CompTIA Security+ Sy0-601 Chapter 9

Which of the following are symmetric block ciphers? (Choose two.) A. CBC-MAC B. RSA C. AES D. ECC

A and C. Cipher block chaining message authentication code (CBC-MAC) uses a symmetric block cipher such as AES with a shared secret key to encrypt message hashes (not the message itself) to authenticate messages.

Which authentication protocols require only the server to be configured with a PKI certificate? (Choose two.) A. EAP-TTLS B. EAP-TLS C. EAP-FAST D. PEAP

A and D. EAP-TTLS enhances EAP-TLS in that authentication occurs through an encrypted tunnel as opposed to over the network without a secure tunnel. Protected Extensible Authentication Protocol (PEAP) is commonly used for IEEE 802.1x authentication; it uses a server-side PKI certificate to create an encrypted connection through which password authentication occurs, after which network access is granted.

During a network security audit, open WAPs are discovered on the corporate network. Which security protocols can be enabled to add a layer of security to the use of the WAPs? (Choose two.) A. WPA2 B. NFC C. IV D. WPA3

A and D. WPA versions 2 and 3 provide security beyond open Wi-Fi networks by encrypting connections using either WPA2 PSKs or WPA3 Simultaneous Authentication of Equals (SAE) keys configured on both ends of the connection, or by requiring authentication to a centralized RADIUS server (often called WPA enterprise) hosted on a protected network.

Which authentication protocol does not require the use of PKI certificates? A. EAP-FAST B. PEAP C. EAP-TTLS D. EAP-TLS

A. EAP-FAST is a network authentication protocol that uses a shared secret (PKI certificates are not required) to establish a secured encrypted tunnel between two end-points through which authentication then occurs.

You are configuring MAC filtering rules on a wireless router. Which Windows command will display a station's wireless interface MAC address? A. ipconfig /all B. ipconfig C. ipconfig /mac D. ipconfig /flushdns

A. The Windows ipconfig /all command as depicted in Figure 9-4 shows the 48-bit physical (MAC) address for each enabled network interface on the host.

A veterinary clinic implants chips into dogs so that information about each dog and owner can be read in case the dog gets loose. What types of technology are being used in this scenario? (Choose two.) A. EAPOL B. NFC C. RFID D. IEEE 802.1x

B and C. NFC is a low-speed, close-proximity (approximately 4 centimeters, or 1.6 inches) wireless transmission standard often used for ticketing, inventory or as a payment method. NFC is a type of RFID protocol, which is normally used as method of uniquely identifying items over radio waves. NFC exists within the RFID standards hierarchy. NFC dog chips can be read by anybody with an NFC-enabled smartphone to retrieve owner information.

You are configuring EAP-TTLS for wireless network authentication. Which statements regarding your configuration are correct? (Choose two.) A. Clients require a PKI certificate. B. Servers require a PKI certificate. C. Servers do not require a PKI certificate. D. Clients do not require a PKI certificate.

B and D. EAP-TTLS enhances EAP-TLS in that authentication occurs through an encrypted tunnel, as opposed to over the network without a secure tunnel. EAP-TLS is a network authentication protocol that requires a PKI certificate on both sides of a network connection, such as on a user's smartphone and on a WAP; EAP-TTLS, however, requires only a server-side PKI certificate.

You have discovered an unauthorized wireless router that a user plugged into a network jack in her office. Which term best describes this scenario? A. Evil twin B. Rogue access point C. Jamming D. Bluejacking

B. A rogue access point is an active unauthorized wireless access point (WAP). Unknowing users may use an unauthorized WAP for their own convenience at work, without realizing that the configuration could compromise network security. Malicious users can also deploy this to gain wireless access to a network if the access point is connected to a wired network, or their intent may be to trick users into connecting to the access point, because it has the same extended service set identifier (ESSID), or wireless network name, as a valid access point, so that they can capture user traffic.

During the IEEE 802.1x authentication process, which network protocol is used between the authenticator and authentication server? A. EAPOL B. RADIUS C. TCP D. UDP

B. RADIUS is used between an authenticator such as a WAP and an authentication server. RADIUS traffic normally uses UDP port 1812.

Which standard port is used to authenticate with a RADIUS server? A. UDP 161 B. UDP 1812 C. TCP 80 D. TCP 443

B. RADIUS server authentication uses a standard port number of UDP 1812.

A hotel guest holds a room card near the door card reader to unlock her hotel room door. What type of system is being used? A. EAPOL B. RFID C. IEEE 802.1x D. WPA3

B. RFID is a standard method of uniquely identifying items over radio waves and is used in hotel room access cards.

After reviewing device security logs, you learn that a malicious user in an airport terminal seating area was able to connect wirelessly to a traveling employee's smartphone and downloaded her contact list. Which type of attack has taken place? A. Bluejacking B. Bluesnarfing C. Disassociation D. Social engineering

B. The theft of sensitive information using Bluetooth wireless technology is referred to as bluesnarfing. This technique does not require the target victim's device to have Bluetooth discovery enabled, although Bluetooth itself must be turned on. Freely available tools can be used to discover and connect to a victim's Bluetooth device to retrieve and delete contact lists, view phone call logs, make phone calls on the target device, and perform other nefarious deeds.

You have been tasked with configuring WAPs in your organization so that authentication takes place on a secured server on a private network instead of directly on the WAP. What type of server should you implement? A. Forward proxy server B. Reverse proxy server C. RADIUS server D. VPN concentrator

C. A Remote Authentication Dial-In User Service (RADIUS) server is a centralized authentication server that receives authentication requests on behalf of supplicants such as user devices, from RADIUS clients such as WAPs, and VPN concentrators of network switches. This prevents authentication from occurring on edge devices such as network switches, thus increasing security. RADIUS authentication traffic normally occurs over UDP port 1812.

Which authentication protocol requires the client and server to be configured with a PKI certificate? A. EAP-FAST B. IEEE 802.1x C. EAP-TTLS D. EAP-TLS

D. Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) is a network authentication protocol that requires a PKI certificate on both sides of a network connection, such as on a user's smartphone and on a WAP.

You need to implement a network security solution that grants network access only after successful user authentication and device condition checks. What should you deploy? A. PSK B. WPS C. EAP D. IEEE 802.1x

D. IEEE 802.1x is the port-based network access control (NAC) standard. This solution requires that devices be authenticated before being granted wired or wireless network access. NAC can require that devices meet certain conditions such as device type and configuration, updates having been installed, and so on.

What is the relationship between NFC and RFID? A. There is no relationship. B. RFID uses NFC. C. Both operate at 900 MHz. D. NFC uses RFID.

D. NFC is a low-speed, close-proximity (approximately 4 centimeters, or 1.6 inches) wireless transmission standard often used for ticketing, inventory, or as a payment method. NFC falls under the RFID protocol, which is normally used as method of uniquely identifying items (think inventory control) over radio waves.

Which term is used to describe RFID chips that do not have their own power supply? A. Passive emitter B. Active emitter C. Passive receiver D. Active receiver

A. RFID is a standard method of uniquely identifying items over radio waves, such as for tracking inventory or building access cards. Passive emitters do not have their own power but wait for connections from an RFID reading device.

During the IEEE 802.1x authentication process, which network protocol is used between the supplicant and authenticator? A. EAPOL B. RADIUS C. TCP D. UDP

A. The initial connection between a supplicant and an IEEE 802.1x authenticator such as an Ethernet network switch occurs using the Extensible Authentication Protocol over LAN (EAPOL). After successful authentication, the authenticator flags the connected supplicant port as being authorized.

A malicious user, Ivan, is attempting to learn the Wi-Fi password for a protected wireless network by creating a fake wireless access point identical to the real one. Ivan is hoping that users will connect to his fake WAP and provide their Wi-Fi passwords. What type of attack is this? A. Jamming B. Evil twin C. Bluesnarfing D. Bluejacking

B. A rogue access point specifically configured to appear as a known legitimate access point is known as an evil twin. Malicious users deploy evil twins to trick users into connecting to their access point with the intent of stealing sensitive user information.

When connecting to hotel Wi-Fi networks, employees are presented with a web page requiring further authentication before providing Internet access. What type of authentication method is in use? A. Wi-Fi protected setup B. Captive portal C. PSK D. Open

B. Captive portals control Internet access, usually with a web page that displays automatically upon connecting to a network. The portal requires that the user enter a username, password, voucher number, or hotel room code, and the user must agree to the terms of use to access the Internet.

You are configuring wireless router WPA2 enterprise settings. Which items must be specified? (Choose two.) A. PSK B. Wireless channel C. Shared secret D. RADIUS server IP address

C and D. WPA2 enterprise settings use a RADIUS server for centralized authentication; thus a RADIUS shared secret used to authenticate the wireless router to the RADIUS server is required, and the RADIUS server IP address is required so the wireless router knows where to forward supplicant authentication requests.

Penetration testers are executing Wi-Fi disassociation attacks as part of their mandate. What type of behavior can Wi-Fi users expect during the pen test? A. Wi-Fi users will not notice anything unusual. B. Wi-Fi users will notice wireless network performance degradation. C. Wi-Fi users will notice Wi-Fi network disruptions. D. Wi-Fi users will notice that their devices will randomly reboot.

C. Disassociating a device from a wireless network is equivalent to unplugging a wired network computer from a network switch port. Wireless users will experience sporadic wireless network disruptions.

Which wireless protocol stack is used for contactless payments and ticketing applications? A. WPA3 B. IEEE 802.1x C. NFC D. EAPOL

C. Near Field Communication (NFC) is a low-speed, close-proximity (approximately 4 centimeters, or 1.6 inches) wireless transmission standard often used for ticketing, inventory, or as a payment method.

Which of the following security protocols is designed specifically for Wi-Fi networks? A. IPSec B. SSL C. WPA D. TLS

C. Wi-Fi protected access (WPA), of which the current version is 3, supersedes WEP and WPA2 to provide Wi-Fi network security.

One of your remote users has begun working from home. The user lives in a building in a small, one-bedroom apartment. After installing a wireless router at the his home, the user complains about intermittent wireless network disruptions. What is the most likely cause of this problem? A. Wireless router placement B. Faulty wireless router C. Cell phone tower interference D. Overlapping Wi-Fi channels

D. Multiple WAPs in close proximity to one another increase the possibility of overlapping Wi-Fi channels. One way to counter this is to change the channel used by the WAP, so if WAP1 is using channel 3, instead of using the next channel for WAP2, you would choose the furthest frequency band possible, such as channel 11. A Wi-Fi analysis tool can be used to conduct a site survey to determine local WAPs and their channel usage, as well as to provide a heat map, or visualization, of WAP signal coverage.

Log files from your wireless router must be sent via e-mail to your inbox. You need to ensure that the network firewall allows connectivity between the wireless router and your internal SMTP mail server. Which port must the firewall allow? A. UDP 25 B. UDP 161 C. TCP 80 D. TCP 25

D. SMTP exchanges mail messages between SMTP servers over TCP port 25.

During the IEEE 802.1x authentication process, which term is used to describe a user's smartphone device attempting to authenticate to the wired network through a wireless access point? A. Client B. Applicant C. Authenticator D. Supplicant

D. Supplicant is the term used to describe an end-point client device attempting to authenticate to the network.

You need to connect an IoT device with a QR code to a wireless network. The wireless network uses WPA3 security. Which WPA3 feature will solve the problem in this scenario? A. Always On VPN B. Pre-shared key C. RADIUS authentication D. Wi-Fi Easy Connect

D. The Wi-Fi Easy Connect standard enables wireless network connectivity by simply scanning the WAP and IoT device quick response (QR) codes with a smartphone. The WAP QR code can be generated using a Wi-Fi Easy Connect app, while some phones have this capability built into their Wi-Fi settings.

Which of the following represents a weakness of the Wired Equivalent Privacy (WEP) protocol? A. 128-bit initialization vector B. Inability to secure connections with HTTPS C. Inability to secure connections with IPSec D. 24-bit initialization vector

D. Using a 24-bit value for the WEP initialization vector (IV) provides 16.7 million possible values, so reusing IVs is inevitable on busy Wi-Fi networks since very packet contains an IV. Given the capture of enough clear text IVs on a Wi-Fi network and WEP's weak implementation of the RC4 cryptographic algorithm, attackers can easily determine the network encryption key (they already know 24 bits of it) using freely available tools.

To which network security protocol does Simultaneous Authentication of Equals (SAE) apply? A. WEP B. IPSec C. WPA2 D. WPA3

D. WPA3 can be configured to use SAE keys configured on both ends of the connection to provide Wi-Fi security. SAE keys are not susceptible to offline dictionary attacks due to how both connecting devices generate and agree upon group domain parameters during session setup. Parameters are never sent over the network, thus rendering SAE network conversation captures useless for dictionary attacks.

Which Wi-Fi component is used to manage multiple wireless routers? A. PSK B. IEEE 802.1x C. WAP D. WLAN controller

D. Wireless local area network (WLAN) controllers are used in larger network environments where managing the settings of individual WAPs is not feasible. Each WAP has its own unique basic service set identifier (BSSID), which is the WAP MAC address.