Test your knowledge of wireless LAN vulnerabilities with this series of multiple-choice questions. To learn more about securing your WLAN, listen to the accompanying SearchSecurity.com tutorial webcast Locking down your WLAN part 1: Identifying threats with Lisa Phifer. Also read Lisa's Executive Security Briefing, Keeping wireless intruders away.
To take the test, jot your answers down on a piece of scrap paper, then check your answers here. No peeking!
1. According to business IT administrators interviewed by Microsoft, the top barrier to WLAN deployment is currently:
a) Speed
b) Support Resources
c) Budget
d) Security
2. War drivers can be prevented from discovering wireless LANs by:
a) Disabling SSID broadcasts
b) Turning on WEP
c) Placing access points indoors
d) All of the above
e) None of the above
3. Controlling WLAN access does NOT address which threat:
a) Unauthorized Resource Consumption
b) Sniffing and Eavesdropping
c) Peer Station Intrusion
d) Internet Access Freeloaders
4. Wireless access points should be deployed:
a) Inside the perimeter firewall
b) In the firewall's demilitarized zone
c) Outside the perimeter firewall
d) On the outside or DMZ
e) On the inside or outside
5. Which of the following is FALSE about 802.11 shared key authentication:
a) Access point is not authenticated
b) Station user is not individually authenticated
c) Authentication keys are different for every station
d) Authentication keys are often static, configured manually
6. MAC address "spoofing" refers to:
a) Configuring a station's MAC addresses
b) Using the MAC address of another station
c) Corrupting a peer station's address
d) Making fun of MAC addresses
7. Rogue access points reported by a WLAN analyzer can refer to:
a) APs owned by neighbors and visitors
b) APs installed by employees without IT approval
c) APs that masquerade as legitimate APs while attacking your network
d) All of the above
8. Which of the following statements is TRUE about WEP:
a) WEP stands for Wireless Ethernet Privacy
b) WEP is enabled by default in most 802.11 products
c) WEP is harder to crack if you use dynamic keys
d) WEP is so vulnerable that it should never be used
9. Surfing the Internet over wireless exposes nothing important, because anything confidential is probably SSL-encrypted anyway:
a) True
b) False
10. The new 802.11i Temporal Key Integrity Protocol (TKIP) is stronger than the original 802.11 WEP because it:
a) Does not use authentication keys directly as encryption keys
b) Uses a longer initialization vector
c) Uses a different cipher for encryption
d) All of the above
e) Answers A and B, but not C
f) Answers B and C, but not A
11. WEP stops man-in-the-middle attacks by detecting changes made to frames in transit.
a) True
b) False
12. Denial-of-service attacks against wireless LANs that cannot be prevented with today's 802.11b products include:
a) Associate floods
b) De-authenticate floods
c) Bluetooth jamming
d) All of the above
13. According to JupiterMedia's survey, which of the following security incident occurs nearly as often as finding rogue access points:
a) Loss of confidential data
b) Clients associating with the wrong access point
c) Bandwidth theft
d) Wireless access point break-in
14. During site surveys, wireless LAN discovery should include:
a) Parking lots
b) Stairwells
c) Bathrooms
d) Floors above and below
e) All of the above
15. Which of the following NOT a common wireless LAN analyzer feature:
a) Use of 802.11 drivers to interact with the link layer
b) Track usage to report statistics and analyze patterns
c) Decode packets to display protocol headers and payload
d) Send SNMP traps to alert the network administrator
16. If a war driver discovers my wireless LAN, he can access the Internet or attack my Intranet servers using 802.11 as a vector.
a) True
b) False
Check your answers.
