17 Flashcards
A monitoring port on a network device is referred to as
TAP
Which of the following wireless encryption schemes offers the highest level of protection?
WPA3
Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities resulting from implementation flaws?
WEP
Which of the cryptographic algorithms listed below is the least vulnerable to attacks?
AES
Which of the following encryption schemes is used in WiFi Protected Access 2 (WPA2)?
** AES-CCMP **
AES-Counter Mode CBC-MAC Protocol
For the purpose of encryption, WiFi Protected Access 3 (WPA3) takes advantage of: (Select 2 answers)
** AES-GCMP **
Galois Counter Mode Protocol (GCMP) is supported by 802.11ac, is more efficient than AES-CCMP and provides better performance for wireless clients
Which of the following acronyms refers to a client authentication method used in WPA2 Personal mode?
PSK
Which of the following acronyms refers to a client authentication method used in WPA3 Personal mode?
** SAE **
SAE (Simultaneous Authentication of Equals): SAE is a key exchange protocol used in WPA3 for securing the initial connection setup. It improves security against offline dictionary attacks compared to the pre-shared key (PSK) used in WPA2.
Extensible Authentication Protocol (EAP) is an authentication framework frequently used in wireless networks and point-to-point connections. EAP provides an authentication framework, not a specific authentication mechanism. There are many authentication mechanisms (referred to as EAP methods) that can be used with EAP. Wireless networks take advantage of several EAP methods, including PEAP, EAP-FAST, EAP-TLS, and EAP-TTLS.
True
Which of the following EAP methods offers the highest level of security?
** EAP-TLS **
EAP-TLS (Transport Layer Security) EAP-TLS provides certificate-based, mutual authentication of the network and the client
Which of the EAP methods listed below relies on client-side and server-side certificates for authentication?
** EAP-TLS **
EAP-TLS (Transport Layer Security) EAP-TLS provides certificate-based, mutual authentication of the network and the client
Which of the following answers refers to an IEEE standard that can be implemented in a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?
IEEE 802.1X
Which of the following would be the best solution for securing a small network that lacks an authentication server?
** WPA3-SAE **
WPA3 uses Simultaneous Authentication of Equals (SAE) to provide stronger defenses against password guessing. SAE is a secure key establishment protocol
What are the characteristic features of WPA2/WPA3 Enterprise mode? (Select 3 answers)
- Suitable for large corporate networks
- IEEE 802.1X
- Requires RADIUS authentication server
A solution that simplifies configuration of new wireless networks by allowing non-technical users to easily configure network security settings and add new devices to an existing network is known as:
** WPS **
WPS stands for WiFi Protected Setup. A router with a WPS button can allow any device to automatically connect to your router when the WPS button is pressed. When you press the WPS button, your router looks for compatible devices right away and allows those devices automatically connect.