Question 1

A WLAN can contain many entry points,making security more difficult than with a wired LAN.

Accepted Answer

A WLAN (Wireless Local Area Network) allows for multiple entry points, such as wireless access points or routers, for devices to connect to the network. This makes it more difficult to secure the network as each entry point needs to be protected from potential security breaches. In contrast, a wired LAN (Local Area Network) typically has a limited number of entry points and can therefore be more easily secured.

Question 2

Searching for unprotected wireless networks is called what?&#10;A) WLAN trolling&#10;B) war driving&#10;C) battle testing&#10;D) wireless fishing

Accepted Answer

War driving refers to actively searching for unprotected or vulnerable wireless networks while driving around in a vehicle or on foot. It is often done with the intention of exploiting these networks for malicious purposes or using them for unauthorized internet access.

Question 3

____ ensures that the information is correct and that no unauthorized person or malicious software has altered it.&#10;A) Integrity&#10;B) Availability&#10;C) Confidentiality&#10;D) Access control

Accepted Answer

Integrity ensures that the information remains intact and is not altered in any unauthorized way. This is important for maintaining the accuracy and reliability of the information. Availability and confidentiality relate to other aspects of information security, while access control is more focused on controlling who has access to the information.

Question 4

Which of the following is NOT an information security layer?&#10;A) products&#10;B) people&#10;C) prevention&#10;D) procedures

Accepted Answer

Prevention is a goal or strategy within information security, not a layer. The layers typically include people, processes (or procedures), and technology (or products).

Question 5

The process whereby an attacker can trick a corporate mobile device to connect to an impostor AP is referred to as which of the following?&#10;A) inserting network traffic&#10;B) denial of service&#10;C) hijacking the wireless connection&#10;D) reading data

Accepted Answer

Hijacking the wireless connection refers to the process of tricking a mobile device into connecting to an impostor access point (AP), which can then be used to steal sensitive information or launch further attacks. This is commonly achieved through techniques such as spoofing or creating a fake AP with a similar name to a legitimate one. Inserting network traffic and reading data are also techniques used in various types of attacks, but they do not specifically refer to the process of hijacking a wireless connection. Denial of service (DoS) attacks are unrelated to wireless connection hijacking, as they aim to disrupt or disable a network or service rather than manipulate the connection between devices.

Question 6

A ____ attack on WEP involves identifying two packets derived from the same IV.&#10;A) capture&#10;B) keystream&#10;C) weak key&#10;D) pseudo-random number

Accepted Answer

This type of attack is known as a keystream attack. It involves analyzing two packets encrypted with the same IV (initialization vector) and using the XOR of the two plaintexts to generate the keystream. This keystream can then be used to decrypt other packets encrypted with that IV.

Question 7

With WEP,it is impossible for an attacker to identify two packets derived from the same initialization vector.

Accepted Answer

This statement is false. In fact, with WEP, an attacker can identify two packets derived from the same initialization vector as the IV is transmitted in plain text along with the encrypted packets. This weakness in WEP encryption contributed to its eventual replacement with more secure forms of wireless encryption such as WPA and WPA2.

Question 8

What disadvantage of wireless networks provides the biggest stumbling block to the adoption of wireless technology?&#10;A) availability&#10;B) cost&#10;C) security&#10;D) complexity

Accepted Answer

Security is often cited as the biggest disadvantage of wireless networks, as data transmitted over the air can be intercepted by unauthorized users. This creates a major barrier to the adoption of wireless technology, especially in industries where data privacy is an utmost concern. Availability, cost, and complexity can all be addressed to some extent with technological advancements and industry standards, but the security concerns associated with wireless networks remain a significant challenge.

Question 9

WEP guards one of the CIA characteristics,namely what?&#10;A) integrity&#10;B) availability&#10;C) confidentiality&#10;D) access control

Accepted Answer

WEP (Wired Equivalent Privacy) is a security protocol designed to provide confidentiality to wireless networks by encrypting data transmitted over the network. Confidentiality is one of the three main CIA characteristics (Confidentiality, Integrity, and Availability) of information security, and WEP is designed to protect the confidentiality of wireless network traffic.

Question 10

Cleartext that has been encrypted is referred to as which of the following?&#10;A) plaintext&#10;B) cryptography&#10;C) ciphertext&#10;D) keytext

Accepted Answer

Encrypted text is called ciphertext. Plaintext refers to unencrypted text, cryptography refers to the science of encrypting and decrypting information, and keytext is not a common term in the context of encryption.

Question 11

Wireless security was implemented well in the original 802.11 standard.

Accepted Answer

The answer of Wireless security was implemented well in the...

Question 12

A user needs to enter the service set identifier manually when which weak security measure is employed?&#10;A) WEP encryption&#10;B) Open System Authentication&#10;C) SSID hiding&#10;D) shared key authentication

Accepted Answer

The answer of A user needs to enter the service...

Question 13

Open system authentication and shared key authentication are the two types of wireless authentication available under the 802.11 standard.

Accepted Answer

The answer of Open system authentication and shared key authentication...

Question 14

Attacks that use many computers to attack a single network are called centralized attacks.

Accepted Answer

The answer of Attacks that use many computers to attack...

Question 15

Which type of access control is implemented by recording the physical address of a wireless client into software running on the AP?&#10;A) NIC blocking&#10;B) MAC address filtering&#10;C) Network blocking&#10;D) IP address filtering

Accepted Answer

The answer of Which type of access control is implemented...

Question 16

A key that creates a detectable pattern is referred to as which of the following?&#10;A) repeating key&#10;B) plain key&#10;C) weak key&#10;D) crypto key

Accepted Answer

The answer of A key that creates a detectable pattern...

Question 17

Which is true about WEP?&#10;A) uses a shared secret key&#10;B) uses a public/private key pair&#10;C) two keys are maintained&#10;D) must be at least 32 bits in length

Accepted Answer

The answer of Which is true about WEP?&#10;A) uses a...

Question 18

A rogue AP can be described as which of the following?&#10;A) an AP whose security settings have not been set&#10;B) an AP designed to mimic an authorized AP&#10;C) an AP that has malfunctioned and allows unauthorized users to access it&#10;D) an unauthorized AP brought into the enterprise network

Accepted Answer

The answer of A rogue AP can be described as...

Question 19

On wireless networks,____ attacks are commonly done by attackers setting up an evil twin.&#10;A) spoof&#10;B) weak key&#10;C) DoS&#10;D) man-in-the-middle

Accepted Answer

The answer of On wireless networks,____ attacks are commonly done...

Question 20

An attacker spoofs frames to prevent a client from remaining connected to the WLAN.What type of an attack is this?&#10;A) RF jamming&#10;B) man-in-the-middle&#10;C) hijacking&#10;D) denial of service

Accepted Answer

The answer of An attacker spoofs frames to prevent a...

Question 21

Which of the following are weaknesses of MAC address filtering? (Choose all that apply.)&#10;A) only Windows uses MAC addresses,excluding other OSs from this method&#10;B) MAC addresses can be spoofed&#10;C) the MAC address can be captured by forcing a reassociation&#10;D) MAC address management can be difficult

Accepted Answer

The answer of Which of the following are weaknesses of...

Question 22

Briefly define cryptography.

Accepted Answer

The answer of Briefly define cryptography....

Question 23

Describe one weakness of MAC address filtering.

Accepted Answer

The answer of Describe one weakness of MAC address filtering....

Question 24

What is a distributed attack?

Accepted Answer

The answer of What is a distributed attack?...

Question 25

Describe how an attacker can hijack a wireless connection.

Accepted Answer

The answer of Describe how an attacker can hijack a...

Question 26

Describe the five steps in the process of WEP encryption.

Accepted Answer

The answer of Describe the five steps in the process...

Question 27

List and describe the three characteristics of information that must be protected by information security?

Accepted Answer

The answer of List and describe the three characteristics of...

Question 28

The three protections that must be extended over information can be described by the acronym ________.

Accepted Answer

The answer of The three protections that must be extended...

Question 29

Describe three limitations of SSID hiding.

Accepted Answer

The answer of Describe three limitations of SSID hiding....

Question 30

How have WLANs changed 'hard edges' into 'blurred edges'?

Accepted Answer

The answer of How have WLANs changed 'hard edges' into...

Question 31

Which of the following are difficulties faced in defending attacks? (Choose all that apply.)&#10;A) universally connected devices&#10;B) operating system vendor's lack of concern about security&#10;C) increased speed of attacks&#10;D) attacks that are more complex

Accepted Answer

The answer of Which of the following are difficulties faced...

Question 32

____________________ ensures that no unauthorized person or software has altered the information.

Accepted Answer

The answer of ____________________ ensures that no unauthorized person or...

Question 33

Plaintext data is input into an encryption _________,which consists of procedures based on a mathematical formula used to encrypt the data.

Accepted Answer

The answer of Plaintext data is input into an encryption...

Question 34

Which of the following are among the 802.11 cryptography objectives? (Choose all that apply.)&#10;A) efficient&#10;B) self-synchronizing&#10;C) mandatory&#10;D) exclusive

Accepted Answer

The answer of Which of the following are among the...

Question 35

WEP protects _______________ by scrambling the wireless data as it is transmitted.

Accepted Answer

The answer of WEP protects _______________ by scrambling the wireless...

Question 36

Describe open system authentication.

Accepted Answer

The answer of Describe open system authentication....

Question 37

Wireless access control is intended to limit a user's admission to the _______.

Accepted Answer

The answer of Wireless access control is intended to limit...

Question 38

What three categories can the protections implemented in the original 802.11 standard be divided into? (Choose three.)&#10;A) access control&#10;B) MAC address filtering&#10;C) wired equivalent privacy&#10;D) authentication

Accepted Answer

The answer of What three categories can the protections implemented...

Question 39

Describe war driving.

Accepted Answer

The answer of Describe war driving....

Question 40

Match between columns&#10;                        Premises: an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;an imposter AP that is set up by an attacker&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;granting or denying approval to use specific resources&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;a DoS attack that floods the RF spectrum with extraneous RF signal &#34;noise&#34; that prevents communications from occurring&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;an attack that makes it appear that the wireless device and the network computers are communicating with each other&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;cryptographic keys that create a repeating pattern&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;the output from a pseudo-random number generator (PRNG)&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;an attack that attempts to prevent a device from performing its normal functions&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;data input into an encryption algorithm&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;the process of changing ciphertext into plaintext&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted&#10;data that has been encrypted

Accepted Answer

The Answer of plaintext and man-in-the-middle and denial of service is...

Deck 9: Wireless LAN Security Vulnerabilities