Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Wireless Security > 151-200 > Flashcards

151-200 Flashcards

1
Q

Which of the following is a wireless device that is created to allow a cracker to conduct a man-in- the-middle attack?

A. Protocol analyzer

B. Lightweight Access Point

C. WLAN controller

D. Rogue access point

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You work as a Network Administrator for NetTech Inc. The company has a Windows 2003 domain-based network. The company has a main office and several branch offices. You want to centralize theadministration. Therefore, you implement a Remote Authentication Dial-In Service (RADIUS) server. Each branch office supports its own Routing and Remote Access Server. You remove the default remote access policy, as you want to secure communications and implement a single policy that requires all dial-up

communications to use a 40-bit encryption. What will you do to accomplish this? Each correct answer represents a part of the solution. Choose two.

A. Set the level of encryption to Basic in the remote access policy.

B. Create a remote access policy on the RADIUS server.

C. Create a remote access policy on the Routing and Remote Access Server of each branch office.

D. Set the level of encryption to No Encryption in the remote access policy.

A

A, B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following keys is derived by Pairwise Master Key (PMK)?

A. Private Key

B. Pairwise Transient Key

C. Public Key

D. Group Temporal Key

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following components are normally required to secure wireless 802.11 networks?

Each correct answer represents a complete solution. Choose all that apply.

A. Segmentation

B. Authentication

C. Strong encryption

D. Accessibility

A

A, B, C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Your client has a brand new laptop. He is trying to connect to his home network, which is using an older (802.11b) wireless router. The router is set for encryption but not MAC filtering. What is the most likely problem?

A. His laptop has a newer operating system that cannot communicate with the router.

B. His physical address for the laptop is not in the router.

C. His laptop is using the WPA encryption protocol.

D. The laptop does not have a wireless NIC.

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following protocols is used for authentication in an 802.1X framework?

A. IPSec

B. TKIP

C. EAP

D. L2TP

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is a security access control technique that allows or prevents specific network devices from accessing the network?

A. Ingress filtering

B. MAC filtering

C. Route filtering

D. Packet filtering

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following protocols is used by Point-to-Point (PPP) servers to validate the identity of remote clients?

A. EAP-TTLS

B. CHAP

C. PPP

D. IPSec

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is the most secure protocol used for encryption in a wireless network?

A. WPA2

B. WPA

C. WEP

D. IPSec

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following are secure device management protocols?
Each correct answer represents a complete solution. Choose all that apply.

A. SNMPv3

B. HTTP

C. HTTPS

D. SSH

A

A, C, D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is an infrastructure system that allows the secure exchange of data over an unsecured network?

A. PKI

B. PMK

C. PTK

D. GTK

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following security protocols uses a single, manually configured, static key for data encryption that is shared by the client and the WAP?

A. L2TP

B. WEP

C. IPSec

D. WPA

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You work as a Network Administrator for uCertify Inc. You need to set up a management system on your network. Which of the following protocols will you use to manage your network?

A. SNMP

B. TCP

C. HTTP

D. IP

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following tools monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools?

A. Firewall

B. Snort

C. IDS

D. WIPS

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following protocols ensures that all relevant information is delivered to the correct access point to which the client station is associated?

A. IAPP

B. PPP

C. CHAP

D. MS-CHAP

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is a passive device that views the current content of the packet traveling on the network?

A. Spectrum analyzer

B. Protocol analyzer

C. WLAN controller

D. Rogue AP

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following are the main components of a Wi-Fi Protected Setup (WPS) protocol architecture?

Each correct answer represents a part of the solution. Choose all that apply.

A. Authenticator

B. Registrar

C. Supplicant

D. Enrollee

A

A, B, D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following wireless security features provides the best wireless security mechanism?

A. WPA

B. WPA with 802.1X authentication

C. WEP

D. WPA with Pre Shared Key

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following are tunneling protocols used in a virtual private network (VPN)?

Each correct answer represents a complete solution. Choose all that apply.

A. MD5

B. L2TP

C. PPTP

D. SCP

A

B, C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

On which of the following, digital signatures are based?
Each correct answer represents a complete solution. Choose two.

A. Hashing functions

B. Symmetric encryption

C. RADIUS

D. Asymmetric encryption

A

A, D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

You work as a professional Computer Hacking Forensic Investigator. A project has been assigned to you to investigate the DoS attack on a computer network of SecureEnet Inc. Which of the following methods will you perform to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

A. Look for core files or crash dumps on the affected systems.

B. Seize all computers and transfer them to the Forensic lab.

C. Sniff network traffic to the failing machine.

D. Look for unusual traffic on Internet connections and network segments.

A

A, C, D

22
Q

Radios on AP are turned off, and the AP listens for ARP messages on a wired network. The controller generates an alarm if an ARP is heard on a wired LAN. In which mode does the AP operate if this task is performed?

A. Local mode

B. Rogue detection mode

C. Monitor mode

D. Sniffer mode

A

B

23
Q

You work as a Network Administrator for SpyNet Inc. The company has a Windows-based network. You have been assigned the task of auditing the scheduled network security. After a regular audition, you suspect that the company is under attack by an intruder trying to gain access to the company’s network resources. While analyzing the log files, you find that the IP address of the intruder belongs to a trusted partner company. Assuming this situation, which of the following attacks is the company being subjected to?

A. CookieMonster

B. Man-in-the-middle

C. Spoofing

D. Phreaking

A

C

24
Q

Which of the following security protocols is required by Robust Security Network (RSN)?

A. IPSec

B. SCP

C. CCMP

D. SSL

A

C

25
Q

Which of the following protocols are types of VPN protocols?

Each correct answer represents a complete solution. Choose all that apply.

A. PEAP

B. L2TP

C. IPSec

D. PPTP

A

B, C, D

26
Q

Which of the following is an access control model that allows users to access any of the resources according to his role in an organization?

A. LDP

B. RBAC

C. CBAC

D. LDAP

A

B

27
Q

Which of the following wireless security policies helps to prevent the wireless enabled laptops from peer-topeer attacks when the laptops are used in public access network?

A. Use Port Address Translation.

B. Use protocol analyzer.

C. Use security protocols.

D. Use firewall.

A

C, D

28
Q

Which of the following attacks saturates network resources and disrupts services to a specific computer?

A. Replay attack

B. Polymorphic shell code attack

C. Teardrop attack

D. Denial-of-Service (DoS) attack

A

D

29
Q

Which of the following attacks are prevented from a mutual authentication solution? Each correct answer represents a complete solution. Choose all that apply.

A. Hijacking

B. Man-in-the-middle attack

C. Eavesdropping attack

D. Phishing

A

A, B, D

30
Q

Which of the following is a network security device that monitors network activities for malicious or unwanted behavior?

A. IDS

B. IPS

C. WEP

D. ASA

A

B

31
Q

Which of the following protocols is used to provide security for network traffic transmitted across a TCP/IP network?

A. TCP

B. IP

C. IPSec

D. UDP

A

C

32
Q

A government agency requires the utmost in WLAN security and is currently creating an updated WLAN security policy to outline the security procedures to be implemented on all wireless networks within the agency.

Documentation procedures for any security event in the agency require a detailed paper trail including specifics on the time/date, physical location, and type of attack. What tasks must be required by the new security policy to ensure adherence to the documentation requirements? (Choose three)

A. Implementation of a wireless intrusion prevention system

B. In depth review of WIPS security event reports

C. Frequent customized WIPS security event reports

D. Configuration of WIPS to send all WLAN security events to RADIUS

E. Failed EAP-TLS client authentication attempts due to inaccurate passwords

A

A, B, C

33
Q

Given: ABC University is deploying a WLAN across 30 campus buildings to provide wireless network and Internet access to 15,000 college students. ABC’s security policy mandates physical security of infrastructure network devices.

What would be the most effective steps for upholding ABC’s physical security requirements throughout their network? (Choose two)

A. Install access points in lockable ceiling-mount enclosures.

B. Enable security and configure strong passwords for HTTP management on the APs.

C. Always mount APs in redundant pairs as a precaution against tampering.

D. Use access points with non-removable antennas to prevent antenna theft.

E. Use proprietary PoE powered access points to prevent unauthorized use in case of theft.

A

A, D

34
Q

Which WLAN attacks does personal firewall software prevent?

A. 802.11 deauthentication attacks

B. RF jamming attacks from nearby intruders

C. Computer viruses from peer WLAN devices

D. Wi-Fi phishing attacks athot-spots

E. WLAN hijacking attacks by co-workers

A

C

35
Q

You are a consultant, hired by ABC Corporation to perform a risk assessment and impact analysis for intrusions on their new 802.11g WLAN. Which areas would you weigh most heavily while performing these tasks for ABC Corp? (Choose two)

A. The sensitivity of information sent over the wireless network

B. The types of operating systems in use by WLAN end users

C. The legal implications of an intruder stealing sensitive data

D. The layer 2 and layer 3 roaming mechanisms currently in place E. The type of wired infrastructure supporting the wireless network

A

A, C

36
Q

XYZ University has recently installed a secure WLAN solution. There have been no problems with network intrusion, but due to the weekend entertainment schedule of the university’s social infrastructure, many access points in the residence halls have be damaged or stolen. What are some ways to prevent this type of security event from affecting network operation and security?

A. Put an access point in each residence hall room and make the students responsible for the access point

B. Migrate to a WLAN switched infrastructure with lightweight (thin) access points

C. Install web-based IP cameras in the same areas with access points to monitor theft

D. Install access points in lockable enclosures in the ceiling or on the wall of the facilities

A

D

37
Q

According to its corporate security policy, ABC Company is creating a ‘WLAN Security and Performance’ checklist to assure that all autonomous access point deployments are consistently secure and maximize performance. What item does not belong on such a checklist?

A. Cipher suite is CCMP

B. Default passwords are changed

C. WIPS mode is enabled on each AP

D. Preauthentication is enabled

E. 802.1X/EAP is in use

A

C

38
Q

Given: The phases of security policy development include:

1) Communication
2) Response and enforcement
3) Define and document

4) Monitoring and auditing 5) Management buy in
6) Revise and fine tune

Choose the correct order of steps for security policy development phases, from first to last.

A. 3, 5, 1, 4, 2, 6

B. 5, 2, 3, 6, 4, 1

C. 3, 4, 2, 1, 5, 6

D. 1, 2, 4, 5, 6, 3

A

A

39
Q

When securing a wireless Ad Hoc network, which options are practical security mechanisms? (Choose three)

A. WEP

B. WPA-Enterprise C. IPSec/ESP

D. PPTP/MPPE VPN

E. SSH2 VPN

F. WPA2-Personal

A

A, C, F

40
Q

Which protocols that are used to manage WLAN infrastructure devices support authentication and encryption? (Choose three)

A. POP3/SSL

B. SNMPv3

C. SSH2

D. HTTPS

E. LDAP F. RIPv2

A

B, C, D

41
Q

ABC Company has 5 departments, and each requires a separate LAN segment and 802.11g WLAN connectivity. Which devices in ABC Company’s network are unaware of the 802.1Q VLANs? (Choose two)

A. Supplicant

B. Authenticator

C. Ethernet Switch

D. Authentication Server

A

A, D

42
Q

Which encryption algorithm can use two keys to encrypt wireless data payloads?

A. 3DES

B. RC4

C. RC5

D. DES

E. AES

A

A

43
Q

ABC Corporation has implemented an IPSec security solution to protect their new 802.11g WLAN. You are hired to audit the WLAN security and find that data is traversing the wireless segment in clear text. You notify the network manager, but he argues that IPSec is supposed to protect data using strong encryption. You explain that they have implemented IPSec improperly, causing data to be sent in clear text.

Which IPSec protocol has ABC Corp implemented to cause traffic to traverse the wireless medium in clear text?

A. AH-MD5-HMAC

B. SSH2/BLOWFISH-CBC

C. 802.1X/EAP-TLS

D. ESP-SHA1-HMAC

E. PPTP/MPPE-128

A

A

44
Q

ABC Company has implemented WPA2-Enterprise with PEAP on their WLAN. They use POP3/SSL for email retrieval. At what OSI layers is encryption applied using these security protocols? (Choose two)

A. Layer-1

B. Layer-2

C. Layer-3

D. Layer-4

E. Layer-7

A

B, E

45
Q

ABC Corporation has hired you to review their wireless network security design. Part of the design allows for clients to establish a secure wireless VPN connection with the corporate network from local Wi-Fi hot-spots. ABC Corporation is considering L2TP as the tunneling protocol. Why will L2TP alone NOT fit this particular security configuration?

A. L2TP does not natively implement encryption. Tunneled traffic is still susceptible to eavesdropping.

B. L2TP will not work over 802.11 networks because of address translation requirements.

C. L2TP builds a non-IP tunnel between source and destination. Non-IP tunnels cannot be routed over theInternet.

D. L2TP implements native encryption using the RC4 stream cipher. RC4’s strength is not adequate to securetraffic traversing the Internet.

A

A

46
Q

Which WLAN authentication protocols support mutual authentication without the use of x.509 digital certificates? (Choose two)

A. 802.1X/EAP-TTLS/MS-CHAPv2

B. 802.1X/EAP-TLS

C. 802.1X/PEAPv0/EAP-MSCHAPv2

D. 802.1X/LEAP

E. 802.1X/PEAPv1/EAP-GTC F. 802.1X/EAP-FAST

A

D, F

47
Q

Which statement is true regarding networks protected with port-based access control compliant with the 802.1X-2004 standard?

A. The 802.1X standard addresses access control, authentication framework, and data privacy. Encryption ismandatory.

B. The 802.1X standard addresses only access control and authentication framework, not data privacy

C. The 802.1X standard addresses authentication framework and data privacy. Encryption is optional based onthe EAP type used.

D. The 802.1X standard addresses authentication framework, access control, and data privacy. EAP isoptional. Encryption is mandatory.

A

B

48
Q

The 802.11-2007 standard defines which two port access entities (PAEs)? (Choose two)

A. Supplicant

B. Supplication Server

C. Encryptor

D. KDC

E. Authenticator

F. Authentication Server

A

A, E

49
Q

An entity at one end of a point-to-point LAN segment that seeks to be authenticated by an Authenticator attached to the other end of that link’ describes what role in the 802.1X 2004 standard?

A. Authentication Server

B. EAPoL Peer

C. Ethernet Switch

D. Supplicant PAE

E. Port Access Control PDU

A

D

50
Q

According to the 802.11i-2004 amendment, when is the 802.1X controlled port placed in an ‘authorized’ state?

A. Only after the uncontrolled port has been opened for a specific period of time

B. During user authentication, but only after the EAP-Identity/Response frame is received

C. All the time, without regard to EAP user authentication

D. After the EAP user has been mutually authenticated

E. After a successful 4-Way Handshake

A

E

Wireless Security (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions