WSEC Module 4 quiz/exam questions and answers
1. Each of the following is a category of security protection that can be implemented using WLANs except
a. access control
b. wired equivalent privacy (WEP
c. access restrictions
2. Each of the following is another name for a MAC address except
a. vendor address
b. Ethernet address
c. physical address
d. Layer 7 address
3. MAC address filtering can be implemented by either permitting or ____ a device.
4. Cryptography depends upon a process used to encrypt and decrypt messages based on a procedure called a(n)
5. Keys that create a repeating pattern are known as
a. structure algorithms
b. cipher abnormalities (CA)
c. inferior algorithms
d. weak keys
6. A WEP shared secret key is used to encrypt cleartext but not decrypt ciphertext. True or False?
7. The IEEE standard also specifies that the access points and devices can hold up to four shared secret keys, one of which must be designated as the default key. True or False?
8. Another name for the cyclic redundancy check (CRC) is the integrity check value (ICV). True or False?
9. The initialization vector (IV) is a 24-bit value that changes each time a packet is encrypted. True or False?
10. The initialization vector (IV) is part of the shared secret key that must be installed individually on each wireless device. True or False?
11. Wireless authentication requires the _____and not the user to be authenticated prior to being connected to the network. wireless device
12. An optional authentication method known as ______________ uses the WEP default key. shared key authentication
13. With _____ scanning a wireless device simply listens for a beacon frame for a set period of time and once a wireless device receives a beacon frame and the SSID it can then attempt to join the network. passive
14. _____ is the process of transferring a user from being associated from one access point to another. Handoff
15. An attacker using a(n) ___ attempts to create every possible key combination by using a program to systematically change one character at a time in a possible default key. brute force attack
16. Explain how an attacker can still capture the SSID over the airwaves even if it is turned off in beaconing frames.
The SSID can be easily discovered even when it is not contained in beacon frames. Although the SSID can be suppressed from beacon frames, it still is transmitted in other management frames sent by the AP. Attackers who use wireless tools freely available on the Internet can easily see the SSID being transmitted. The SSID is also initially transmitted in cleartext form when the device is negotiating with the access point. An attacker can easily view the SSID when this process is occurring. If an attacker cannot capture an initial negotiation process, it can force one to occur. An attacker can pretend to be an access point and send a disassociation frame to a wireless device. This will cause the device to disassociate from the access point. The device will then immediately attempt to reconnect to the AP, at which time the attacker can capture packets and see the SSID in plaintext.
17. What is a brute force attack?
A brute force attack is when an attacker attempts to create every possible key combination by using a program to systematically change one character at a time in a possible default key, and then using each newly generated key to decrypt a message. For example, if a key contains five numbers, such as 49833, the brute force attack would start with the combination 00000 and attempt to use that as the password. If it fails, the next attack is 00001, then 00002, and so on until all possible combinations are exhausted. Although it may at first appear that a brute force attack could take a long time, it actually may not. In the 00000 example, if a key consists of five numbers, then there are 10*10*10*10*10 or 100,000 possible combinations. A standard personal computer can easily create over 1,000,000 possible password combinations per second.
18. Explain how WEP violates the cardinal rule of cryptography.
WEP implementation violates the cardinal rule of cryptography that anything that creates a detectable pattern must be avoided at all costs. WEP creates a detectable pattern for attackers. IV’s are 24-bit numbers, meaning there are 16,777,216 possible values. An AP transmitting at only 11 Mbps can send and receive 700 packets each second. If a different IV were used for each packet, then the IVs would start repeating in fewer than seven hours (a “busy” AP can produce duplicates in fewer than five hours). An attacker who captures
19. The stronger security standard developed by the IEEE committee to address wireless vulnerabilities of the 802.11 standard is
20. The two primary security vulnerabilities of the original 802.11 wireless security mechanism are
a. speed and data modeling
b. encryption and authentication
c. access codes and passwords
d. tokens and resources
21. One step to enhancing encryption was to replace the RC4 stream cipher with a stronger
a. block cipher
d. Dynamic TKIP
22. _____ is the IEEE foundation of future wireless security.
a. Robust Secure Network (RSN)
b. Wireless Access Protection 2 (WPA2)
c. Encryption Model II
23. Advanced Encryption Standard (AES) is a stream cipher. True or False?
24. The IEEE 802.11 standard enforces port security. True or False?
25. Key-caching stores information from a device on the network and is used when roaming. True or False?
26. Wi-Fi Protected Access (WPA) is a subset of IEEE 802.11i. True or False?
27. WPA2 allows both AES and TKIP clients to operate in the same WLAN, yet _____ only recognizes AES. IEEE 802.11i
28. Shared key authentication uses _____ keys for authentication. WEP
29. What is the advantage of turning off SSID filtering if it can easily be bypassed?
Despite the fact that configuring an access point to not allow the beacon frame to include the SSID provides little protection. This may prevent a “casual” unauthorized user or novice attacker using Windows XP from capturing the SSID and entering the network. On those APs that do allow this configuration, SSID beaconing should be turned off and the SSID entered manually on each device.
30. What three DHCP settings should be used in the transitional security model?
First, DHCP distributes addresses to network devices beginning at a starting address and incrementing by a value of one for each device. Changing the starting IP address is set to a higher number makes it more difficult for the attacker to determine the IP address through trying each address. Second, the maximum number of DHCP users can also be restricted. The maximum number of DHCP users should be limited to the number of authorized devices on the network. If an attacker is able to breach the wireless security protections and gain access to the network, he would not be leased an IP address since the maximum has already been distributed. The final defense based on DHCP is to set the length of the lease time. Setting the lease time so that an attacker who gains access to the network does not have indefinite use of the WLAN may deter an attacker from trying to reconnect once the lease expires
31. How does a RADIUS server support IEEE 802.1x?
The authentication server in an 802.1x configuration stores the list of the names and credentials of authorized users in order to verify their user authenticity. Typically a Remote Authentication Dial-In User Service (RADIUS) server is used. When a user wants to connect to the wireless network, the request is first sent to authenticator, which relays the information, such as the username and password, type of connection, and other information, to the RADIUS server. The server first determines if the AP itself is permitted to send requests. If so, the RADIUS server attempts to find the user’s name in its database. It then applies the password to decide whether access should be granted to this user. Depending upon the authentication method being used, the server may return a challenge message that carries a random number. The authenticator relays the challenge to the user’s computer, which must respond with the correct value to prove its asserted identity. Once the RADIUS server is satisfied that the user is authentic and authorized to use the requested service, it returns an “Accept” message to the AP.
32.. What is the Robust Secure Network (RSN)?
The vulnerabilities of a security system may not be revealed until after it has been exposed to the public over a period of time. The time needed to react to new vulnerabilities, propose solutions, and finally ratify those proposals can often take years of effort. To address this the IEEE 802.11i standard also includes a component known as the Robust Secure Network (RSN). RSN uses dynamic negotiation of authentication and encryption algorithms between access points and wireless devices. This dynamic negotiation of authentication and encryption algorithms lets RSN evolve as vulnerabilities are exposed or improved security is introduced. This allows WLANs to address new threats and continuing to provide the security necessary to protect information.
33. A wireless LAN requires that the _____ must be authenticated first.
c. authentication server
34. Each of the following make up the AAA elements in network security except
a. determining user need (analyzing)
b. controlling access to network resources (authentication)
c. enforcing security policies (authorization)
d. auditing usage (accounting)
35. Each of the following are categories of credentials that are used to verify authentication except
a. something the user knows
b. something the user purchases
c. something the user is
d. something the user has
36. Each of the following human characteristics can be used for biometric identification except
37. Asymmetric encryption uses _____ keys.
38. Digital signatures are electronic files that are used to uniquely identify users and resources over networks. True or False?
39. The most common type of server used with IEEE 802.1x is a RADIUS server. True or False?
40. A directory service is a database stored on the network itself and contains all the information about users and network devices. True or False?
41. The _____ is an “envelope” that can carry many different kinds of exchange data used for authentication, such as a challenge/response, one-time passwords, and digital certificates. Extensible Authentication Protocol (EAP).
42. _____ is considered an acceptable protocol for use in a wired network but not for a WLAN because outsiders can easily determine the identities of wireless devices by sniffing packets and password hashes. Extended Authentication Protocol–MD 5 (EAP-MD5)
43. How does authorization differ from authentication?
Authorization is the process that determines whether the user has the authority to carry out such tasks. Authorization is often defined as the process of enforcing policies; that is, it determines what types or qualities of activities, resources, or services a user is permitted. Authorization controls access per user after users authenticate. Before users can be given access a computer and its data, they must in some way prove that they are who they claim to be. That is, users must give proof that they are “genuine” or authentic. This process of providing proof is known as authentication.