Wireless Security Lunchtime Learning Entrance Exam Answers

1.) The correct answer is: d. Omitting SSID from beacons prevents attackers from finding a WLAN.
End users and some stumblers may have trouble determining the name of your WLAN if SSID is omitted from beacons, but attackers can always obtain SSID by capturing many other frames that carry this name.

<< Back to exam

2.) The correct answer is: a. 802.1X key delivery
Key caching and pre-authentication reduce the delay incurred when a station roams to a new AP and must use 802.1X to re-authenticate and re-key. In other words, 802.1X causes delay, while 802.11i key caching and pre-authentication options try to reduce that delay.

<< Back to exam

3.) The correct answer is: c. EAP-MD5
EAP-MD5 cannot be used in WLANs because it does not provide key delivery, mutual authentication or protection against man-in-the-middle attacks on authentication messages. MAC ACLs and LEAP also have serious vulnerabilities, but are still widely used in WLANs. EAP-SIM can be used to control WLAN access by devices like dual-mode phones with SIM cards.

<< Back to exam

4.) The correct answer is: d. Inhibit communication between the rogue and legitimate stations
Deauthenticates may also impact unauthorized stations, but the WIPS' primary objective is to disconnect legitimate stations so that they cannot maintain associations with the rogue. Other WIPS tools can be used to locate or disconnect the rogue from the wired network.

<< Back to exam

5.) The correct answer is: a. KisMAC
KisMAC is an attack tool written for MacOS that can discover WLANs and crack either WEP keys or WPA-personal pre-shared keys. A cracked WPA-PSK can be used by the attacker to access the WLAN just like a legitimate user. Knowing the WPA-PSK may also let the attacker decrypt captured traffic.

<< Back to exam

6.) The correct answer is: b. False
Employees that carry wireless devices -- for example, laptops used with wireless LANs at home or on the road -- may connect to rogue APs, exposing your network resources and data. In fact, most companies that have a "no wireless" policy find unauthorized associations between their employees and APs owned by neighboring businesses.

<< Back to exam

7.) The correct answer is: a. True
Although 802.1X is designed for enterprises with authentication infrastructure and IT staff to install and maintain it, alternatives exist for small businesses and others with limited resources, including open source RADIUS servers and outsourced 802.1X authentication services.

<< Back to exam

8.) The correct answer is: c. Use 802.1X to return VLAN tags, then block untagged traffic
Like any group password, WPA-PSK is vulnerable to social engineering and grants every user the same WLAN access. Creating separate WLANs for guests and employees is a good start, but not enough -- you still need to segregate visitor traffic entering your network and stop visitors from using the employee WLAN. Option c. allows you to filter traffic sent by 802.1X-authenticated users so that you can block visitor traffic from reaching restricted portions of your network.

<< Back to exam

9.) The correct answer is: d. Reassigning channels used by your APs
Radio interference is most commonly dealt with by avoiding congested channels -- like using 802.11a instead of 802.11g. Outside transmissions can reach well inside your building, passing through doors and walls. Centralizing APs or using directional antennas can reduce your own WLAN's signal leakage but won't stop external interference.

<< Back to exam

10.) The correct answer is: d. A WIPS may help with compliance reporting.
Many WIPS can now generate canned HIPAA, DoDD and other compliance reports. Why are the other statements false? There are many scenarios that cannot be secured by 802.11i alone, like mobile workers at public hotspots. All Wi-Fi certified products have been required to support WPA2 for several years. Finally, embedded WIPS are often capable of using monitor-only APs where full-time monitoring is required.

>> Move to Lesson 1: How to counter wireless threats and vulnerabilities

<< Return to the Entrance Exam

<< Return to Wireless Security Lunchtime Learning

This was last published in February 2006

Dig Deeper on Wireless network security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.