11 - Wireless LANs

Question 1

What is the IEEE number for Ethernet?

Answer 1

802.3

Question 2

What is the IEEE number for Wireless?

Answer 2

802.11

Question 3

Why are 802.11 WLANs always half duplex?

Answer 3

Because transmissions use the same frequency only one station can transmit at any time, otherwise collisions occur

Question 4

What is a BSS?

Answer 4

Basic Service Set. A wireless service area involving a group of devices formed around a fixed device

Question 5

What mode does an AP operate in?

Answer 5

Infrastructure mode

Question 6

What is a BSA?

Answer 6

Basic Service Area. The bounding area of the BSS where the APs signal is usable

Question 7

What does an AP use to advertise the existence of the BSS?

Answer 7

BSSID

Question 8

What is a BSSID?

Answer 8

Unique BSS Identifier, based on the APs own radio MAC address

Question 9

What is an SSID?

Answer 9

Service Set Identifier. A human readable name tag that identifies a wireless service

Question 10

What is an association and how is it formed?

Answer 10

A membership with the BSS. A potential client must send an association request to the AP which it can grant or deny

Question 11

What does the 802.11 standard refer to as the upstream wired Ethernet as?

Answer 11

The DS (Distribution System)

Question 12

What is an AP effectively doing when it serves multiple SSIDs?

Answer 12

Trunking VLANs over the air to wireless clients

Question 13

What is an ESS and what is it used for?

Answer 13

Extended Service Set.

For interconnecting APs placed at different geographic locations with a switched infrastructure

Question 14

What is roaming with respect to APs?

Answer 14

Moving from one AP to another automatically

Question 15

What must a client do as it roams from one AP to another?

Answer 15

Scan available channels to find the new AP (and BSS) to roam toward

Question 16

True/False: In ESS each AP offer its own BSS on its own channel, even with the same SSID

Answer 16

True

Question 17

What is an IBSS?

Answer 17

Independent BSS.

Allows two or more wireless clients to communicate directly with each other with no other means of network connectivity

Question 18

What is another name for an IBSS?

Answer 18

Ad hoc WLAN

Question 19

How could you extend the range of a wireless network?

Answer 19

Add an AP in repeater mode

Question 20

What is a WGB and what is it used for?

Answer 20

Workgroup Bridge.

It can be used to connect a device’s wired network adapter to a wireless network

Question 21

What are the two common types of WGBs?

Answer 21

1. uWGB (universal). A single wired device can be bridged to a wireless network
2. WGB. Cisco proprietary implementation allows multiple wired devices to be bridged

Question 22

What is an Outdoor Bridge?

Answer 22

APs can be configured to act as bridges for LANs. Outdoor bridged links involve special purpose antennas to achieve this over long distances

Question 23

What is a Mesh network?

Answer 23

Interconnected wireless APs in Mesh mode instead of being interconnected with switched infrastructure (Ethernet)

Question 24

What is the frequency of a wave measured as?

Answer 24

The number of times a signal makes one complete up and down cycle in 1 second

Question 25

What is another way of describing Hz / Hertz?

Answer 25

Cycles per second

Question 26

What frequency range category are 5Ghz and 2.4Ghz wireless in?

Answer 26

Microwave

Question 27

What is an interesting property of 5ghz band channels?

Answer 27

They are non overlapping, so APs can use any channel number without affecting APs using any other channel numbers

Question 28

What channels must be used in 2.4Ghz to avoid overlap between adjacent channels?

Answer 28

1, 6, 11

Question 29

What is the primary function of an access point?

Answer 29

Bridge wireless data from air to a wired network

Question 30

What is an Autonomous AP?

Answer 30

Self contained AP, fully equipped with both wired and wireless hardware

Question 31

How are Autonomous APs natural extensions of a switched network?

Answer 31

They connect wireless SSIDs to wired VLANs at the access layer

Question 32

True/False: Two clients connected to an AP cannot talk to each other without going through the full network connected to the AP?

Answer 32

False. They can communicate directly through the AP

Question 33

True/False: SSIDs and their VLANs must be extended at Layer 2

Answer 33

True

Question 34

What is Cisco Prime Infrastructure?

Answer 34

An AP management platform

Question 35

What is Cisco Meraki?

Answer 35

Cloud based AP management platform

Question 36

What is a WLC and why are they good?

Answer 36

Wireless LAN Controller. They separate out the management functions required of APs (RF management, auth, security) into a separate centralized controller to make autonomous APs easier to manage

Question 37

What is a lightweight AP?

Answer 37

An AP that only performs the real-time functions of 802.11 such as sending and receiving frames, MAC etc

Question 38

True/False: Generally a lightweight AP cannot usually operate on its own

Answer 38

True

Question 39

What is Split MAC architecture?

Answer 39

When management and normal operations of an AP are split out into WLC and lightweight APs

Question 40

What is CAPWAP?

Answer 40

Control and Provisioning of Wireless Access Points.

A tunneling protocol used to encapsulate data between the LAP and WLC within new IP packets

Question 41

What are the two separate tunnels that are part of the CAPWAP relationship?

Answer 41

CAPWAP Control messages

CAPWAP Data

Question 42

What are CAPWAP control messages used for?

Answer 42

Carrying authenticated/encrypted exchanges used to configure an AP and manage its operations.

Question 43

What are CAPWAP data messages used for?

Answer 43

Packets traveling to and from wireless clients that are associated with the AP. Not encrypted by default.

Question 44

What is DTLS?

Answer 44

Datagram Transport Layer Security. Used under CAPWAP when data encryption is enabled for an AP to protect packets

Question 45

What legacy Cisco proprietary solution is CAPWAP based on?

Answer 45

LWAPP. Lightweight Access Point Protocol

Question 46

What must every AP and WLC authenticate with each other using?

Answer 46

Digital Certificates e.g. X.509

Question 47

True/False: An AP and WLC cannot be separated logically or geographically, they must be in the same subnet / location

Answer 47

False. CAPAP tunneling allows them to be separated and breaks dependence on Layer 2 connectivity between them

Question 48

Why are trunk links not needed for an AP using CAPWAP?

Answer 48

Because all VLANs its supports are encapsulated and tunneled as Layer 3 IP packets rather than individual L2 VLANs

Question 49

What is Unified / Centralized WLC deployment?

Answer 49

When you place the WLC in a central location to maximize the number of APs joined to it

Question 50

How many APs does a WLC typically support?

Answer 50

6000

Question 51

What is a Cloud based WLC deployment and how many APs would it typically support?

Answer 51

Where the WLC exists as a virtual machine rather than physical device e.g inside a data center in a private cloud.

Around 3000

Question 52

What is an Embedded WLC deployment and where would you use it?

Answer 52

When the WLC is co-located with a stack of switches.

Used on small campuses or distributed branch locations where the number of APs is small. Can support around 200 APs

Question 53

What is Cisco Mobility Express WLC deployment and where would you use it?

Answer 53

WLC function co-located with an AP that is installed at the site. Supports around 100 APs.

Small scale environments where you might not need to invest in dedicated WLCs at all

Question 54

What is Local mode for a lightweight AP?

Answer 54

Default lightweight mode that offers one or more functioning BSSs on a specific channel.

When not transmitting AP will scan to measure noise, interference, rogue devices etc

Question 55

What is Monitor mode for a lightweight AP?

Answer 55

The AP does not transmit at all but receiver enabled to check for IDS events, rogue access points and positions of stations, etc

Question 56

What is FlexConnect mode for a lightweight AP?

Answer 56

An AP at a remote site can local switch traffic between an SSID and VLAN if its CAPWAP tunnel to the WLC is down

Question 57

What is Sniffer mode for a lightweight AP?

Answer 57

An AP that dedicates its radios to receiving 802.11 traffic from other sources and forwards it to a host running network analyzer software

Question 58

What is Rogue detector mode for a lightweight AP?

Answer 58

An AP dedicating itself to detecting rogue devices by correlating MAC addresses heard on the wired network with those over air. Rogue devices are those that appear on both networks

Question 59

What is Bridge mode for a lightweight AP?

Answer 59

AP becomes a dedicated bridge (PtP or PtMP) between two networks. Can be used to link two locations separated by distance. Multiple APs in bridge mode can form a mesh network

Question 60

What is Flex+Bridge mode for a lightweight AP?

Answer 60

FlexConnect operation enabled on a mesh AP

Question 61

What is SE-Connect mode for a lightweight AP?

Answer 61

AP dedicated to spectrum analysis on all wireless channels

Question 62

With respect to Security, what should a client do with management frames sent by an AP?

Answer 62

Authenticate them to ensure the AP is actually a legitimate expected AP

Question 63

What is an AP group key used for?

Answer 63

A key maintained by the AP that it uses when it needs to send encrypted data to all clients in its cell at one time, with each client using the same group key to decrypt the data

Question 64

What is a MIC?

Answer 64

Message Integrity Check that prevents against data tampering

Question 65

What cipher algorithm does WEP use?

Answer 65

RC4

Question 66

What type of security method is WEP?

Answer 66

Shared-key

Question 67

How does an AP test the clients knowledge of a WEP key?

Answer 67

Sends it a random challenge phrase that it must encrypt with the WEP key and return the result to the AP

Question 68

What is EAP?

Answer 68

Extensible Authentication Protocol.

Defines a set of common functions that actual methods can use to authenticate users

Question 69

What is the difference between Open/WEP authentication at the AP and EAP?

Answer 69

With 802.1x the client uses open authentication to associate with the AP, then the actual client authentication process occurs at a dedicated authentication server

Question 70

What is an 802.1x Supplicant?

Answer 70

The device requesting access

Question 71

What is an 802.1x Authenticator?

Answer 71

The network device that provides access to the network (usually WLC)

Question 72

What is an 802.1x Authentication Server?

Answer 72

The device that takes the user / client credentials and permits or denies network access based on a user db and policies (e.g. RADIUS server)

Question 73

What is LEAP?

Answer 73

Lightweight EAP.

Protocol that tried to overcome WEP weaknesses by using dynamic WEP keys that changed frequently but was still vulnerable

Question 74

What is EAP-FAST?

Answer 74

EAP Flexible Authentication by Secure Tunneling.

Authentication credentials protected by passing a PAC (Protected Access Credential) between the AS and the supplicant. Uses inner and outer authentication for both authenticating the supplicant and the end user through the resulting tunnel

Question 75

What is a PAC?

Answer 75

Protected Access Credential.

A form of shared secret generated by the AS and used for mutual authentication

Question 76

What is PEAP?

Answer 76

Protected EAP. Has inner and outer authentication like EAP-FAST, but the AS presents a digital certificate to authenticate itself with the supplicant in the outer authentication.

If the supplicant is happy, it will form a TLS tunnel to be used for subsequent inner client authentication and encryption key exchange

Question 77

What is EAP-TLS?

Answer 77

EAP-TLS goes a step further from relying on clients to authenticate digital certificates presented by the AS by requiring certificates on the AS and on every client device.

Highly secure but complex. Requires a PKI to implement effectively for certificate supply and revocation

Question 78

What is TKIP?

Answer 78

Temporal Key Integrity Protocol.

Contains TKIP sequence counter to prevent frame replay attack. Now deprecated. Used in WPA, WPA2

Question 79

What is CCMP?

Answer 79

Counter/CBC-MAC protocol consisting of two algorithms

• AES Counter mode encryption
• Cipher Block Chaining Message Authentication Code used as a MIC

Used in WPA, WPA2

Requires devices to have hardware support (WPA2)

Question 80

What is GCMP?

Answer 80

Galois/Counter Mode protocol consisting of two algorithms

• AES counter mode encryption
• Galois MAC used as a MIC

Used in WPA3

Question 81

What are PMFs?

Answer 81

Protected Management Frames used to secure important 802.11 management frames between APs and clients

Question 82

What is SAE?

Answer 82

Simultaneous Authentication of Equals

Question 83

What two client modes do all WPA versions support?

Answer 83

• PSK (Pre Shared Key) aka Personal mode

- 802.1x aka Enterprise mode

Question 84

How does PSK mode function?

Answer 84

They secret key string is never sent over the air. A four way handshake procedure takes place that uses the PSK to construct and exchange encryption key material, then subsequently authenticate the client and secure frames

Question 85

How does WPA3 avoid the eavesdropping attacks associated with WPA and WPA2 Personal (PSK) modes?

Answer 85

By strengthening key exchange between clients and APs using SAE in which the client and AP can initiate the authentication process equally and simultaneously.

WPA3 also uses forward secrecy to prevent attackers being able to un-encrypt data that has already been transmitted over the air

Question 86

What does an AP map each VLAN to?

Answer 86

A WLAN and BSS

Question 87

What must the wired Ethernet interface on a lightweight AP be paired with to be fully functional?

Answer 87

A WLC

Question 88

What are multiple VLANs extended from the WLC to the AP carried over?

Answer 88

CAPWAP tunnel

Question 89

What does a lightweight AP need in terms of a link to connect to network infrastructure and terminate its end of the tunnel?

Answer 89

An Access link

Question 90

How are ports and interfaces distinguished differently when talking about WLCs?

Answer 90

For WLCs a port refers to physical connections made to an external wired or switched network.

Interfaces refers to logical connections made internally within the controller

Question 91

What is a WLC Service port used for?

Answer 91

Out of band management, system recovery, and initial boot functions.

Always connects to switch port in Access mode

Question 92

What is a WLC Distribution System port used for?

Answer 92

Normal AP and management traffic.

Usually connects in 802.1Q Trunk mode

Question 93

What is a WLC Redundancy port used for?

Answer 93

To connect to a peer controller for HA (high availability)

Question 94

True/False: The WLC service port only supports a single VLAN

Answer 94

True

Question 95

Which WLC ports do the CAPWAP tunnels extending to each AP pass across?

Answer 95

Distribution System ports

Question 96

What is name for the wired system that connects APs together?

Answer 96

Distribution System (DS)

Question 97

What mode should Distribution System ports on a WLC always operate in and why?

Answer 97

802.1Q Trunking mode.

Because they must carry data that is associated with many different VLANs

Question 98

What is a LAG?

Answer 98

Link Aggregation Group.

A bundle of WLC distribution ports configured to operate as a single logical group / EtherChannel, with traffic being able to be load balanced across the ports.

Question 99

What is a WLC Management interface?

Answer 99

Used to terminate CAPWAP tunnels and for normal management traffic such as:

• RADIUS
• WLC to WLC communication
• Web / SSH sessions
• SNMP
• NTP

Question 100

What is a WLC Virtual interface?

Answer 100

Used for client facing operations.

It is the IP address facing wireless clients when the control is relaying DHCP requests, client web auth and supporting client mobility

Question 101

What is a WLC Service port interface?

Answer 101

Interface bound to a service port and used for out of band management

Question 102

What is a WLC Dynamic interface?

Answer 102

Connects VLAN to a WLAN

Question 103

What type of controller interface type is used to connect a VLAN to a WLAN?

Answer 103

Dynamic interface

Question 104

What class of address should you configure on a WLC virtual interface?

Answer 104

Unique nonroutable IP such as a private address

Question 105

Why should each controller in a mobility group use the same virtual interface address?

Answer 105

Appear to operate as a cluster as clients roam from controller to controller

Question 106

True/False: You only need one dynamic interface to support multiple WLANs

Answer 106

False.

You must create one dynamic interface for each WLAN offered by the controller’s APs and map the interface to the WLAN

Question 107

What is the downside of creating too many WLANs?

Answer 107

A channel can be starved of any usable airtime. Clients will have difficulty transmitting their own data because the channel is too busy with beacon transmissions coming from the AP