WIRELESS AND MOBILE SECURITY

QUIZ 4 UC3F1511IT (ISS) MSB- CT094-3.5-3-WMSS

-------------------------------------------------------Submit
the
answers
to
cwspsubmission@gmail.com

the

following

e-mail

address

1. Before an 802.11 client STA can pass traffic through the AP, which two of
the following must occur? (Choose two answers.)
A. 802.1X
B. EAP
C. Association
D. Authentication
E. WEP keys must match
2. Which of the following is contained in a WEP encrypted frame? (Choose all
that apply.)
A. IV in cleartext format
B. IV in encrypted format
C. Key Identifier
D. WEP key in encrypted format
E. 64 - bit Initialization Vector
3. 128 - bit WEP encryption uses a user - provided static key of what size?
A. 64 bits
B. 104 bits
C. 104 bytes
D. 128 bits
E. 128 bytes
4. When SSID cloaking is enabled, which of the following occurs? (Choose all
that apply.)
A. The SSID field is set to null in the beacon frame.
B. The SSID field is set to null in the probe request frame.
C. The SSID field is set to null in the probe response frame.
D. The AP stops transmitting beacon frames.
E. The AP stops responding to probe request frames.
5. Which technologies use the RC4 or ARC4 cipher? (Choose all that apply.)
A. Static WEP
B. Dynamic WEP
C. PPTP
D. L2TP
E. MPPE

6. Which of the following is not defined by the 802.11 - 2007 standard?

(Choose all that apply.)
A. WEP
B. VPN
C. MAC filtering
D. SSID segmentation
E. SSID cloaking
7. 802.11 pre - RSNA security defines which wireless security solution?
A. Dynamic WEP
B. 802.1X/EAP
C. 64 - bit static WEP
D. Temporal Key Integrity Protocol
E. CCMP/AES
8. Which of the following have been deprecated in the 802.11 - 2007
standard? (Choose all that apply.)
A. Wired Equivalent Privacy
B. Temporal Key Integrity Protocol
C. Point - to - Point Tunneling Protocol
D. Shared Key authentication
E. Open System authentication
9. Peter is configuring an autonomous AP to provide segmentation of three
groups of wireless user traffic on the corporate network. Which of the
following are recommended ways of doing this? (Choose all that apply.)
A. Create a single SSID and have the traffic from each of the groups of users
placed on a separate VLAN.
B. Create three separate SSIDs, one for each group, and have each SSID
linked with a separate VLAN.
C. Create a trunk for each of the VLANs between the AP and the upstream
switch.
D. Create a single trunk for all of the VLANs between the AP and the
upstream switch.
E. Configure each of the SSIDs with the same encryption keys for easier
management and administration.
F. Configure each of the SSIDs with different encryption keys, even though it
will be more difficult to manage and administer.
10. Evan has configured a laptop and an AP, each with two WEP keys. WEP
key 1 is the same on both devices, and WEP key 2 is the same on both
devices. He configured the laptop to use WEP key 1 to encrypt its data. He
configured the AP to use WEP key 2 to encrypt its data. Will this configuration
work?
A. No, since there is only one WEP key on each device.

B. No, since the value of the WEP key must be identical on both the laptop
and the AP.
C. Yes, as long as the value of WEP key 1 is identical on both computers and
the value of WEP key 2 is identical on both computers.
D. Yes. The laptop and AP will only use the first WEP key, so as long as the
value of these keys is identical, the configuration will work.
E. Yes. The laptop and AP will attempt to use each of the WEP keys when
decrypting a frame.
11. Laura is attempting to diagnose a WLAN by using a packet analyzer to
capture the exchange of frames and packets between a wireless client and
the AP. In the process of analyzing the packets, she sees two 802.11
authentication frames, two 802.11 association frames, DHCP requests and
responses, and then she begins to see encrypted data. Which of the
following could the client be using? (Choose all that apply.)
A. Open System authentication
B. Shared Key authentication
C. 802.1X/EAP
D. WEP
E. PPTP
F. L2TP/IPsec
12. This graphic shows a packet capture of a successful 802.11
authentication. In which of the following types of client connections could
this authentication not occur? (Choose all that apply.)

A. 802.1X/EAP
B. VPN
C. WEP with Shared Key authentication
D. WEP with Open System authentication
E. Open System authentication with WEP
14. 128 - bit WEP encryption uses a IV and a static key.
A. 64 bit and 64 bit
B. 24 bit and 104 bit
C. 28 bit and 100 bit
D. 20 bit and 108 bit

E. None of the above

15. The graphic shows a packet capture of a successful 802.11
authentication. In which of the following types of client connections could
this not occur?

A. 802.1X/EAP
B. VPN
C. WEP with Shared Key authentication
D. WEP with Open System authentication
E. Unencrypted
16. Which hash algorithms can be used in the IKE Authentication process?
(Choose all that apply.)
A. Diffie - Hellman
B. MS - CHAPv2
C. MD5
D. ISAKMP
E. SHA 1
17. What is a possible vulnerability when deploying a Layer 3 IPsec VPN as a
security solution for an 802.11 wireless network? (Choose all that apply.)
A. Layer 3 VPNs use weak encryption that can be cracked.
B. Layer 3 VPNs provide no segmentation solution.
C. Layer 3 VPNs break up collision domains but not broadcast domains.
D. Access points are still open to attack.
E. A WLAN controller is still open to attack.
18. Which of these authentication methods is the most secure?
A. Open System authentication with WEP
B. Open System authentication without WEP
C. Shared Key authentication
D. 802.1X/EAP authentication
19. Which of the following specifications are true for an SSID? (Choose all
that apply.)
A. Up to 20 characters
B. Up to 32 characters
C. Case sensitive
D. Spaces are allowed

E. Spaces are not allowed

20. Which 802.11 Layer 2 protocol is used for authentication in an 802.1X
framework?
A. Extensible Authentication Protocol
B. Extended Authentication Protocol
C. MS - CHAP
D. Open System
E. Shared Key