Chapter 11

Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?

a. EAP-FAST

Which of these does not require authentication?

a. Open method

Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be?

b. Bluesnarfing

Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered?

b. Captive portal

Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC?

b. Controller AP

Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key?

b. IV

Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability?

b. It allows an attacker to bypass network security configurations.

Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP?

b. It is a framework for transporting authentication protocols.

Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate?

b. Near field communication (NFC)

Which of these is NOT a type of wireless AP probe?

b. WNIC probe

Which of these is NOT a risk when a home wireless router is not securely configured?

b. Wireless endpoints must be manually approved to connect to the WLAN.

Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack?

c. IEEE 802.iw separate

Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?

c. PIN method

What is a difference between NFC and RFID?

c. RFID is designed for paper-based tags while NFC is not.

Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust?

c. RFID spectrum

Which of these is the encryption protocol for WPA2?

d. CCMP

Which of these is a vulnerability of MAC address filtering in a WLAN?

d. MAC addresses are initially exchanged unencrypted

Which WPA3 security feature is designed to increase security at the time of the handshake?

d. SAE

Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network?

d. Wi-Fi Direct

Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing?

d. Evil twin