SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
CWNA 802.11 Network Security
Start Test
Study First
Subjects
:
cisco
,
it-skills
,
cwna
Instructions:
Answer 26 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When an 802.1X/EAP solution is deployed - a device that blocks or allows traffic to pass through its port secuirty is known as the authenticator. Authentication traffic is normally allowed to pass through the authenticator while all other traffic is
Authorization - Authentication and Accounting (AAA)
MAC Service Data Unit (MSDU)
Wi-Fi Protected Access 2 (WPA2)
Authenticator
2. Algorithm is a streaming cipher used in technologies that are often used to protect Internet traffic - such as Secure Sockets Layer (SSL). The RC4 algorithm is used to protect 802.11 wireless data and is incorporated into two encryption methods known
MAC Service Data Unit (MSDU)
robust security network associations (RSNAs)
RC4
Microsoft Point-to-Point encryption (MPPE)
3. The MSDU contains data from the LLC and layers 3-7. A simple definition of MSDU is the data payload that contains the IP packet plus some LLC data.
Authenticator
MAC Service Data Unit (MSDU)
Counter Mode with Cipher Block Chaining Message Authentication Code (CCMP)
Wi-Fi Protected Access 2 (WPA2)
4. The AES algorithm - orginally named Rijandael Aligorithm - is a block cipher that offers much stronger protection than the RC4 Streaming cipher. AES is used to encrypt 802.11 wireless data by using an encryption method known as Counter mode with Ciph
Microsoft Point-to-Point encryption (MPPE)
Advanced Encryption Standard (AES)
port-based access control
Authorization - Authentication and Accounting (AAA)
5. An 802.11 wireless network that allows for the creation of pre-robust security network associations (pre-RSNAs) as well as RSNAs is known as a transition security network. A TSN supports 802.11i-defined security as well as legacy security such as WEP
transition security network (TSN)
Extensible Authentication Protocol (EAP)
4 - Way Handshake
Temporal Key Integrity Protocol (TKIP)
6. Is a secuirty concept. Authorization involves granting access to network resources and services. Before authorization to network resources can be granted - proper authentication must occur. Authentication is the verification of user identity and cred
4 - Way Handshake
Authorization - Authentication and Accounting (AAA)
robust security network associations (RSNAs)
Point-to-Point Tunneling Protocol (PPTP)
7. TKIP uses a data integrity check known as Message Integrity Check (MIC) to mitigate known bit-flipping attacks against WEP. The MIC is sometimes referred to by the nickname Micheal.
transition security network (TSN)
Authentication Server (AS)
preshared keys (PSKs)
Message Integrity Check (MIC)
8. PPTP is a layer 3 VPN technology. It uses 128-bit Microsoft point-to-point encryption (MPPE) - which uses the RC4 algorithm. MPPE encryption is considered adequate but not strong. PPTP also uses MS-CHAP version 2 for user authentication - which is su
Authenticator
role-base access control (RBAC)
Point-to-Point Tunneling Protocol (PPTP)
Counter Mode with Cipher Block Chaining Message Authentication Code (CCMP)
9. Is based on security mechanisms that were orginally defined in the IEEE 802.11i amendment defining a robust security network (RSN). 2 versions of WPA2 exist. WPA2-personal defines security for a small office - home office SOHO ennvironment - and WPA2
Wi-Fi Protected Access 2 (WPA2)
Counter Mode with Cipher Block Chaining Message Authentication Code (CCMP)
Extensible Authentication Protocol (EAP)
4 - Way Handshake
10. A method of distributing encryption passphrases or keys by manually typing the matching passphrases or keys on both the access point and all client stations that will need to be able to associate to the wireless network. This information is shared ah
RC4
preshared keys (PSKs)
Authenticator
4 - Way Handshake
11. The IV is utilized by the RC4 steaming chipher that WEP encryption uses. The IV is a block of 24 bits that is combined with a static key. It is sent in cleartext and is different on every frame. The effective key strength of combining the IV with the
Message Integrity Check (MIC)
Authentication Server (AS)
Initialization Vector (IV)
Internet Protocol Secuirty (IPsec)
12. The 802.1X standard defines port-based access control. 802.1X provides an authorization framework that allows or disallows traffic to pass through a port and thereby access network resources. 802.1X defines two virtual ports: an uncontrolled port and
per session per user
Message Integrity Check (MIC)
port-based access control
preshared keys (PSKs)
13. Under the 802.11i amendment - two stations (STAs) must establish a procedure to authenticate and associate with each other as well as create dynamic encryption keys through a process known as the 4-Way Handshake.
Wi-Fi Protected Access 2 (WPA2)
Internet Protocol Secuirty (IPsec)
4 - Way Handshake
Authorization - Authentication and Accounting (AAA)
14. A robust security network (RSN) is a network that only allows for the creation of robust secuirty network associations (RSNAs). An RSN utilizes CCMPAES encryption as well as 802.1X/EAP authentication
Temporal Key Integrity Protocol (TKIP)
robust security network (RSN)
MAC Service Data Unit (MSDU)
4 - Way Handshake
15. MPPE is a 128-bit encryption method that uses the RC4 algorithm. MPPE is used with P2P tunneling protocol (PPTP) VPN technology.
preshared keys (PSKs)
Wi-Fi Protected Access (WPA)
Microsoft Point-to-Point encryption (MPPE)
Extensible Authentication Protocol (EAP)
16. When 802.1X/EAP solution is deployed - an authentication server validates the credentials of the supplicant that is requesting access and notifies the authenticator that the supplicant has been authorized. The authentication server will maintain a us
Message Integrity Check (MIC)
Counter Mode with Cipher Block Chaining Message Authentication Code (CCMP)
transition security network (TSN)
Authentication Server (AS)
17. Extensible Authentication Protocol (EAP) is used to provide user authentication for an 802.1X port-based access control solution. EAP is a flexable layer 2 authentication protocol that resides under P2P protocol (PPP)
Advanced Encryption Standard (AES)
Wired Equivalent Privacy (WEP)
Extensible Authentication Protocol (EAP)
Authenticator
18. RBAC is an approach to restricting system access to authorized users. The three main components of RBAC approach are users - roles and permissions. Separate roles can be created such as the sales role or marketing role. Individuals or groups of users
Wired Equivalent Privacy (WEP)
port-based access control
Internet Protocol Secuirty (IPsec)
role-base access control (RBAC)
19. Prior to the ratification of the 802.11i amendment - the Wi-Fi alliance introduced WPA certification as a snapshot of the not yet released 802.11i amendment - supporting only the TKIP/RC4 dynamic encryption key mangement. 802.1X/EAP authentication wa
Wi-Fi Protected Access (WPA)
port-based access control
Wi-Fi Protected Access 2 (WPA2)
per session per user
20. TKIP is an enhancement of WEP encryption that address many of the known weaknesses of WEP. TKIP starts with a 128-bit temporal key that is combined with a 48-bit Initialization Vector (IV) and source and destination MAC addresses in a complicated pro
Temporal Key Integrity Protocol (TKIP)
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA)
Message Integrity Check (MIC)
21. When an 802.1X/EAP solution is deployed - a host with software that is requesting authentication and access to network resources is known as the supplicant
Advanced Encryption Standard (AES)
Supplicant
Authorization - Authentication and Accounting (AAA)
Microsoft Point-to-Point encryption (MPPE)
22. Is a Layer 3 VPN technology. IPsec can use RC4 - DES - 3DES and AES ciphers for encryption. It provides for encryption - encapsulation - data integrity - and device authnetication.
Extensible Authentication Protocol (EAP)
RC4
Internet Protocol Secuirty (IPsec)
4 - Way Handshake
23. After an EAP frame exchange where mutal authentication is required - both the AS and the supplicant known infomration about each other because of the exchanging of credentials. This newfound information is used as seeding material or keying material
Point-to-Point Tunneling Protocol (PPTP)
Authenticator
per session per user
Extensible Authentication Protocol (EAP)
24. As defined by the 802.11i security amendment - two stations (STAs) must establish a procedure to authenticate an associate with each other as well as create dynamic encryption keys through a process known as 4-Way Handshake. This association between
Authenticator
Wired Equivalent Privacy (WEP)
Message Integrity Check (MIC)
robust security network associations (RSNAs)
25. The default encryption method defined under 802.11i amendment. This method uses the AES Cipher. CCMP/AES uses a 128-bit encryption key size and encrypts in 128-bit fixed-length blocks. An 8-byte Message Integrity Check is used that is considered much
Counter Mode with Cipher Block Chaining Message Authentication Code (CCMP)
Temporal Key Integrity Protocol (TKIP)
Internet Protocol Secuirty (IPsec)
per session per user
26. WEP is a layer 2 encryption method that uses the RC4 streaming cipher. The orginal 802.11 standard defined 64-bit and 128-bit WEP. WEP encryption has been cracked and is not considered a strong encryption method.
role-base access control (RBAC)
Wired Equivalent Privacy (WEP)
MAC Service Data Unit (MSDU)
Authentication Server (AS)