Security School

Lesson 1 Quiz Answers

1.) a. Forged Deauthenticate frames
Any wireless communication is vulnerable to jamming and sniffing; any TCP-based device is potentially vulnerable to TCP SYN floods. But forged Deauthenticate frames take advantage of the fact that 802.11 management protocols lack cryptographic integrity checks.

<< Back to quiz
























































2.) a. Confidentiality
WEP uses RC4 to scramble 802.11 data, so that only those who have the WEP key can decrypt and make sense of confidential data.

<< Back to quiz
























































3.) d. 802.11 data frame, protected by WPA
Of these, only Wi-Fi Protected Access version 2 (WPA2) uses a message authentication code (MAC) and sequence numbers to detect forged or replayed data. Currently, 802.11 control and management frames cannot be protected from these attacks, no matter whether the WLAN is using WEP, WPA or WPA2. (In the future, 802.11w will extend integrity protection to management frames.)

<< Back to quiz
























































4.) a. Shared key authentication is required by 802.1X.
802.1X port access control does not use 802.11 shared key authentication. Instead, 802.1X occurs after the station completes 802.11 open system authentication and associates to the AP.

<< Back to quiz
























































5.) b. False
WPA2-Enterprise uses 802.1X to control the flow of data through a wireless AP into an upstream network. Stations that fail 802.1X, or do not even try to authenticate, can still transmit, but any data they might send will simply be discarded by the AP.

>> Move to Lesson 2: How to build a secure wireless infrastructure

<< Return to Lesson 1 quiz

This was first published in February 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: