5.4 Given a scenario, troubleshoot common wireless connectivity issues.
A user reports to Ralph that he cannot access the Internet, although he is able to connect to computers on the local network. Ralph runs `ipconfig /all` on the user's workstation and examines the output. Which of the following is the most likely explanation for the user's problem, based on these `ipconfig` results? a) ``` b) Windows IP Configuration c) ``` 1. The Subnet Mask setting is incorrect. 2. The Default Gateway setting is incorrect. 3. The DNS Servers setting is located on another network. 4. DHCP is not enabled.
2. The Default Gateway setting should contain the address of a router on the local network that provides access to other networks, such as the Internet. In this case, therefore, the Default Gateway address should be on the 192.168.4.0 network, but it contains an address on the 192.18.6.0 network, which is not local. Therefore, the user can only access systems on the 192.168.4.0 network. The Subnet Mask setting must be correct, or the user would not be able to access any other systems. Unlike the default gateway, the Domain Name System (DNS) server does not have to be on the local network, so the address shown can be correct. Dynamic Host Configuration Protocol (DHCP) is not necessary to access the Internet.
Ralph is troubleshooting a workstation that cannot access the network. The workstation is plugged into a wall plate that should provide it with access to a DHCP-equipped network using the 192.168.4.0/24 network address. No one else on that network is reporting a problem. Ralph checks that the patch cable is properly plugged into the workstation and the wall plate, which they are, and then runs `ipconfig /all` on the user's workstation and examines the output. Which of the following could be the explanation for the user's problem, based on these `ipconfig` results? a) ``` b) Windows IP Configuration c) ``` 1. The Subnet Mask is incorrect. 2. The Default Gateway address is missing. 3. The DHCPv4 scope is exhausted. 4. The DNS server addresses are incorrect.
3. The 169.254.203.42 address assigned to the workstation is from the 169.254.0.0/16 network address assigned to Automatic Private Internet Protocol Addressing (APIPA), a standard for the assignment of Internet Protocol (IP) addresses to Dynamic Host Configuration Protocol (DHCP) clients when they cannot obtain an address from a DHCP server. Since no one else is experiencing a problem, the DHCP server is presumably functioning. The Subnet Mask value is correct for an APIPA address, and APIPA does not provide Default Gateway or Domain Name System (DNS) server addresses. Therefore, an exhausted DHCP scope is the only one of the explanations provided that could be the cause of the problem.
Ed has installed a separate 802.11n wireless network for guest users working in his company's offices. The guest network uses no security protocol, and Ed has recently become aware that people outside the building are able to access it. Which of the following steps can Ed take to prevent users outside the building from accessing the guest network, while leaving it available to users inside the building? (Choose all that apply.) a) Move the Wireless Access Point (WAP) to the center of the building b) Lower the power level of the WAP c) Disable Service Set Identifier (SSID) broadcasting d) Implement Media Access Control (MAC) filtering e) Install a captive portal
A, B, C. Moving the Wireless Access Point (WAP) to the center of the building will keep as much of its operational range inside the structure as possible. If the signals still reach outside the building, Ed can reduce the power level of the WAP until the network is only accessible inside. Disabling SSID broadcasts will not defeat dedicated attackers, but it can prevent casual intruders from accessing the network. MAC filtering would require Ed to configure the WAP with the MAC addresses of all devices that will access the network, which would be impractical in this case. Installing a captive portal would not block outside users unless Ed configures the portal to require user authentication, which defeats the purpose of the guest network.
Which of the following utilities can be classified as port scanners? (Choose all that apply.) a) Nmap b) Nessus c) Network Monitor d) Performance Monitor
A, B. nmap is a command-line utility that scans a range of IP addresses, runs a series of scripts against each device it finds, and displays a list of the open ports it finds on each one. Nessus is similar to `nmap` in that it also scans a range of IP addresses to find open ports, but it then proceeds to mount attacks against those ports, to ascertain their vulnerability. Network Monitor is a protocol analyzer or packet sniffer, which is a program that captures network traffic samples and analyzes them. It is not a port scanner. Performance Monitor is a program that displays statistics for specific system and network performance criteria. It is not a port scanner.
Ralph is setting up a wireless network using the 2.4 GHz band. Which of the following channels should he use to avoid channel overlap? (Choose all that apply.) a) 1 b) 4 c) 6 d) 8 e) 11
A, C, E. The 2.4 GHz band used by Wireless Local Area Networks (WLANs) consists of channels that are 20 (or 22) MHz wide. However, the channels are only 5 MHz apart, so there is channel overlap that can result in interference. Channels 1, 6, and 11 are the only channels that are far enough apart from each other to avoid any overlap with the adjacent channels. Channels 4 and 8 are susceptible to overlap.
Alice receives a call from a user who cannot connect to the company's 802.11g wireless network with a new laptop that has an 802.11ac network adapter. Other users working in the same area are able to connect to the network without difficulty. Which of the following are tasks that Alice can perform to resolve the problem? (Choose all that apply.) a) Install an 802.11ac wireless Access Point (AP) on the network b) Change the channel used by the Wireless Access Point (WAP) c) Install an 802.11g wireless network adapter in the user's laptop d) Move the user closer to the WAP
A, C. The 802.11ac and 802.11g wireless networking standards are fundamentally incompatible. The 802.11g AP uses the 2.4 GHz band, and the user's 802.11ac laptop uses the 5 GHz band. Therefore, the only possible solutions are to install an 802.11ac AP or an 802.11g network adapter. Changing channels on the WAP and moving the user will have no effect on the problem.
Trixie has recently moved to a new office in her company's building, down the hall from her old one. Since the move, she has only been able to access the wireless network with her laptop intermittently. She never had a problem in her previous location. Which of the following could possibly be the cause of her problem? (Choose all that apply.) a) Trixie's new office is farther from the Access Point (AP) than her old one. b) Her laptop is connecting to the wrong SSID. c) The AP is using an omnidirectional antenna. d) There are too many walls between Trixie's new office and the AP.
A, D. Greater distance from the AP or interference from intervening walls can both cause a weakening of wireless signals, resulting in the intermittent connectivity that Trixie is experiencing. An incorrect Service Set Identifier (SSID) would prevent Trixie's laptop from ever connecting to the network. An omnidirectional antenna generates signals in every direction, which would not account for Trixie's problem.
Alice is attempting to troubleshoot a communication problem between two hosts on the same network. She decides to use a protocol analyzer to capture traffic on the network. After finishing the capture, Alice notices that there are over 15,000 frames in the protocol analyzer's capture buffer. She is having a difficult time identifying the frames that relate to the problem because there are so many in the buffer. She wants to eliminate the extraneous frames from her view, enabling her to view only the frames transmitted by these two hosts. What does Alice have to do to accomplish this? a) Configure a display filter b) Configure a capture filter c) Delete the extraneous frames from the buffer d) Configure a capture and display filter
A. Once the frames are in the buffer, Alice can configure a display filter to block the unwanted frames from view. This does not delete them from the buffer. Since the capture was already performed, there is no need to restart the capture. Configuring a capture filter will not meet the requirements, because the filter will eliminate the other frames completely from the buffer. It is not possible to delete specific frames from an analyzer buffer.
Which of the following best states the potential security threat inherent in running a protocol analyzer? a) A protocol analyzer can display the application data in packets captured from the network. b) A protocol analyzer can display the IP addresses of the systems on the network. c) A protocol analyzer can decrypt protected information in packets captured from the network. d) A protocol analyzer can detect open ports on network systems and launch attacks against them.
A. Protocol analyzers capture packets from the network and interpret their contents including the display of the application layer payload, which can include confidential information. Protocol analyzers can display the Internet Protocol (IP) addresses of systems on the network, but this is not as great a security threat. Protocol analyzers cannot decrypt the protected information it finds in captured packets. Vulnerability scanners detect open ports and launch attacks against them; protocol analyzers do not do this.
Ralph is adding new workstations to his wireless network, which uses an Access Point (AP) that is configured to use WiFi Protected Access II (WPA2) encryption. However, after configuring the wireless network adapter on the first workstation, Ralph finds that it is not connecting to the network. The AP is listed on the Available Networks display, and there are no error messages or indications of a problem, just a failure to connect. Which of the following is most likely to be the problem? a) Incorrect passphrase b) Channel overlap c) Incorrect SSID d) Incorrect antenna placement
A. Specifying the wrong passphrase for the encryption protocol is the most common cause of a failure to connect to the network with no indication of an error. Incorrect antenna placement and channel overlap could result in a weak signal or no signal, either of which would be indicated in the Available Networks list. An incorrect Service Set Identifier (SSID) is not likely to be the error, as long as Ralph selected the AP from the list.
Ralph has purchased some old 802.11b wireless networking equipment at a garage sale, which he plans to use to build a home network. When he installs the network adapters in his computers and sets up the Access Point (AP), he finds that the connections between the devices are no faster than 11 Mbps. What can Ralph do to improve the performance of his network? a) Nothing. The network is functioning at its top speed. b) Change the channel used by the devices. c) Move the computers closer to the AP. d) Install a larger antenna on the AP
A. The 802.11b standard calls for a maximum speed of 11 Mbps, so there is nothing that Ralph can do to increase his network's speed except purchase new equipment.
Ralph is having trouble providing satisfactory wireless network performance to some executive offices at the far end of the building. The wireless Access Point (AP) is based on the 802.11g standard. The offices have heavy doors and insulated walls for sound dampening, and the occupants typically leave their doors closed during work hours. Which of the following actions can Ralph take to provide the users in these offices with better wireless network performance? a) Install an additional AP nearer to the offices. b) Modify the AP to use higher number channels. c) Upgrade the AP to a model based on the 802.11n standard. d) Configure the AP to disable SSID broadcasting.
A. The closer the users are to the AP, the stronger the signals will be. Installing an additional AP nearer to the executive offices will likely enable the signals to pass through the barriers more efficiently. The channel used by the AP, the standard on which the AP is based, and the broadcasting of Service Set Identifier (SSID) signals have no effect on the strength of the signals reaching the executive offices and will not resolve Ralph's problem.
Alice receives a call from a user who cannot connect to the company's 802.11n wireless network with a laptop that has an 802.11g network adapter. Other users working in the same area are able to connect to the network without difficulty. Which of the following steps should Alice take first to try to resolve the problem? (Choose all that apply.) a) Change the channel used by the Wireless Access Point (WAP) b) Check whether the user is connecting to the correct Service Set Identifier (SSID) c) Check whether the wireless adapter in the user's laptop is enabled d) Provide the user with an 802.11n wireless network adapter
B, C. The first steps Alice should take are the simplest ones: make sure that the wireless interface in the user's laptop is turned on and that she is attempting to connect to the correct SSID for the company network. Changing the channel would not be necessary unless other users in the area are also having problems due to interference. The 802.11n wireless networking standard is backward compatible with 802.11g, so it should not be necessary to provide the user with a new network adapter.
Ralph is adding new workstations to his wireless network, which uses an Access Point (AP) that is configured to use WiFi Protected Access II (WPA2) encryption. However, after installing the wireless network adapter on the first workstation, Ralph finds that he cannot see the Wireless Access Point (WAP) on the Available Networks display. Which of the following could be the problem? (Choose all that apply.) a) Incorrect passphrase b) Channel overlap c) Incorrect SSID d) Incorrect antenna polarization e) Antenna cable attenuation
B, D, E. Interference resulting from channel overlap, a weak signal due to incorrect antenna polarization, and signal loss due to antenna cable attenuation could render the workstation unable to make contact with the AP. An incorrect passphrase would not be the problem unless Ralph had already seen the AP and attempted to connect to it. An incorrect Service Set Identifier (SSID) would be the problem only if Ralph had already attempted to manually enter an SSID.
Ralph is having trouble providing satisfactory wireless network performance to a row of glass-walled conference rooms at the far end of the building. The doors to the conference rooms are also made of glass and are always closed when meetings are in progress. Which of the following types of radio signal interference are likely to be the main issues that Ralph is trying to overcome? (Choose all that apply.) a) Reflection b) Refraction c) Diffraction d) Attenuation
B, D. Attenuation is the tendency of signals to weaken as they travel through a network medium. In the case of a wireless network, the medium is the air, and the farther away a wireless device is from the Access Point (AP), the weaker the signal will be. Refraction is when signals bend as they pass through certain types of barriers, such as the glass walls of conference rooms. The bending changes the direction of the signals, possibly causing them to weaken in the process. Reflection is when signals bounce off of certain surfaces, such as metal. Diffraction is when signals have to pass around barriers to reach a particular destination. All of these phenomena can weaken the radio signals used in wireless networking, but attenuation and refraction are likely to be the primary problems for Ralph in this case.
Several accounting consultants are working in Ed's office for the first time, and they are unable to connect to the 802.11n wireless network with their laptops. Which of the following tasks should Ed perform first to try to resolve the problem? (Choose all that apply.) a) Check the network adapters in the laptops for channel overlap b) Make sure that the consultants are attempting to connect to the correct SSID c) Examine the area where the consultants are working for possible sources of signal interference d) Make sure that the consultants' laptops are configured to use the correct wireless encryption protocol
B, D. Of the options provided, the ones most likely to be causing the problem are the use of an incorrect Service Set Identifier (SSID) or encryption protocol. Although signal interference could possibly be a cause, it is more likely that the new users have devices that are incorrectly configured for Ed's network. Channel overlap is a problem that Ed would check and resolve at the Access Point (AP), not the users' workstations.
A port scanner examines a system for network vulnerabilities at which layer of the Open Systems Interconnection (OSI) model? a) Application b) Transport c) Network d) Data Link
B. A port is a numbered service endpoint identifying an application running on a Transmission Control Protocol/Internet Protocol (TCP/IP) system. A port scanner examines a system for open endpoints, accessible using the TCP or User Datagram Protocol (UDP) at the transport layer, which intruders can conceivably use to gain access to the system from the network.
When you run a port scanner on a server, which of the following is the result? a) A list of processes running on the system b) A list of open ports through which the system can be accessed c) A list of protocols used by the system for network communication d) A list of Internet Protocol (IP) addresses used on the network
B. A port scanner examines a system for open endpoints, accessible using the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP), which intruders can conceivably use to gain access to the system from the network.
Alice has been asked to update an accounts receivable spreadsheet with information about the day's incoming payments, a task she has never performed before. After locating and opening the spreadsheet on the network server, she types in her new information, but when she attempts to save the changes, she receives an error message that directs her to save the file on her local drive instead of the network server. Which of the following is the probable cause of the problem? a) Blocked Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports b) Incorrect filesystem Access Control List (ACL) settings c) Incorrect firewall settings d) Untrusted Secure Sockets Layer (SSL) certificate
B. Because Alice is able to access the server and open the spreadsheet file, the problem is not related to blocked ports, firewall settings, or an untrusted certificate. The problem is most likely that though she has the necessary filesystem ACL permissions to open and read the file, she does not have the permissions needed to modify it.
Which of the following is a power measurement of a specific transmitter and antenna combination, as used in a wireless access point? a) RSSI b) EIRP c) SSID d) MIMO
B. Effective Isotropic Radiated Power (EIRP) is a measurement of the signal strength generated by an access point (or other radio transceiver) with a particular antenna. Received Signal Strength Indicator (RSSI) is a measurement of the strength of the signal received by a device from an access point. Service Set Identifier (SSID) is a designation assigned to a specific wireless network, which appears in the Available Networks list of a WiFi client. Multiple Input, Multiple Output (MIMO) is a technology used by some IEEE wireless networking standards to increase throughput by using multiple antennae.
Alice is a new hire at Adatum Corp., and when she asks about wireless network access for her laptop, she is given a Service Set Identifier (SSID) and a WiFi Protected Access II (WPA2) passphrase. Later, in the lunchroom, when she tries to connect her laptop to the network, she cannot see the SSID she was given in the Available Networks list, although she can see other networks. What should Alice do next to try to resolve the problem? a) Type in the WPA2 passphrase. b) Type the SSID in manually. c) Move closer to the Wireless Access Point (WAP). d) Move away from the microwave in the lunchroom.
B. It is possible that the WAP has been configured to not broadcast the network's SSID as a security measure, so Alice should first attempt to access it by typing the SSID in manually. She would not be able to type in the WPA2 passphrase until she is connecting to the SSID. Moving the laptop closer to the WAP or away from possible sources of electromagnetic interference might be solutions to the problem, but they should not be the first thing Alice tries.
Which of the following is not a tool that provides vulnerability scanning capabilities? a) Nessus b) MAP Toolkit c) Nmap d) MBSA
B. Microsoft Assessment and Planning Toolkit (MAP Toolkit) is a free application that performs an agentless inventory of a network and uses the information to create reports on specific scenarios, such as whether computers are prepared for an operating system upgrade. Nessus, Nmap, and Microsoft Baseline Security Analyzer (MBSA) are all tools that include vulnerability scanning but that have other capabilities as well.
You have finished capturing traffic with a protocol analyzer. The analyzer reports that 2000 frames have been seen, but only 1500 frames have been accepted. What does this mean? a) 2000 frames have passed the display filter, but only 1500 meet the criteria for display. b) Only 1500 frames have passed the capture filter and are currently being held in the buffer. c) You lost 500 frames and need to start over—something is obviously wrong. d) 500 frames were damaged and never made it into the buffer.
B. Protocol analyzers report the total number of frames seen compared to the number of frames that were accepted. If a capture filter is in place, there will be a discrepancy between these two values. Only frames that meet the capture criteria will be accepted by the analyzer and placed in the buffer for later display. Protocol analyzers place good and bad frames into the buffer as long as they meet the capture criteria. If only good frames were placed in the buffer, there would be no way to identify problems.
Which of the following is not a potential solution for an IEEE 802.11g wireless computer that has intermittent problems connecting to an IEEE 802.11b/g Access Point (AP)? a) Install a higher gain antenna on the AP b) Replace the AP with a model that supports 802.11n c) Move the computer closer to the AP d) Change the channel used by the AP
B. Replacing the AP with an 802.11n model is not going to have any effect at all unless you upgrade the computer's network adapter as well. Installing a higher gain antenna on the AP can improve its range, enabling the computer to connect more readily. Moving the computer closer to the AP can strengthen the signal and raise its Received Signal Strength Indicator (RSSI), enabling it to connect more reliably. Changing the channel on the AP to a lesser used one can enable the computer to connect more easily.
alph is responsible for a Wireless Local Area Network (WLAN) that consists of an 802.11n 2x2:2 Access Point (AP) and laptop computers with a variety of network adapters. Some of the laptops support 802.11n, most support 802.11g, and a few older models have 802.11a adapters. The WLAN is located in a large office building with many other wireless networks, and Ralph is having trouble finding a channel on the 2.4 GHz band that is not congested with traffic. Scanning the 5 GHz band, he finds relatively little traffic, so he reconfigures the AP to use a 5 GHz channel. The result is that some of the laptops are able to connect to the network, whereas others are not. What is the most likely reason for the connection failures, and what must Ralph do to enable all of the laptops to connect to the wireless network? a) The 5 GHz band does not support automatic channel selection. Ralph must configure each laptop to use the same channel as the AP for all the laptops to connect successfully. b) The 802.11g standard does not support communication using the 5 GHz band. Ralph must configure the AP to support 2.4 GHz for all the laptops to connect successfully. c) The 5 GHz band does not support Multiple Input, Multiple Output (MIMO) communications, so the 802.11n laptops are unable to connect to the network. Ralph must replace the AP with an 802.11g unit for all the laptops to connect successfully. d) The 802.11a standard does not support communication using the 5 GHz band. Ralph must replace the network adapters in those laptops with newer models for them to connect successfully.
B. The 802.11b and 802.11g standards do not support 5 GHz communications. Configuring the AP to support 2.4 GHz is the only way for the 802.11g computers to connect to the network. The 5 GHz band does support automatic channel selection, so there is no need to configure the channel on each laptop manually. The 5 GHz band does support MIMO, and the 802.11n laptops should be able to connect. Replacing the adapters with 802.11g will prevent them from connecting, as that standard does not support 5 GHz communications. The 802.11a standard does support the 5 GHz band, and those laptops should be able to connect.
Which of the following best describes the primary function of a port scanner? a) A port scanner examines a computer' hardware and compiles a list of the physical ports in the system. b) A port scanner examines a computer for TCP and UDP endpoints that are accessible from the network. c) A port scanner examines a specified range of IP addresses on a network, to determine whether they are in use. d) A port scanner accepts a computer name as input and scans the network for the IP address associated with that name.
B. The ports that a port scanner examines are the system endpoints identified by port numbers in Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) headers. An open port provides network access to an application running on the computer, which can conceivably be exploited by an intruder.
Programs such as File Transfer Protocol (FTP) and Telnet are widely criticized because they transmit all data as clear text, including usernames and passwords. Which of the following types of tools might unscrupulous individuals use to read those passwords? a) Packet sniffer b) Terminal emulator c) Packet analyzer d) Vulnerability scanner e) TFTP server
C. A packet analyzer is capable of looking at the data inside packets, which in the case of packets generated by Telnet and FTP, can contain passwords in clear text. Packet sniffers analyzer traffic patterns, vulnerability scanners search for open ports, and Trivial File Transfer Protocol (TFTP) servers transfer boot files to Dynamic Host Configuration Protocol (DHCP) client workstations. Telnet is itself a terminal emulator and does not display packet contents.
Ralph is the administrator of a small company's wireless network. He has recently discovered evidence that users outside of the company's office space have been accessing its wireless network. The office is located in a narrow space against the building's outside wall. Ralph is concerned that the network's Wireless Access Point (WAP) is extending coverage outside the building. Speaking with a consultant friend of his, Ralph is advised to install a different type of antenna on his Access Point (AP). Which of the following antenna types would most likely help Ralph to alleviate the problem? a) Dipole b) Yagi c) Patch d) Unidirectional
C. A patch antenna is a flat device that transmits signals in a half-spherical pattern. By placing the antenna against the building's outer wall, Ralph can provide coverage inside the building and minimize coverage extending to the outside. A dipole antenna is another name for the omnidirectional antenna usually provided with an AP. A unidirectional antenna directs signals in a straight line, which would not provide the coverage Ralph needs. A Yagi antenna is a type of unidirectional antenna.
Ed is working the help desk at a local computer store, and he receives a call from a customer trying to set up a home network using Windows 10 and wired Ethernet equipment. The customer reports that, from her computer, she can see the two other computers in the house, but she cannot access the Internet. Ed asks her to run the `ipconfig /all` command and read the results to him. She says that her IP address is 172.16.41.2, her subnet mask is 255.255.255.0, and her default gateway is 172.16.43.1. Which of the following is most likely the cause of the customer's problem? a) The customer's network cable is unplugged. b) The customer has an incorrect subnet mask. c) The customer has an incorrect default gateway address. d) The computer's DNS record contains the wrong information. e) The computer is inhibited by a switching loop.
C. Because the customer can access the other two computers in the house, Ed knows that her Internet Protocol (IP) address and subnet mask are properly configured, that the network cable is plugged in and functional, and that a switching loop is not preventing access to the Internet. Ed also knows that the computer's Domain Name System (DNS) record does not play a role in outgoing connections. The problem is most likely in the default gateway because the gateway address the customer specified is on another network, 172.16.43.0, rather than on her own network, 172.16.41.0.
Ed has installed a separate 802.11n wireless network for guest users working in his company's offices. The guest network is unsecured, and Ed has recently become aware that people outside the building are able to access it. It is not possible to move the Access Point (AP), and it must run at maximum power to reach the entire building. Which of the following is the most convenient way to prevent users outside the building from accessing the guest network while leaving it available to users inside the building? a) Change the passphrase daily b) Switch the network frequency c) Disable SSID broadcasting d) Implement MAC filtering
C. Disabling Service Set Identifier (SSID) broadcasts will not defeat dedicated attackers, but it can prevent casual intruders from accessing the network. Media Access Control (MAC) filtering would require Ed to configure the AP with the MAC addresses of all devices that will access the network, which would be impractical in this case. The network is unsecured, so there is no passphrase to change, and a frequency change will have no effect on the problem.
Users on Ed's 802.11n wireless network are dropping their connections intermittently. Which of the following might help to resolve the problem? a) Restart the Wireless Access Point (WAP) b) Change the network's Service Set Identifier (SSID) c) Change the channel the devices are using d) Change the wireless security protocol
C. If the users are losing their connections due to interference from other types of devices, changing the channel alters the frequency the network uses and can enable it to avoid the interference. The other options are not likely to affect any condition that would cause users to drop their connections.
Ralph is experiencing long Access Point (AP) association times and generally poor performance on his home 802.11n wireless network. Ralph lives in a large apartment complex, and when he runs a WiFi analyzer, he sees many other nearby networks using the often-recommended channels 1, 6, and 11 on the 2.4 GHz frequency. Using the 5 GHz frequency is not an option for Ralph's equipment. What should Ralph do to improve his network performance? a) Configure his equipment to use channel 2 b) Configure his equipment to use channel 5 c) Configure his equipment to use channel 9 d) Configure his equipment to use channel 10
C. The 2.4 GHz band used by Wireless Local Area Networks (WLANs) consists of channels that are 20 (or 22) MHz wide. However, the channels are only 5 MHz apart, so there is channel overlap that can result in interference, possibly causing long AP association times and degraded performance. Channels 1, 6, and 11 are the only channels that are far enough apart from each other to avoid any overlap with the adjacent channels. This is why they are often recommended. However, in Ralph's case, these channels are too crowded with other networks. Ralph should therefore use a channel that is as far as possible from the crowded ones. Channels 2, 5, and 10 are all immediately adjacent to a crowded channel, but channel 9 is at least two channels away from the nearest crowded channel. Therefore, Ralph should configure his equipment to use channel 9.
Which of the following statements about protocol analyzers is not true? a) To troubleshoot using a protocol analyzer, you must be familiar with the OSI model and the protocols that operate at each of its layers. b) Protocol analyzers can be a network security risk. c) Some network monitoring products are both analyzers and sniffers. d) All Windows operating systems include a protocol analyzer.
D. A protocol analyzer captures frames and displays their contents, including the header fields created by the protocols at the various Open Systems Interconnection (OSI) model layers. To interpret the exchanges between the computers on the network, you must be familiar with the protocols and how they operate. Protocol analyzers are useful tools in the hands of experienced network administrators, but they can also be used for malicious purposes, such as displaying unencrypted passwords and other confidential information in the captured packets. The difference between analyzers and sniffers is that analyzers read the internal contents of the packets they capture, parse the individual data units, and display information about each of the protocols involved in the creation of the packet, while sniffers look for trends and patterns in the network traffic without examining the contents of each packet.
Alice is trying to provide users in a warehouse with wireless network connectivity for their tablets. The warehouse is a huge concrete structure with many internal cinderblock walls. Which of the following types of signal interference are inhibiting Alice's efforts? a) Refraction b) Reflection c) Diffraction d) Absorption
D. Absorption is a type of interference that occurs when radio signals have to pass through barriers made of dense materials, such as concrete or cinderblock walls. The density of the material's molecular structure causes the radio signals to be partially converted to heat, which weakens them. Reflection is when signals bounce off of certain surfaces, such as metal. Refraction is when signals bend as they pass through certain barriers, such as glass or water. Diffraction is when signals have to pass around barriers to reach a particular destination. All of these phenomena can weaken the radio signals used in wireless networking, but absorption is the primary problem for Alice in this case.
Ralph is having trouble providing satisfactory wireless network performance to some executive offices at the far end of the building. The offices have heavy doors and insulated walls for sound dampening, and the occupants typically leave their doors closed during work hours. Which of the following types of radio signal interference is Ralph trying to overcome? a) Reflection b) Refraction c) Diffraction d) Absorption
D. Absorption is a type of interference that occurs when radio signals have to pass through barriers made of dense materials, such as walls and doors. In this case, the construction of the barriers has made them more formidable. Reflection is when signals bounce off of certain surfaces, such as metal. Refraction is when signals bend as they pass through certain barriers, such as glass or water. Diffraction is when signals have to pass around barriers to reach a particular destination. All of these phenomena can weaken the radio signals used in wireless networking, but absorption is the primary problem for Ralph in this case.
Alice is the administrator of a wireless network that has client computers in a number of small offices, all located on the same floor of an office building built in the mid-twentieth century. The network has an IEEE 802.11g Access Point (AP) located at the approximate center of the floor. Workstations in most of the rooms connect to the network at 54 Mbps, but the computers in one particular room rarely connect at speeds above 11 Mbps. Which of the following might be the cause of the problem? a) The computers in the problematic room are configured to use a different wireless encryption protocol than the AP. b) The computers in the problematic room are experiencing an SSID mismatch. c) The network adapters in the problematic computers support IEEE 802.11a, not 802.11g. d) The RSSI of the problematic computers might be low, due to excessive distance from the AP.
D. As wireless computers move farther away from the AP, their signals attenuate (weaken), their Received Signal Strength Indicators (RSSIs) go down, and the maximum speed of their connections drops. If the computers were using a different encryption protocol than the AP, there would be no connection at all, not a diminished connection speed. A SSID mismatch would cause the computers to connect to a different network, not necessarily connect at a slower speed. If the computers had 802.11a adapters, they would fail to connect to the AP at all, because 802.11a requires the use of the 5 GHz frequency band, and 802.11g uses 2.4 GHz.
Which of the following is a function typically classified as vulnerability scanning? a) Network mapping b) Remediation c) Penetration testing d) Port scanning
D. Port scanning, the process of looking for open Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports that are exploitable by attackers, is one of the many functions that qualifies as a type of vulnerability scanning. Network mapping, the remediation of vulnerabilities, and penetration testing, which is the process of deliberately performing a planned attack, are not considered vulnerability scanning techniques.
Which of the following Internet Protocol (IP) address assignments indicates that a computer has been unable to communicate with a Dynamic Host Configuration Protocol (DHCP) server? a) 127.0.0.1 b) 255.255.255.0 c) 240.15.167.251 d) 169.254.199.22
D. The address 169.254.199.22 is from the 169.254.0.0/16 network address assigned to Automatic Private Internet Protocol Addressing (APIPA), a standard for the assignment of IP addresses to DHCP clients when they cannot obtain an address from a DHCP server. 127.0.0.1 is the standard IP loopback address. 240.15.167.251 is from the 240.0.0.0 network address, which is reserved for experimental use. Neither of these is ever assigned by DHCP. 255.255.255.0 is not an IP address at all; it is a subnet mask.
Alice is a new hire at Adatum Corp., and when she asks about wireless network access for her laptop, she is given a Service Set Identifier (SSID) and a passphrase. She is also told that she must add the SSID manually. Later, she types in the SSID she was given, and the computer prompts her to select a security type. Not knowing which option to choose, she selects 802.1x, because it sounds as though it should be the most secure. However, this option does not enable her to enter her passphrase, so she selects another option, WEP, and is able to type in the passphrase. However, her laptop says she "Can't connect to this network." Which of the following is the most likely cause of Alice's problem? a) Overcapacity b) Distance limitations c) Frequency mismatch d) Encryption protocol mismatch
D. The most likely cause of Alice's problem is that she has selected an incorrect encryption protocol. Wired Equivalent Privacy (WEP) is still provided as an option on many wireless devices, but it has long since been found to be insecure and is almost never used. Alice should try selecting the other security types that enable her to enter her passphrase, such as WiFi Protected Access II (WPA2). Although the other options are possible causes of the problem, encryption protocol mismatch is the most likely cause.
Ralph has a wired home network with three Windows computers, a switch, and a cable modem/router that provides access to the Internet. All three computers are able to access the Internet, but none of them can access filesystem shares on the others. Which of the following is the most likely cause of the problem on the three network computers? a) Incorrect IP addresses b) Incorrect subnet mask c) Incorrect default gateway address d) Incorrect ACL settings
D. The problem is most likely incorrect Access Control List (ACL) settings. Because the computers are all able to access the Internet, their Transmission Control Protocol/Internet Protocol (TCP/IP) settings, including their IP addresses, subnet mask, and default gateway address, must be correct. However, if the users do not have the correct permissions in the ACLs of the filesystem shares, they will not be able to access the shares over the network.
Several accounting consultants are working in Ed's office for the first time, and they are unable to connect to the 802.11g wireless network with their laptops. They are selecting the correct Service Set Identifier (SSID) from the Available Networks list, but they cannot connect, and there are no error messages of any kind. Which of the following tasks should Ed perform to try to resolve the problem? a) Check the network adapters in the laptops for channel overlap b) Change the frequency used by the Wireless Access Point (WAP) from 2.4 GHz to 5 GHz c) Examine the area where the consultants are working for possible sources of signal interference d) Make sure that the consultants' laptops are configured to use the correct wireless security protocol
D. The use of an incorrect wireless security protocol is a well-known source of errorless connection failures, so checking this will most likely enable Ed to locate the source of the problem. Channel overlap is a problem that Ed would check and resolve at the Access Point (AP), not the users' workstations. It is not possible to change the frequency on the WAP because the 802.11g standard only supports the 2.4 GHz frequency. Although signal interference could conceivably be the cause for a connection failure, the users can see the network, so this is probably not the problem.
Ralph is deploying an 802.11n wireless network for a client that calls for the best possible security without deploying additional servers. When setting up the Wireless Access Point (WAP), Ralph disables Service Set Identifier (SSID) broadcasts, selects WiFi Protected Access security with Pre-Shared Keys (WPA-PSKs), and configures Media Access Control (MAC) address filtering. Which of the following statements about the security of this arrangement is true? a) The configuration is as secure as Ralph can make it with the specified equipment. b) Ralph should not disable SSID broadcasts since this prevents users from connecting to the network. c) Ralph should not use MAC address filtering, because it exposes MAC addresses to possible attacks. d) Ralph should use WiFi Protected Access II (WPA2) instead of WPA, because it is more resistant to certain types of attacks.
D. WPA has been found to be vulnerable, and WPA2 was designed to address those vulnerabilities, so Ralph should use WPA2 instead of WPA. Suppressing SSID broadcasts does not prevent users from connecting to the network, and MAC filtering strengthens security without exposing MAC addresses to undue risk.
Ralph purchases some 802.11a wireless network adapters for desktop computers at a yard sale, which he intends to use on his 802.11g home network. He installs one of the adapters in a computer and attempts to connect it to the network, but he cannot see his Service Set Identifier (SSID). He tries a different adapter, thinking the first one might be broken, but that one does not work either. What can Ralph do to resolve the problem and connect the computer to his network? a) Move the computer closer to the Access Point (AP). b) Configure the AP to use the 5 GHz frequency. c) Manually enter the SSID in the computer's client software. d) Nothing. 802.11a equipment cannot connect to an 802.11g network.
D. Wireless Local Area Network (WLAN) equipment built to the 802.11a standard can only use the 5 GHz frequency. However, an 802.11g AP can only use the 2.4 GHz frequency. Therefore, the network adapters cannot connect to Ralph's AP.