3. Which of the following sends unsolicited business cards and messages to a Bluetooth device?a. Slammingb. Bluesnarfingc. BLUEJACKINGd. Bluebugging
4.Which of the following is the best protection to prevent attacks on mobile phones throughthe Bluetooth protocol?
5. You are troubleshooting a wireless connectivity issue in a small office.You determine thatthe 2.4 GHz cordless phones used in the office are interfering with the wireless networktransmissions.If the cordless phones are causing the interference, which of the followingwireless standards could the network be using? (Select two)
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Precision Machining Technology
Hoffman/Hopewell
Expert Verified
-BLUETOOTH-Infrared-802.3a6.Your organization uses an 802.11g wireless network.Recently, other tenants installed thefollowing equipment in your building:-A wireless television distribution system running at 2.4 GHz-A wireless phone system running at 5.8 GHz-A wireless phone system running at 900 MHz-An 802.11n wireless network running in the 5 GHZ frequency rangeSince this equipment was installed, your wireless network has been experiencing significantinterference.Which system is to blame?a. The 5.8 GHz wireless phone systemb. THE WIRELESS TV SYSTEMc. The 900 MHz wireless phone systemd. The 802.11n wireless network7. A user calls to report that she is experiencing intermittent problems while accessing thewireless network from her laptop computer.While she normally works from her office, todayshe is trying to access the wireless network from a conference room across the hall and next tothe elevator.What is the most likely cause of her connectivity problem?a. INTERFERENCE IS AFFECTING THE WIRELESS SIGNALb. The user has not yet rebooted her laptop computer while at her new location.c. SSID bloadcast has been disabled.d. MAC filtering is preventing the computer from connectinge. The client computer is using the wrong channel number.8. Which of the following best describes an EVIL TWIN?a. An access point that is added to the network by an internal employee to provide unauthorizednetwork access.b. A Bluetooth device that reveices mobile phone commands via bluebuggingc. AN ACCESS POINT THAT IS CONFIGURED TO MIMIC A VALID ACCESS POINT TO OBTAINLOGON CREDENTIALS AND OTHER SENSITIVE INFORMATION.d. A threat agent that marks the outside of buildings to indicate the presence of a wirelessnetwork.
Try the new Google Books
Check out the new look and enjoy easier access to your favorite features
Try the new Google Books
Check out the new look and enjoy easier access to your favorite features
This flashcard is meant to be used for studying, quizzing and learning new information. Many scouting web questions are common questions that are typically seen in the classroom, for homework or on quizzes and tests. Flashcards vary depending on the topic, questions and age group. The cards are meant to be seen as a digital flashcard as they appear double sided, or rather hide the answer giving you the opportunity to think about the question at hand and answer it in your head or on a sheet before revealing the correct answer to yourself or studying partner. Some questions will include multiple choice options to show you the options involved and other questions will just have the questions and corrects answers. Simply reveal the answer when you are ready to check your work. Absolutely no cheating is acceptable.report this ad
As you study this section, answer the following questions:> Which device broadcasts information and data over radio waves?> What are the two modes of wireless network configuration?> Where is a Wireless LAN Controller (WLC) installed?
In this section,
Service set identifier (SSID)
A unique name that identifies a wireless network.
Wireless access point (WAP)
A wireless access point broadcasts information and data over radio waves.
The interface in a device, such as a laptop or smart phone, that connects to the wireless access point.
8.1.3 Wireless Networking Facts
Wireless networking is commonplace, both in home and business environments.This lesson covers the following topics:> Wireless network hardware> Wireless network configuration
> Wireless antenna types
Wireless Network Hardware
In a small office or residential location, a Small Office Home Office (SOHO) wireless router is often used. These devices are three different devices in one:> A router function connects the internal LAN to the internet.
> A switch portion connects the in
Wireless access point (WAP)
A wireless access point broadcasts information and data over radio waves.> A wireless access point functions as a wireless hub.> The wireless access point may provide a connection to a physical wired network.
> The two classes of wireless access points
The wireless interface in a device, such as a laptop or smart phone, connects to the wireless access point.
A wireless bridge connects two wireless networks together.> The bridge is typically created using a wired connection between the two access points.
> A bridge can be implemented wirelessly using a wireless distribution system (WDS).
Wireless LAN controller (WLC)
A Wireless LAN controller is used in a enterprise environment to manage multiple access points. The WLC is placed in the networking closet and connected to a switch. The controller is able to communicate with and manage the wireless access points.
The WLC
Lightweight access point (LWAP)
Lightweight access points are used in conjunction with the wireless controller.> LWAPs contain very little technology and rely on the WLC to handle everything including client connections, authentication, updating configurations, etc.
> LWAP forwards fra
Wireless Network Configuration
There are two configuration modes for a wireless network:
> Ad hoc, also referred to as peer-to-peer, provides wireless communication without a wireless access point. The wireless interfaces of the
communicating devices send and receive radio signals dire
Wireless antennas are a key component of a Wi-Fi network. Antennas fulfill two key roles:> Absorbing incoming radio signals> Radiating outgoing radio signals
Some wireless antennas may be mounted externally to the wireless device. Others may be embedded
A normal-gain antenna usually has a gain rating between 2 and 9 dBi.
A high-gain antenna usually has a gain rating of 12 dBi or higher.
An omnidirectional antenna radiates and absorbs signals equally in every direction around the antenna. Because it spreads its gain in a 360 degree pattern, the overall range of an omnidirectional antenna is typically much less than that of a directional a
A directional antenna focuses its radiation and absorption of signals in a specific direction. Some directional antennae allow you to vary the beam from relatively wide to very narrow. The narrower the beam, the higher the gain and the longer the range.
A parabolic antenna uses a parabolic-shaped reflector dish. It is highly directional, concentrating the radio waves transmitted from the sender into a very narrow beam. When the receiver uses a parabolic antenna, it can receive a signal only from one spec
Omnidirectionalnormal-gain
Omnidirectional, normal-gain antennae are the most common type of antennae used in wireless equipment because they work reasonably well in a variety of situations.
8.1.5 Configure a Wireless Network Lab
You are a network technician for a small corporate network. You just installed a Ruckus zone controller and wireless access points throughout your office buildings using wired connections. You now need to configure basic wireless network settings.
*Access
Which of the following is used on a wireless network to identify the network name?
SSIDWireless devices use the service set identifier (SSID) to identify a network name. All devices on a wireless network use the same SSID.
The MAC address is a unique physical device address. The IP address is a logical address that includes both the lo
Which of the following is generated after a site survey and shows the Wi-Fi signal strength throughout the building?
Heat mapA heat map is generated following a site survey. A heat map shows the Wi-Fi signal strength in different locations.A diagram of the location is needed so survey results can be overlaid.A Wi-Fi analyzer is used to perform a site survey.
Ad hoc w
You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart.
Which type of wireless antenna should you use on each side of t
ParabolicHigh-gain
You should use a high-gain parabolic antenna on each side of the link. A high-gain antenna usually has a gain rating of 12 dBi or higher. A parabolic antenna uses a parabolic-shaped reflector dish. It is highly directional, concentrati
The IT manager has tasked you with installing the new wireless LAN controller (WLC).
Where should you install the controller?
Network closetA WLC should be placed in the networking closet and connected to a switch so it can communicate with and manage the wireless access points.
None of the other locations are valid locations to install the WLC.
Which type of wireless access point is generally used in a residential setting?
SOHOIn a small office or residential location, a Small Office Home Office (SOHO) wireless router is often used. These devices are three different devices in one:> A router function connects the internal LAN to the internet.
> A switch portion connects t
You need to implement a solution to manage multiple access points in your organization. Which of the following would you most likely use?
WLC
A wireless LAN controller
(WLC) is used in an enterprise environment to manage multiple access points. A WLC is placed in the networking closet and connected to a switch. The controller is able to communicate with and manage the wireless access points
Which of the following devices would you use to perform a site survey?
Wi-Fi analyzerA Wi-Fi analyzer is used to perform a site survey. A Wi-Fi analyzer can be a specialized tool or a software program running on a laptop, smartphone, or tablet.
A heat map is generated following a site survey. A heat map shows the Wi-Fi sign
Which of the following types of site surveys should be performed first?
PassiveAn initial site survey performed should be a passive survey. This survey is performed without the analyzer connecting to any specific WAP and is instead in a listen-only mode.
An active survey is performed after multiple passive surveys have been
Which of the following is responsible for broadcasting information and data over radio waves?
Wireless access pointA wireless access point (WAP) broadcasts information and data over radio waves. WAPs function as wireless hubs.A wireless bridge connects two wireless networks together.
A wireless interface in a device, such as a laptop or smartpho
Which class of wireless access point (WAP) has everything necessary to manage clients and broadcast a network already built into its functionality?
FatFat access points have everything necessary to manage wireless clients and broadcast a network. Fat access points are standalone devices.
Thin access points are basically a radio and antenna. Thin access points can broadcast a network, but require ano
As you study this section, answer the following questions:> What is the difference between bluejacking and bluesnarfing?> What is an initialization vector used for?> How can you discover rogue access points?
> What is the difference between passive and
Any unauthorized access point added to a network.
Initialization vector (IV)
A seed value used in encryption. The seed value and the key are used in an encryption algorithm to generate additional keys or encrypt data.
Radio frequency identification
RFID uses radio waves to transmit data from small circuit boards called RFID tags to special scanners.
Near Field Communication (NFC)
NFC allows two-way communication between two devices. The devices must be within a few centimeters of each other. NFC is a newer technology that is built on RFID.
A signal that corrupts or destroys a wireless signal. Interference can affect communication of access points and other wireless devices.
8.2.2 Wireless Attack Facts
Because wireless networks communicate using radio waves, they are vulnerable to attack. Common attaacks on wireless networks include Wi-Fi, Bluetooth, and radio frequency identification/near-field communication (RFID/NFC)
attacks.
This lesson covers the f
Wi-Fi networks are practically everywhere. Many organizations have setup and configured Wi-Fi networks. If not configured properly, these networks can be susceptible to attack. The following table explains common Wi-Fi attacks:
A rogue AP is any unauthorized AP added to a network. Rogue APs can allow the unauthorized capture of credentials and other sensitive information. Attackers also use this type of attack to conduct phishing and
man-in-the-middle attacks.
An example of a ro
Rogue APs placed by an attacker can be used to run a evil twin attack. In this attack:> The rogue AP is configured to mimic the legitimate network.> The attacker uses a jamming or disassociation attack to knock users off the legitimate network.
> When u
Initialization vector (IV) attack
An initialization vector is a seed value used in encryption. The seed value and the key are used in an encryption algorithm to
generate additional keys or to encrypt data.
Wired Equivalent Privacy (WEP) encryption reuses initialization vectors. The reuse
Some interference is malicious in nature, designed to disrupt wireless network communications. Malicious interference is sometimes referred to as jamming. In a jamming attack, a transmitter is tuned to the same frequency and the same type of modulation as
Disassociation/deauthentication attack
Wireless devices are vulnerable to deauthentication (deauth) and disassociation attacks because the 802.11 standard allows devices to be authenticated with multiple APs at once. When a device connects to a wireless network, special unencrypted management
Bluetooth is designed to allow devices to communicate within a personal area network (PAN) of close proximity. PAN devices include cell phones, personal digital assistants (PDAs), printers, mice, and keyboards.Bluetooth:
> Is designed for distances longe
RFID uses radio waves
to transmit data from small circuit boards, called RFID tags, to special scanners. There are two types of RFID tags:
> Active RFID tags have onboard batteries and can send signals over a long distance. Road toll passes and other type
An attacker uses an RFID reader to listen to conversations between a tag and the intended reader.
An attacker intercepts a signal from an RFID tag, then manipulates the signal before sending it to the intended recipient. This kind of attack is frequently used to take down a system.
An attacker blocks radio signals or jams the system with interfering noise.
An attacker creates a copy of an existing tag and uses the fake tag to gain access to a secure system.
8.2.6 Configure Rogue Host Protection Lab
You are a network technician for a small corporate network. You want to take advantage of the self-healing features provided by the small enterprise wireless solution you've implemented. You're already logged in as WxAdmin on the Wireless Controller conso
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
Bluejacking
Bluejacking is a rather harmless practice that entails an unknown sender sending business cards anonymously to a Bluetooth recipient within a distance of 10-100 meters, depending on the class of the Bluetooth device. The business cards usually
Which of the following best describes Bluesnarfing?
Viewing calendar, emails, and
messages on a mobile device without authorization
Bluesnarfing is the use of a Bluetooth connection to gain unauthorized access to an existing Bluetooth connection between phones, desktops, laptops, or PDAs. Bluesnarfing allo
Which type of interference is caused by motors, heavy machinery, and fluorescent lights?
EMIElectromagnetic interference (EMI) is interference caused by motors, heavy machinery, and fluorescent lights.
Radio frequency interference (RFI) is interference on the radio channel. It is caused by nearby wireless devices using the same channel, cord
Which of the following best describes an evil twin?
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.
An evil twin is a rogue access point that is configured to mimic a valid access point. In contrast, a rogue access point is any u
Which type of attack is WEP extremely vulnerable to?
IV attackWired Equivalent Privacy (WEP) is extremely vulnerable to initialization vector (IV) attacks because WEP reuses the IVs. This makes it easy for attackers to crack them and compromise the encryption.
An evil twin attack is a type of rogue access
You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless
JammingIn a jamming attack, a transmitter is tuned to the same frequency and type of modulation as the wireless network. The jamming signal overrides the legitimate wireless network radio signals. This scenario is a spark jamming attack.
A disassociation
An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device.
Which type of attack is being executed?
RelayThis scenario describes a relay attack. A relay attack occurs when an attacker can capture NFC data in transit and use the information to masquerade as the original device.
A disassociation attack occurs when a user is tricked into giving a fake rou
Which type of RFID tag can send a signal over a long distance?
ActiveActive RFID tags have onboard batteries and can send signals over a long distance. Road toll passes and other types of passes use active RFID.
Passive RFID is not powered and relies on the energy of the scanner to transmit data. These tags are seen
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network.One day, you find that an employee has connected a wireless access point to the network in his office.
Which
Rogue access pointA rogue access point is an unauthorized access point added to a network, or it is an access point that is configured to mimic a valid access point. Examples include:
> An attacker or an employee with access to the wired network installs
You are concerned that wireless access points may have been deployed within your organization without authorization.
What should you do? (Select two. Each response is a complete solution.)
Check the MAC addresses of devices connected to your wired switch.Conduct a site survey.
A rogue host is an unauthorized system that has connected to a wireless network. It could be an unauthorized wireless device, or it could even be an unauthorized wir
As you study this section, answer the following questions:> Which settings in a wireless access point can you configure to improve security?> Which cryptographic protocol uses a Remote Authentication Dial-In User Service (RADIUS) server?
> Which access
Wi-Fi Protected Access (WPA)
The most commonly used cryptographic protocol in use for wireless networks. WPA2 and WPA3 are the two versions in use.
Wireless access method that utilizes a passphrase for users to connect.
Wi-Fi Protected Setup (WPS)
Wireless access method that allows a device to securely connect to a wireless network without typing the PSK.
Wireless access method that has no authentication.
Wireless access method that forces a user to view and interact with it before accessing a network.
Standard for local area networks that is used to authenticate users to a wireless network. It was created by The Institute of Electrical and Electronics Engineers Standards Association (IEEE-SA).
Remote Authentication Dial-In User Service
A protocol used to authenticate users in a enterprise environment to a wireless network.
Extensible Authentication Protocol (EAP)
An authentication framework that uses a set of interface standards. EAP allows various authentication methods to be used.
8.3.2 Wireless Security Facts
Wireless networking uses radio frequencies to transmit data. This means anyone with a wireless receiver can capture data from an improperly secured network.This lesson covers the following topics:> Weak configurations
> Cryptographic protocols
Proper configuration of a wireless access point (WAP) is the first step in securing the network. The following table explains some important actions to take regarding WAP settings.
Change default login credentials
WAPs typically come configured with a default administrator username and password. Because the administrator username and password is used to configure WAP settings, it's important to reset the defaults. This prevents outsiders from guessing the default u
Change default service set identification (SSID) and broadcast
The SSID can be a maximum of 32 bytes in length. Since many manufacturers use a default SSID, it's important to change the SSID from the default. The SSID should be unique, but should not contain
identifiable information (address, last name, etc.).
The SS
Enable MAC address filtering
Every network device has a unique media access control (MAC) address. By specifying the MAC addresses that are allowed to connect to the network, unauthorized MAC addresses can be prevented from connecting to the WAP. Configuring a MAC address filtering s
Manufacturers release updates to the firmware on a regular basis to address known issues. It is important to regularly check for
updates and apply them to prevent the system from being exposed to known bugs and security vulnerabilities.
*While it is extre
Most wireless APs come with a built-in firewall that connects the wireless network to a wired network. This should be enabled to help prevent unauthorized access to the network.
Data emanation is a significant security problem. By default, the radio signals used by a wireless network are broadcasting omni-directionally and can travel quite a distance from the WAP. An attacker sitting outside the building may be able to connect to
Enabling the proper cryptographic protocol is perhaps the most important way to secure a wireless network. For most users, Wi-Fi Protected Access (WPA) versions 2 or 3 will be the best option. The following table explains these two protocols:
Wi-Fi Protected Access 2 (WPA2)
WPA2 is the implementation name for wireless security that adheres to the 802.11i specifications. It was first introduced in 2004
and is still heavily used in today's networks. There are two version of WPA2 available:
> WPA2-Personal is also known as WPA2
Wi-Fi Protected Access 3 (WPA3)
To support the vulnerabilities inherent in the WPA2 handshake and to support newer technologies, WPA3 was implemented. First introduced in 2018, WPA3 implements the Simultaneous Authentication of Equals (SAE) standard instead of using the pre-shared key.
8.3.4 Wireless Authentication and Access Methods Facts
Wireless networks encrypt communications using a security protocol, typically WPA2 or WPA3. However, to securely authenticate users and distribute authentication keys, other methods need to be used.This lesson covers the following topics:
> Access method
Choose an access method for a wireless network based on the use of the network. The following table describes access methods:
A pre-shared key is a passphrase that is used to access the wireless network. This is probably the most commonly used access method.
Wi-Fi Protected Setup (WPS)
Wi-Fi Protected Setup works only on a network that uses a PSK and WPA2. WPS allows a device to securely connect to a wireless network without typing in the PSK. To do this, you:
> Push a button on the access point that causes the access point to search fo
An open network has no authentication at all and allows anyone to connect to the network. This access method should be used only in public places that want to offer free wireless access.
Many open networks implement a captive portal. Captive portals force a user to view and interact with them before accessing a network. A hotel network is a good example captive portal use. When using a captive portal:
> The user connects to the wireless n
Enterprise level networks need a higher level of security. Many enterprise networks use the 802.1x protocol to authenticate users to the wireless network. 802.1x is a standard for local area networks created by The Institute of Electrical and Electronics
When using 802.1x authentication for wireless networks with RADIUS, be aware that:
> A RADIUS server is required to centralize user account and authentication information. > A centralized database for user authentication is required to allow wireless clients to roam between cells and authenticate using the same account information.
> PK
Extensible Authentication Protocol (EAP)
EAP is a set of interface standards that allows various authentication methods to be used:> EAP supports multiple authentication methods (smart cards, biometrics, and digital certificates).
> Using EAP, the client and server negotiate the characteristics
Protected Extensible Authentication Protocol (PEAP)
PEAP provides authentication in an SSL/TLS tunnel with a single certificate on the server. PEAP:> Creates a secure communication channel for transmitting certificate or login credentials.
> Enables mutual authentication by requiring the server to prove i
EAP Flexible Authentication via Secure Tunneling (EAP-FAST)
EAP-FAST uses a Protected Access Credential (PAC) to authenticate users. EAP-FAST:> Establishes a TLS tunnel in which client authentication credentials are transmitted.
> Is susceptible to attackers who intercept the Protected Access Credential (PAC) and
EAP Transport Layer Security (EAP-TLS)
EAP-TLS uses Transport Layer Security (TLS) and is considered to be one of the most secure EAP standards available. EAP-TLS:> Is widely supported by almost all manufacturers of wireless LAN hardware and software.
> Requires signed client-side and server-
EAP Tunneled Transport Layer Security (EAP-TTLS)
EAP-TTLS also uses a CA signed certificate. EAP-TTLS:> Is an updated version of EAP-TLS.
> Requires only one CA signed certificate on the server, simplifying the implementation process.
8.3.6 Harden a Wireless Network Lab
You are a network technician for a small corporate network. You need to increase the security of your wireless network. Your new wireless controller provides several security features that you want to implement.
*Access the Wireless Controller console thr
You are a network technician for a small corporate network. You would like to enable Wireless Intrusion Prevention on the wireless controller. You are already
logged in as WxAdmin.
*Access the Wireless Controller console through Chrome on //192.168.0
8.3.9 Configuring a Captive Portal Lab
You have been hired by a small hotel to configure how their guests access the internet. You have chosen to use pfSense's captive portal feature. Guests must pass through this portal to access the internet.In this lab, your task is to:
> Access the pfSens
You want to connect a laptop computer running Windows to a wireless network.The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled.
What s
Configure the connection with a pre-shared key and AES encryption.
To connect to a wireless network using WPA2-Personal, you need to use a pre-shared key for authentication. Advanced Encryption Standard (AES) encryption is supported by WPA2 and is the str
You need to add security for your wireless
network, and you would like to use the most secure method.
Which method should you implement?
WPA2Wi-Fi Protected Access 2 (WPA2) is currently the most secure wireless security specification. WPA2 includes specifications for both encryption and authentication.
WPA was an earlier implementation of security specified by the 802.11i committee. WEP w
You have physically added a wireless access point to your network and installed a wireless networking card in two laptops that run Windows. Neither laptop can find the network. You have come to the conclusion that you must manually configure the access po
SSIDThe SSID (service set identifier) identifies the wireless network. All PCs and access points in a LAN share the same SSID.
WEP (Wired Equivalent Privacy) is used to add a layer of security to the transmission, while the channel identifies the frequen
The owner of a hotel has contracted with you to implement a wireless network to provide internet
access for guests.
The owner has asked that you implement security controls so that only paying guests are allowed to use the wireless network. She wants gues
Implement a captive portal
A captive portal would be the best choice in this scenario. A captive portal requires wireless network users to abide by certain conditions before they are allowed access to the wireless network. For example, the captive portal
Which EAP implementation is MOST secure?
EAP-TLS
EAP-TLS
uses Transport Layer Security (TLS) and is considered one of the most secure EAP standards available. A compromised password is not enough to break into EAP-TLS enabled systems because the attacker must also have the client's private key.
Which of the following do switches and wireless access points use to control access through a device?
MAC address filteringBoth switches and wireless access points are Layer 2 devices, meaning they use the MAC address to make forwarding decisions. Both devices typically include some form of security that restricts access based on the MAC address.
Routers
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
On a RADIUS server
802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients. Authentication requests received by the wireless access point are passed to a
RADIUS server, which valida
You are replacing a wired business network with an 802.11g wireless network. You currently use Active Directory on the company network as your directory service. The new wireless network has multiple wireless access points, and you want to use WPA2 on the
Install a RADIUS server and use 802.1x authenticationConfigure devices to run in infrastructure mode
When using wireless access points, configure an infrastructure network. Because you have multiple access points and an existing directory service, you ca
You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from using the access point (AP) configuration utility?
Change the administrative password on the AP.
You should change the administrative password used by the AP. Many AP manufacturers use a default administrative username and password that are well known. If you don't change these parameters, anyone
connecti
You need to configure a wireless network using WPA2-Enterprise. Which of the following components should be part of your design? (Select two.)
802.1xAES encryptionTo configure WPA2-Enterprise, you need a RADIUS server to support 802.1x authentication. WPA2 uses AES for encryption.
WPA2-PSK, also called WPA2-Personal, uses pre-shared keys for authentication. WPA uses TKIP for encryption.