As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?
Given: ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN.
Before creating the WLAN security policy, what should you ensure you possess?
In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?
What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hot-spots?
As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.
When writing the 802.11 security policy, what password-related items should be addressed?
While seeking the source of interference on channel 11 in your 802.11n WLAN running within 2.4 GHz, you notice a signal in the spectrum analyzer real time FFT display. The signal is characterized with the greatest strength utilizing only 1-2 megahertz of bandwidth and it does notuse significantly more bandwidth until it has weakened by roughly 20 dB. At approximately -70 dB, it spreads across as much as 35 megahertz of bandwidth.
What kind of signal is described?
Given: ABC Company secures their network with WPA2-Personal authentication and AES-CCMP encryption.
What part of the 802.11 frame is always protected from eavesdroppers by this type of security?
Given: ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hot-spot include:
What security controls would you suggest? (Choose the single best answer.)
When TKIP is selected as the pairwise cipher suite, what frame types may be protected with data confidentiality? (Choose 2)
What wireless security protocol provides mutual authentication without using an X.509 certificate?
Given: AAA is an architectural framework used to provide three separate security components in a network. Listed below are three phrases that each describe one aspect of the AAA framework.
Option-1 — This AAA function is performed first and validates user identify prior to determining the network resources to which they will be granted access.
Option-2 — This function is used for monitoring and auditing purposes and includes the collection of data that identifies what a user has done while connected.
Option-3 — This function is used to designate permissions to a particular user.
What answer correctly pairs the AAA component with the descriptions provided above?
You are using a protocol analyzer for random checks of activity on the WLAN. In the process, you notice two different EAP authentication processes. One process (STA1) used seven EAP frames (excluding ACK frames) before the 4-way handshake and the other (STA2) used 11 EAP frames (excluding ACK frames) before the 4-way handshake.
Which statement explains why the frame exchange from one STA required more frames than the frame exchange from another STA when both authentications were successful? (Choose the single most probable answer given a stable WLAN.)
Given: Fred works primarily from home and public wireless hot-spots rather than commuting to the office. He frequently accesses the office network remotely from his Mac laptop using the local 802.11 WLAN.
In this remote scenario, what single wireless security practice will provide the greatest security for Fred?
The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?
You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?
Given: You manage a wireless network that services 200 wireless users. Your facility requires 20 access points, and you have installed an IEEE 802.11-compliant implementation of 802.1X/LEAP with AES-CCMP as an authentication and encryption solution.
In this configuration, the wireless network is initially susceptible to what type of attacks? (Choose 2)
What is a primary criteria for a network to qualify as a Robust Security Network (RSN)?
Given: The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions.
What are three uses for such a tool? (Choose 3)
Given: ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individualshave raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations.
As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication? (Choose 2)
Given: You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data.
What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?
Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation’s wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user’s connections. XYZ’s legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices.
With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?
An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or data. What kind of attack is described?
What software and hardware tools are used together to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network? (Choose 2)
TESTED 19 May 2024
