channel ID, but configure your wireless network to use WEP. Use 802.11b instead of 802.11g. Use the same channel ID, but configure a different SSID.

Use a different channel ID. Overlapping wireless networks should use different channels to ensure that they do not conflict with each other. Even though you should use a different SSID anyway, you would also need to configure a different channel for each of the wireless networks. Using 802.11b instead of 802.11g would not avoid a conflict between the networks and would limit the speed of the wireless network to 11Mbps as opposed to 54Mbps available with 802.11g. Using Wired Equivalent Privacy (WEP) is a prudent security measure; however, it does not prevent the conflicts that can occur with overlapping wireless networks that use the same channel ID.

How to Configure Wireless Devices

Use the following steps to configure wireless devices on your network.

Match the wireless signaling method on the left with its definition on the right. (Not all of the signaling methods match a definition.)

Uses a narrow frequency band and hops data signals in a predictable sequence FHSS Breaks data into pieces and sends the pieces across multiple frequencies in a defined range. DSSS Breaks data into very small data streams in order to send the information across long distances. OFDM

Equipment List

Using the network diagram you have created, identify the equipment you need: > How many wireless controllers are necessary. > How many access points are necessary. > What media needs to be implemented. Use this information to generate an equipment list. If you think spare devices will be required, account for them in the list.

Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients? WEP, WPA Personal, and WPA2 Personal WPA Enterprise and WPA2 Enterprise WPA Personal and WPA2 Enterprise WEP, WPA Personal, WPA Enterprise, WPA2 Personal, and WPA2 Enterprise

WEP, WPA Personal, and WPA2 Personal Shared key authentication can be used with WEP, WPA, and WPA2. Shared key authentication used with WPA and WPA2 is often called WPA Peronal or WPA2 Personal. WPA Enterprise and WPA2 Enterprise use 802.1x for authentication. 802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients.

Which of the following protocols or mechanisms is used to provide security on a wireless network? (Select three.) WPA RDP 802.1x IPsec

WPA 802.1x IPsec Remote Desktop Protocol (RDP) is used by Microsoft Windows Terminal Services applications, such as Remote Desktop. It is not used to provide security on wireless networks. IPsec is an encryption and authentication mechanism designed to provide security for the TCP/IP protocol suite. It is often used on wireless networks to ensure data integrity and authenticity. Wi-Fi Protected Access (WPA) is a robust security protocol designed to provide additional security to wireless networks. WPA authenticates devices to the wireless network and provides encryption services to protect data as it travels across the wireless network. 802.1x is an authentication mechanism for wireless networks. 802.1x generally uses a Remote Authentication Dial-In User Service (RADIUS) server to authenticate users to the wireless network.

Which of the following provides security for wireless networks? 802.3u WPA CSMA/CD 802.11a WAP

WPA Wi-Fi protected access (WPA) provides encryption and user authentication for wireless networks. Wired equivalent privacy (WEP) also provides security, but WPA is considered more secure than WEP. A wireless access point (WAP) is a hardware device like a switch that provides access to the wireless network. 802.11a is a wireless networking standard that defines the signal characteristics for communicating on the wireless network. CSMA/CD is a media access control method that controls when a device can communicate on the network.

Wi-Fi Protected Access (WPA)

WPA is the implementation name for wireless security based on initial 802.11i drafts that was deployed in 2003. It was intended to be an intermediate measure to take the place of WEP while a fully secured system (802.11i) was prepared. WPA: > Uses Temporal Key Integrity Protocol (TKIP) for encryption. > Supports both pre-shared key (WPA-PSK or WPA Personal) and 802.1x (WPA Enterprise) authentication. > Can use dynamic keys or pre-shared keys. > Can typically be implemented in WEP-capable devices through a software/firmware update. *WPA keys can also be predicted by reconstructing the Message Integrity Check (MIC) of an intercepted packet, sending the packet to an AP, and observing whether the packet is accepted by the AP.

Wi-Fi Protected Access 2 (WPA2) or 802.11i

WPA2 is the implementation name for wireless security that adheres to the 802.11i specifications. It was deployed in 2005. It is built upon the idea of Robust Secure Networks (RSN). Like WPA, it resolves the weaknesses inherent in WEP; it is intended to eventually replace both WEP and WPA. WPA2: > Uses Advanced Encryption Standard (AES) as the encryption method. It is similar to (yet more secure than) TKIP but requires special hardware for performing encryption. > Uses Counter Mode with CBC-MAC Protocol (CCMP), also known as AES-CCMP. > Supports both pre-shared key (WPA2-PSK or WPA2 Personal) and 802.1x (WPA2 Enterprise) authentication. Can use dynamic keys or pre-shared keys. *WPA2 has the same advantages over WEP as WPA. While WPA2 is more secure than WPA, its main disadvantage is that it requires new hardware for implementation. *When transmitting data on a wireless network, it's important to know if the channel you are using is encrypted. Information sent on unencrypted channels, where no security is being used, can be easily intercepted and viewed. If needed, IPsec can be used to provide security when sending information on an unencrypted channel. In addition to using the security measures outlined above, you can provide a level of security using the following practices. These methods by themselves do not provide much security, but they do keep curious people from trying to access the wireless network.

10.5.3 Enterprise Wireless Facts

When implementing a wireless network, you should use the appropriate equipment for the type of deployment. The equipment used in an enterprise wireless network is very different from the equipment used in homes or in small businesses. Home or small business wireless networks typically use a consumer-grade access point that combines many functions into a single device. Wireless access point Ethernet switch NAT router These devices work reasonably well in small environments. However, they have very limited capacity, typically supporting a maximum of 5-10 wireless clients at a time. If you connect more clients than this, the bandwidth of the entire wireless network is severely impacted. In a larger deployment, you must use higher end equipment designed to support a large number of users. Three different types of enterprise deployments have been commonly implemented, as described in the table below:

10.1.3 Wireless Architecture Facts

When you implement a radio frequency wireless network, hosts are connected by radio waves rather than wires. Radio waves are considered unbounded media because unlike wires, nothing encases them. The most commonly used frequency for wireless networking is the 2.4 GHz frequency band. The following table contains wireless networking architecture information.

Wireless Bridges

Wireless bridges are used to connect wired or wireless networks together.

Wireless Bridges

Wireless bridges are used to connect wired or wireless networks together. You can create a wireless link between two buildings with a wireless bridge. Using directional antennae, a wireless signal can be transmitted directly between two buildings, connecting both LANs together. Because the wireless link is a bridge, only the frames addressed to a host on the remote LAN are forwarded across the link. Locally addressed frames remain on the local LAN.

Configure the Channel

Wireless networks can be configured to use one of several RF channels. > Choose a channel on the AP that is not used by other wireless devices (such as phones or other APs). > On the NIC, the channel is detected automatically and configured to match the channel used by the AP. Many APs detect channels used in the area and automatically configure themselves to use a channel that does not overlap with other channels used in the area.

Media Access

Wireless networks use carrier sense multiple access/collision avoidance (CSMA/CA) to control media access and avoid (rather than detect) collisions. Collision avoidance uses the following process: 1. The sending device listens to make sure that no other device is transmitting. If another device is transmitting, the device waits a random period of time (called a backoff period) before attempting to send again. 2. If no other device is transmitting, the sending device broadcasts a request to send (RTS) message to the receiver or AP. The RTS includes the source and destination, as well as information on the duration of the requested communication. 3. The receiving device responds with a clear to send (CTS) message. The CTS also includes the communication duration period. Other devices use the information in the RTS and CTS to delay send attempts until the communication duration period (and subsequent acknowledgement) has passed. 4. The sending device transmits the data. The receiving device responds with an acknowledgement (ACK). If an acknowledgement is not received, the sending device assumes a collision occurred and retransmits the affected packet. 5. After the time interval specified in the RTS and CTS has passed, other devices can start the process again to attempt to transmit. *The use of RTS and CTS (steps 2 and 3) is optional and depends on the capabilities of the wireless devices. Without RTS/CTS, collisions are more likely to occur. > Wireless communication operates in half-duplex (shared two-way communication). Devices can both send and receive, but not at the same time. Devices must take turns using the transmission channel. Once a party begins receiving a signal, it must wait for the transmitter to stop transmitting before it can reply.

Wireless Identification Tools

Wireless networks use the following tools for identification.

Range

Wireless standards have a limited range. Moving a notebook outside the effective range weakens the signal and will likely cause intermittent reception. Moving outside of the stated range can cause the connection to drop entirely.

Direct-Sequence Spread Spectrum (DSSS)

With DSSS, the transmitter breaks data into pieces and sends the pieces across multiple frequencies in a defined range. DSSS is more susceptible to interference and less secure then FHSS.

Shared Key

With shared key authentication, clients and APs are configured with a shared key (called a secret or a passphrase). Only devices with the correct shared key can connect to the wireless network. > All APs and all clients use the same authentication key. > Use shared key authentication on small, private networks. > Shared key authentication is relatively insecure, as hashing methods used to protect the key can be easily broken.

Shared Key Authentication

With shared key authentication, clients and access points are configured with a shared key (called a secret or a passphrase). Only devices with the correct shared key can connect to the wireless network.

Interference

With wireless networks, interference is a signal that corrupts or destroys the wireless signal sent by APs and other wireless devices. Interference affects the availability of a network because normal communications are made impossible.

Interference

With wireless networks, interference is a signal that corrupts or destroys the wireless signal sent by APs and other wireless devices. Interference affects the availability of a network because normal communications are made impossible. The following are the most common types of signal interference. > Electromagnetic interference (EMI) is caused by motors, heavy machinery, and fluorescent lights. > Radio frequency interference (RFI) is caused by radio signals using the same radio channel—which can be caused by nearby wireless devices, such as cordless phones or microwave ovens. Most signal interference is caused unintentionally, but some interference is caused intentionally in order to cripple a wireless network. This type of interference is called jamming.

10.4.7 Design an Indoor Wireless Network

You are a network technician for a small corporate network. It's been decided that the office needs a wireless network for employees. You've already installed and configured a wireless controller and are in the process of installing wireless access points (WAPs) in the office. In this lab, your task is to install the proper types of WAPs in order to provide adequate wireless coverage while also reducing signal emanation as much as possible. As you install each WAP, consider the following: > Use the best antenna type for the specific placement location. There are two WAP antenna types available, directional and omnidirectional. > Reduce signal emanation which is just as important as providing adequate wireless coverage. > Do not install more equipment than necessary. Only three WAPs are required to complete this lab. Complete this lab as follows: 1. On the Shelf, expand the Wireless Access Points category. 2. Drag the Wireless Access Point (Omnidirectional Antenna) to the installation area in the Lobby. 3. Drag one of the Wireless Access Point (Directional Antenna) to the installation area on the west wall of the IT Administration office. 4. Drag another Wireless Access Point (Directional Antenna) to the installation area on the east wall of the Networking Closet. 5. To complete the lab, select Done.

10.4.8 Design an Outdoor Wireless Network

You are a network technician for a small corporate network. You have been asked to create a network connection between two buildings. You've decided that a wireless connection between the two buildings would be the best solution. In addition, employees have been complaining about the wireless connection on the patios of both buildings. You conducted a wireless site survey and found that the wireless signal on both patios is very poor. In this lab, your task is to complete the following: Install the proper antenna on the roof of both buildings to accommodate a high-speed wireless connection between them. Use the wireless survey exhibit to identify weak signal areas. Install the appropriate WAP on the roof of each building. Attach the antenna that will provide adequate coverage to the problem area only. *Use the wireless survey exhibit to identify which type of antenna to use with the WAP. *The connection between the buildings should use a high-gain directional antenna. Using this antenna will provide a very strong, concentrated signal in only one direction. Using a high-gain omnidirectional antenna would broadcast the signal in all directions for a very long distance, introducing a security vulnerability. *For the patio, you should use an outdoor WAP. Outdoor WAPs are designed to withstand outdoor conditions, such as heat, cold, and rain. Because you need to provide coverage to only the patio areas, the best antenna choice would be a directional antenna. Complete this lab as follows: 1. On the Shelf, expand the High-gain Antennas category. 2. Drag the High-gain Antenna (Directional) to the installation area on the roof of Building A. 3. Drag the remaining High-gain Antenna (Directional) to the installation area on the roof of Building B. 4. On the Shelf, expand the Wireless Access Points category. 5. Drag the Wireless Access Point (Outdoor) to the installation area on the roof of Building A. 6. Drag the remaining Wireless Access Point (Outdoor) to the installation area on the roof of Building B. 7. On the Shelf, expand the WAP Antennas category. 8. Drag the WAP Antenna (Directional) to one of the installed outdoor WAPs. 9. Drag the remaining WAP Antenna (Directional) to the other installed outdoor WAP. 10. To complete the lab, select Done.

10.7.6 Explore Wireless Network Problems

You are a network technician for a small corporate network. You have recently updated the wireless networks in the building. The WLAN is named CorpNet. In this lab, your task is to explore, diagnose, and fix the wireless network configuration problems. Use the following troubleshooting tools: The Network and Sharing Center in the Windows 10 operating system on a laptop. The wireless controller interface accessed through Internet Explorer at 192.168.0.6 with the username WxAdmin and password ZDAdminsOnly!$ (O is the letter o) Complete this lab as follows:. 1. Identify the wireless connections on the IT-Laptop as follows: Under IT Administration, select IT-Laptop. In the notification area, select the wireless network icon. Which wireless networks are available to IT-Laptop? Which wireless network is IT-Laptop connected to? Select Start. Select Settings. Select Network & Internet. Under Wi-Fi, select Manage known networks. Which know networks are displayed? Select HomeWireless. Select Forget. 2. On ITAdmin, view the wireless controller's configuration interface using Internet Explorer: From the navigation tabs at the top, select Floor 1 Overview to switch to the ITAdmin computer. Under IT Administration, select ITAdmin. From the taskbar, select Internet Explorer. In the URL field, enter 192.168.0.6 and press Enter. In the Admin Name field, enter WxAdmin. In the Password field, enter ZDAdminsOnly!$ (O is the letter o). Select Login. Select the Configure tab. From the left menu, select WLANs. What is the name of the corporate WLAN? Under WLANs, select Edit in the table under Actions. What is the passphrase used for the WLAN security key? 3. Identify the wireless connections on Gst-Lap as follows: From the navigation tabs at the top, select Floor 1 Overview to switch to Gst-Lap. Under Lobby, select Gst-Lap. In the notification area, select the wireless network icon. Which wireless networks are available to Gst-Lap? Which wireless network is Gst-Lap connected to? Select Start. Select Settings. Select Network & Internet. Under Wi-Fi, select Manage known networks. Which known networks are displayed? In the notification area, select the wireless network icon. Select the CorpNet wireless network name. Select Connect. Why did Gst-Lap connect without you entering the security key? 4. Identify the wireless connections on Exec-Laptop as follows: From the navigation tabs at the top, select Floor 1 Overview to switch to Exec-Laptop. Under Executive Office, select Exec-Laptop. In the notification area, select the wireless network icon. What wireless networks are available to Exec-Laptop? From the navigation tabs at the top, select Floor 1 Overview. Under Executive Office, select Hardware. Above the laptop, select Front to switch to the front view of the laptop and observe the switch for the wireless network interface card. What is the position of the switch for the wireless network interface card? Select the wireless switch to turn the wireless network interface card on. On Exec-Laptop, select the wireless network icon in the notification area to view the available networks. Which wireless networks are available to Exec-Laptop now? Manually connect to the CorpNet wireless network as follows: Select the CorpNet wireless network name. Select Connect. Enter the security key for the wireless network (the security key learned in Step 7 above) and click Next. Click Yes to make the PC discoverable. Exec-Laptop successfully connected to the CorpNet network.

10.5.4 Implement an Enterprise Wireless Network

You are a network technician for a small corporate network. You just installed a Ruckus zone controller and wireless access points throughout the buildings using wired connections. Now you need to configure basic wireless network settings. You can access the wireless controller console through Internet Explorer on http://192.168.0.6 using the username admin and the password password. In this lab, your task is to perform the following: Create a WLAN using the following settings: Name: CorpNet Wireless ESSID: CorpNet Type: Standard Usage Authentication: Open Encryption: WPA2 Encryption Algorithm: AES Passphrase: @CorpNetWeRSecure! Connect the Exec-Laptop in the Executive office to the new wireless network. Create a WLAN on the wireless controller as follows: > From the taskbar, open Internet Explorer. > In the URL field, enter 192.168.0.6 and press Enter. > Log in to the wireless controller console with username admin and password password. > Select the Configure tab. > From the left menu, select WLANs. > Under WLANs, select Create New. > In the Name field, enter the network name. > In the ESSID field, enter the ESSID for the network. > Under Type, make sure Standard Usage is selected. > Under Authentication Options, make sure Open is selected. > Under Encryption Options, select WPA2. > Under Encryption Options/Algorithm, make sure AES is selected. > In the Passphrase field, enter the passphrase for the network. > Click OK. > Using the location tabs at the top of the screen, select Floor 1. > In the Executive Office location, select Exec-Laptop. > In the notification area, select the wireless network icon to view the available networks. > Select CorpNet. > Select Connect. > Enter @CorpNetWeRSecure! for the security key; then click Next. > Click Yes to make the computer discoverable on the network.

10.6.6 Secure an Enterprise Wireless Network

You are a network technician for a small corporate network. You need to increase the security of your wireless network. Your new wireless controller provides several security features that you would like to implement. *Access the Wireless Controller console through Internet Explorer on http://192.168.0.6 with the username admin and the password password. In this lab, your task is to perform the following: Change the admin username and password for the Zone Director controller to the following: Admin Name: WxAdmin Password: ZDAdminsOnly!$ (O is the capital letter O) Set up MAC address filtering (L2 Access Control) to create a whitelist called Allowed Devices that includes the following wireless devices: 00:18:DE:01:34:67 00:18:DE:22:55:99 00:02:2D:23:56:89 00:02:2D:44:66:88 Implement a device access policy called NoGames that blocks gaming consoles from the wireless network. Configure the security features on your wireless controller as follows: 1. Change the admin username and password as follows: > From the taskbar, open Internet Explorer. > Maximize Internet Explorer. > Type 192.168.0.6 and press Enter. > Enter admin. > Enter password. > Select Login. > From the top, select the Administer tab. > Ensure Authenticate using the admin name and password is selected. > In the Admin Name field, enter WxAdmin. > In the Current Password field, enter password. > In the New Password field, enter ZDAdminsOnly!$ (Note: O is the capital letter O). > In the Confirm New Password field, enter ZDAdminsOnly!$. > On the right, select Apply. 2. Enable MAC address filtering as follows: > From the top, select the Configure tab. > From the left menu, select Access Control. > Expand L2-L7 Access Control. > Under L2/MAC address Access Control, select Create New. > In the Name field, enter Allowed Devices. > Under Restriction, make sure Only allow all stations listed below is selected. > Enter a MAC address. > Select Create New. > Repeat steps 2g-2h for each MAC address you would like to add to the ACL. > Click OK. 3. Configure access controls as follows: > In Access Control, expand Device Access Policy. > Select Create New. > In the Name field, enter NoGames. > Select Create New. > Use the OS/Type drop-down list to select Gaming. > Use the Type drop-down to select Deny. > Under Uplink, ensure Disabled is selected. > Under Downlink, ensure Disabled is selected. > Click Save. > Click OK.

10.7.7 Troubleshoot Wireless Network Problems

You are a network technician for a small corporate network. You recently updated the wireless networks in the building. In the Executive Office, Exec-Laptop is having problems connecting to the CorpNet wireless network and the internet. You need to diagnose and fix the problem so that this laptop can connect to the wireless network. The security key @CorpNetWeRSecure!& is for the wireless network. In this lab, your task is to complete the following: Use the following troubleshooting tools to diagnose the problem in the wireless network: Use the IT administrator's laptop, IT-Laptop, to verify that the wireless access point is working. Use the wireless controller management interface: Browser: Internet Explorer IP address: 192.168.0.6 Username: WxAdmin Password: ZDAdminsOnly!$ Use the Network and Sharing Center in the Windows operating system. Use the troubleshooting tools to confirm the resolution of the problem. Fix the problem on Exec-Laptop, the wireless controller interface, or both as necessary. Use the IT-Laptop laptop in the IT Administration office to test the solution before you apply solutions to the other laptop. IT-Laptop is a company-owned laptop and supports the necessary standards to make a successful connection to the wireless network, but it is not connected to the wireless network. Connect to the CorpNet wireless network. Complete this lab as follows: Under IT Administrator, select IT-Laptop. In the notification area, select the wireless network icon to view the available networks to verify the problem found on the laptop in the Executive Office. The CorpNet wireless network is displayed in the list of available networks. Select the CorpNet wireless network. Select Connect. Enter @CorpNetWeRSecure!& for the security key and select Next. Select Yes.IT-Laptop is now connected to the CorpNet wireless network. Because IT-Laptop can connect to the wireless network, the problem may be limited to only the Exec-Laptop laptop in the Executive Office. From the top navigation tabs, select Floor 1 Overview to switch to Exec-Laptop. Under Executive Office, select Exec-Laptop. In the notification area, select the wireless network icon to view the available networks. There are no wireless networks shown as available for this laptop. Possible causes for this include:The wireless network interface card is not turned on (the wireless switch on the exterior of the laptop is in the off position). Since no wireless networks are shown in the list, you must take additional steps.The wireless network's SSID is not broadcasted. From step 1, you know that the wireless access point is broadcasting the SSID.The wireless access point is not powered on. From step 1, you know that the wireless access point is powered on. From the top navigation tabs, select Floor 1 Overview to switch to the Exec-Laptop. Under Executive Office, select Hardware. On the front of the Exec-Laptop, Confirm that the switch for the wireless network interface card is in the On position. The switch is in the off position. Slide the wireless switch to the On position to turn the wireless network interface card on. On the laptop monitor, select Click to view Windows 10. In the notification area, select the wireless network icon to view the available networks. The CorpNet wireless network is now displayed in the list of available networks. Select the CorpNet wireless network. Select Connect. Enter @CorpNetWeRSecure!& for the security key and select Next. Select Yes.Exec-Laptop is now connected to the CorpNet wireless network.

10.7.5 Optimize a Wireless Network

You are a network technician for a small corporate network. You would like to take advantage of the self healing features provided by the small enterprise wireless solution you have implemented. You are already logged in as WxAdmin on the Wireless Controller console from ITAdmin. In this lab, your task is to perform the following: Configure self healing on the wireless network. Automatically adjust AP radio power to optimize coverage when interference is present. Set 2.4GHz and 5GHz radio channels to use the Background Scanning method to adjust for interference. Configure the background scanning needed for rogue device detection, AP locationing, and self healing. Background scans should be performed on all radios every 30 seconds. Configure load balancing for all radios by adjusting the threshold to 40dB. Configure band balancing to allow no more than 30% of clients to use the 2.4GHz radios. Reduce the power levels to -3dB for three access points in Building A to reduce RF emanations. Use the wireless survey results in the exhibit to identify the access points. *The amount to reduce TX Power by is a judgment call based on the wireless survey results. In practice, you would repeat the wireless survey to verify the proper TX Power settings. Configure your wireless access points as follows: 1. Configure Self Healing as follows: > From the top, select the Configure tab. > From the left menu, select Services. > Select Automatically adjust AP radio power to optimize coverage when interference is present. > Under Automatically adjust 2.4GHz channels using, select Background Scanning from the drop-down menu. > Under Automatically adjust 5GHz channels using, select Background Scanning from the drop-down menu. > On the right, click Apply. 2. Configure Background Scanning as follows: > Select Run a background scan on 2.4GHz radio. > Enter 30 seconds. > Select Run a background scan on 5GHz radio. > Enter 30 seconds. > On the right, click Apply. 3. Configure Load Balancing as follows: > Select Run load balancing on 2.4GHz radio. > In the Adjacent radio threshold(dB) field, enter 40. > Select Run load balancing on 5GHz radio. > In the Adjacent radio threshold(dB) field, enter 40. > On the right, select Apply. 4. Configure Band Balancing as follows: > Select Percent of clients on 2.4GHz radio. > Enter the percentage. > On the right, click Apply. 5. Adjust the AP Power Level as follows: > From the left menu, select Access Points. > From the top right, select Exhibit to determine which access points to adjust. > Select Edit next to the access point to be modified. > Under Radio B/G/N(2.4G) next to TX Power, make sure Override Group Config is selected. From the TX Power drop-down list, select -3dB (1/2). > Under Radio A/N/AC(5G) next to TX Power, make sure Override Group Config is selected. > From the TX Power drop-down list, select -3dB (1/2). > Click OK. > Repeat steps 6b - 6f for additional access points.

10.3.6 Configure Wireless Profiles

You are working on a small network. Recently, you increased the security of the wireless network. In this lab, your task is to complete the following: Manually create a wireless network profile on the laptop as follows: Network name (SSID): PoliceVan (the SSID name is case sensitive.) Security type: WPA2-Personal. Encryption type: AES. Security Key/Passphrase: 4WatchingU (the security key is case sensitive.) Start the connection automatically. Connect even if the network is not broadcasting. Delete the out-of-date TrendNet-BGN wireless profile. Complete this lab as follows: 1. Manually create the wireless network profile on the laptop as follows: > Right-click the Network icon in the notification area and select Open Network and Sharing Center. > Select Set up a new connection or network. > Select Manually connect to a wireless network; then click Next. > Enter the network name. > Select the security type from the drop-down list. > Make sure AES is selected as the encryption type. > Enter the security key. > Make sure Start this connection automatically is selected. > Select Connect even if the network is not broadcasting; then click Next. > Click Close 2. Delete the out-of-date profile as follows: > Select the Network icon in the notification area. > Select Network settings. > Select Manage known networks. > Select the network to be deleted from the list. > Select Forget.

10.3.5 Secure a Home Wireless Network

You are working on a small network. You recently created a wireless network to allow the owner's laptop and mobile devices to make a connection to the wired network and the internet. However, without additional configuration, the wireless access point will allow connections from any laptop or mobile device. You need to secure the wireless network from unauthorized access. In this lab, your task is to complete the following: Change the settings on the wireless access point using: SSID: PoliceVan (the SSID name is case sensitive). Authentication: WPA2-PSK. Encryption: AES. Security key: 4WatchingU (the security key is case sensitive). Change the wireless access point's administrator authentication credentials from their defaults using the following settings: Username: @dm1n Password: StayOut! (O is the capital letter O). Do not save the credentials in Internet Explorer. Configure the laptop to connect to the wireless network and save the wireless profile settings as listed above. *To view and configure the wireless access point: Use Internet Explorer on Home-PC. Go to 192.168.0.254. Use the following default authentication credentials: Username: admin Password: password Complete this lab as follows: 1. Change the settings on the wireless access point as follows: > In the URL field of Internet Explorer, enter 192.168.0.254 and press Enter. > In the username field, enter admin as the username. > In the password field, enter password as the password. > Select OK. > Maximize Internet Explorer. > Select Wireless > Basic on the left. > In the Wireless Name (SSID) field, enter PoliceVan. > Scroll down and select Apply. > In the username field, enter admin as the username. > In the password field, enter password as the password. > Select OK. > In the left menu, under Wireless, select Security. > From the Security Mode options, select WPA2-PSK. > In WPA Algorithms, make sure AES is selected. > In the Pass Phrase field, enter 4WatchingU. > Select Apply. 2. Change the wireless access point's administrator authentication credentials as follows: > From the left menu, select Administrator. > Select Management. > In the Account field, enter @dm1n as the username. > In the Password field, enter StayOut! (O is the capital letter O). > Select Apply. 3. Configure the laptop to connect to the wireless network and save the wireless profile settings as follows: > From the navigation tabs at the top, select Computer Desk. > On the Home-Laptop monitor, select Click to view Windows 10. > Select the Network icon. > Select PoliceVan. > Make sure Connect automatically is selected. > Select Connect. > Enter the security key (pass phrase). > Select Next. > Select Yes to make your PC discoverable on the network. > Right-click the Network icon and select Open the Network and Sharing Center to confirm the connection.

10.3.4 Create a Home Wireless Network

You are working on a small office/home office (SOHO) network. The home owner recently changed his Internet Service Provider (ISP) and has an existing Ethernet router connected to an RJ45 jack on the wall plate. He has a new laptop and would like to connect this laptop to the Internet with a wireless connection. You need to create a wireless network. Create a wireless network as follows: Select a wireless access point that meets the following criteria: Transmission speeds up to 600 Mbps. Backwards compatible with other wireless standards which use 2.4GHz. Install the wireless access point: Place the wireless access point on the computer desk. Select the correct cable to connect the wireless access point to a free LAN port on the existing router. Connect power to the wireless access point through an outlet on the surge protector or wall plate. Configure the owner's new laptop to connect to the wireless network: Slide the wireless switch on the front of the laptop to the on (On) position. This will enable the integrated wireless network interface card on the laptop. Use the default settings as you connect the laptop to the wireless network, and save the wireless profile with these settings. > Place the 802.11b/g/n wireless access point on the computer desk > Connect the wireless access point to the existing router in the rack using a Cat5e cable > Provide power to the wireless access point > On the laptop, slide the wireless switch to turn the integrated wireless network interface card on > On the laptop, connect to the TrendNET-BGN wireless network > Save the wireless profile on the laptop Complete this lab as follows: > On the Shelf, expand the Wireless Access Points category. > Read the device descriptions to identify the correct wireless access point. Drag the wireless access point to the computer desk. > Switch to the back view of the wireless access point. > To plug in the wireless access point, expand the Cables category on the Shelf. > Select the power adapter. > In the Selected Component window, drag the DC power connector to the port on the wireless access point. > In the Selected Component window, drag the AC power adapter end to an empty outlet on the surge protector or the wall outlet. > To connect the wireless access point to the router, select the Cat5e cable on the Shelf. > In the Selected Component window, drag a connector to the Ethernet port on the back of the wireless access point. > Switch to the back of the router. > In the Selected Component window, drag the other Cat5e cable connector to one of the free LAN ports on the switch. > To enable the integrated wireless network interface on the laptop, click the wireless switch on the front of the laptop. This will slide the switch to the on (ON) position. > To connect the laptop to the wireless network, click the Windows icon on the laptop's screen. > In the notification area, click the networking icon and click the TrendNet-BGN wireless network. > Ensure that the Connect automatically checkbox is selected and click Connect. > To make your PC discoverable on the network, click Yes *To confirm the connection, click the networking icon in the notification area again or open the Network and Sharing Center.

Perform Bandwidth Planning

You need to understand the network's bandwidth requirements. To do this, identify the following: > The amount of bandwidth required in various locations. > The number of clients that will utilize this network. This is the device density. An overcapacity of clients will use up your bandwidth and slow performance of your wireless network. It is better to overestimate the number of devices on your network to ensure that you have the capacity to support them. > The frequency that will be used. The farther away a device is from the access point, the more bandwidth drops. Bandwidth can also be affected by physical obstacles that interfere with the RF signal, as well as by sources of RF interference in the environment. You can measure the strength of the signal at a given distance from the access point by using the received signal strength indicator (RSSI). RSSI is measured as a negative number; a smaller value indicates a stronger signal.

Site Survey Test Equipment

You should bring access points to each location to test the signal quality and to identify the node density required in each area. Your site survey kit should include: > Two access points. > Two laptops with a network performance measurement utility, such as Iperf, installed so you can evaluate the network throughput available at each location. > Two laptops with a network performance measurement utility, such as Iperf, installed so you can evaluate the network throughput available at each location. > A tall ladder so you can test each AP at height or close to height *During the site survey, you will not physically install each access point. Instead, you will use a ladder to approximate the AP's final mounting location for testing. In outdoor deployments, you may need to use a bucket truck instead of a ladder to complete this task. > Two-way radios to communicate with your assistants. > A spectrum analyzer.

Configure Security

You should enable some form of security or encryption on the AP and each wireless NIC by completing the following: > Configure a MAC access list. Some APs can restrict wireless access to specific MAC addresses. Only devices whose MAC addresses are identified are allowed to access the wireless AP. > Disable SSID broadcast. That way, wireless devices must be statically configured with the SSID before they can connect because they will be unable to detect the network name.. > Configure the passphrase WPA or WPA2 (the passphrase is case sensitive). When configuring encryption, select the strongest method supported by all devices. > AES is the strongest encryption method currently available, and it is used with WPA2. When using AES, all devices must be WPA2 capable. > TKIP is used with WPA or WPA2. TKIP encryption is not as strong as AES encryption. > Public networks may not use any encryption. Be very cautious when using these networks, as all data transmitted is easily captured and read.

Conduct a Site Survey

Your initial network design may not be accurate due to environment or other conditions that you can't account for on paper. To determine what these conditions are, you need to conduct a site survey. Visit each location where an access point will be installed, determine what the RF environment looks like, and then set up a temporary wireless network in the location to see how the radio signal behaves. There are several things you should do: > Inspect each mounting location identified in your initial design and ensure it is a viable location for an access point. > Document structural or environmental concerns that may disrupt the RF signal from the access point. > Verify that the access point can reach the wireless controller from the location. - For a wired backhaul, you must be able to run a wire to the controller. - For a wireless backhaul, the access point's wireless signal must be able to reach either the controller itself or another access point that can relay it to the controller. > Assess the availability of power to and grounding for the access point. > Log the location's GPS coordinates. Use digital photos to document the location and its surrounding environment.

Which protocol is well known for its use in the the home security and home automation industry, uses a mesh topology, makes devices act as repeaters, and has a low data transfer rate? Ant+ Z-Wave 802.11 AC NFC

Z-Wave The Z-Wave protocol is mostly used in the home security and automation market and uses only a mesh topology. Each device that is added acts as a repeater and increase the strength of the network. Z-Wave has a low data transfer rate. Ant+ is can be used in a mesh topology, but is generally used to monitor sensor data. NFC is commonly used for mobile pay solutions and connections like blue tooth, but has to be several inches within another device to connect. 802.11 AC is a wireless networking standard that offers high-speed data transfer.

Z-Wave

Z-Wave is a wireless communication protocol for communication among devices used for home automation. It uses radio waves for signaling and control.


Ensembles d'études connexes

Abeka 4th Grade History Pgs 17-23 Ch #2

View Set

MUSCHII COAPSEI (extensori; flexori; adductori)

View Set

ANTH 1003 Auburn Cox Midterm Study Guide

View Set

Financial Equity Securities Exam 1

View Set

Ch 5 Utilitarianism & John Stuart Mill

View Set

Gyn 7: Ovarian Torsion, RPOC, C-Section

View Set