CCNA Wireless 640-722 IUWNE Flashcards
What are the different wireless Modes available?
- Ad Hoc Mode
2. Infrastructure Mode
What is Ad Hoc Mode and what are two alternate names for it?
It is when independent devices connect to one another wirelessly without an access point.
Also referred to as IBSS (Independent Basic Service Set) or Peer to Peer.
What is BSS and what does it stand for?
Basic Service Set - Area around where the wireless device can extend to.
Like how far the radio on my laptop can reach 360 degrees around me.
What is IBSS and what does it stand for?
Independent Basic Service Set. Another name for Ad Hoc Mode. It is when a wireless network is set up without the use of a wireless access point. Also called Peer to peer.
What is Infrastructure Mode?
When a wireless network is set up using access points for clients to connect to. They don’t connect to each other directly, they connect to each other and other network resources via an access point.
What is an AP and what does it stand for?
Access Point. Used in Infrastructure Mode. Provides access to wireless clients.
What is BSA and what does it stand for? What are two alternate names for it?
Basic Service Area also referred to as a Cell. You may even see the term BSS related to this.
Range for an individual access point as far as the area that it covers. A client must be within this area in order to join this access point.
What is an SSID and what does it stand for?
Service Set Identifier.
Name for a wireless network. Clients will choose to join this name to attach to the wireless network.
It is recommended that you do not name your SSIDs obviously to avoid inviting hackers. For example, don’t name your home SSID with your last name or address.
What is DS and what does it stand for?
Distributed System
Connectivity that leads to everything else that the wireless client might want to get to (File System, Internet, etc.).
The path from the Wireless Access Point to everything else is considered the DS.
What is a controller and what is another name for it?
WLC or Wireless LAN Controller
Manages wireless access points and assists with AP channel management. Configurations can be made from the WLC and pushed down to the Wireless APs.
What is ESS and what does it stand for?
Extended Service Set
When you have two or more access points on different radio frequencies working in conjunction with a WLC and they are all advertising a common network.
For example AP1 is sending on Channel 6 and AP2 is sending on Channel 11 but both are advertising the SSID for CBTNuggets. Multiple clients could join the CBTNuggets network but be connected to different APs running on different radio signals.
What AP will a client join to if it is within range of multiple APs (it is within the BSA of multiple APs)?
It will join the one that it happens to be closest to signal strength wise (not necessarily distance wise).
What is Roaming?
When a client moves out of range from one AP’s Basic Service Area (BSA) into another AP’s BSA. If set up correctly, the client should associate with the second AP seamlessly on the same SSID.
Who makes the standards for wireless (and other technologies)?
IEEE - Institute of Electrical and Electronic Engineers.
What is the purpose of a Working Group in the IEEE and how is a Working Group formed?
A Working Group’s purpose is to write a standard for something. These were formed usually when there was a project that identified a need so a working group was formed to create the standards by which multiple vendors could build equipment that could inter-operate with each other.
What is the IEEE Working Group for Wireless?
802.11 - Wireless LAN
What are the 4 main IEEE Sub-groups for Wireless?
- 802.11b
- 802.11g
- 802.11a
- 802.11n
What layers is the IEEE 802.11 Group responsible for?
Layers 1 & 2
What is the name of the 3rd party entity that allows vendors to get their product certified with the IEEE standard for Wireless and what does that 3rd party do?
Wi-Fi Alliance
Verifies vendors followed the IEEE specifications for interoperability.
What is a Regulation Organization and what is their purpose?
FCC - Federal Communications Commission is an example of a regulatory body in the USA.
It defines things such as how much power can be used to generate radio frequency and what frequency we can send on.
What are the 3 main channels that wireless signals can be broadcast on in the USA in the 2.4 GHz range?
1, 6 & 11
What range and speed does 802.11ac operate at?
5 GHz range
1 Gbps speed
What is a wave form and why is it called a Wave?
When a radio emits a signal which is an electromagnetic field being sent away from the transmitter.
Called a Wave because it goes up and down and up and down, etc. It repeats itself.
What is Attenuation?
When the signal gets further and further away from the transmitter and gets weaker and weaker and has less energy as a result.
What are some things that an Electromagnetic Wave Forms consist of?
Frequency
Wavelength
Amplitude
What is Frequency?
How fast or how often a pattern or cycle repeats itself.
Examples: 1Hz 1KHz 1MHz 1GHz 1THz
What are the main Frequencies we typically deal with (names and numbers)?
UHF - Ultra High Frequency
SHF - Super High Frequency
2.4 GHz (Channels spaced 5 MHz apart) 5 GHz (Channels spaced 22 MHz apart)
What is a Wavelength?
How wide one cycle is.
Lower Frequencies have Longer Wavelengths? T/F
True
Lower Frequency = Long Wavelength
High Frequency = Short Wavelength
What travels further, low frequency signals or high frequency signals?
Low Frequency
Generally speaking a low frequency signal will have the ability to travel further and cover more distance than a higher frequency signal.
What is Amplitude?
How tall the Wavelength is for a particular frequency.
What is stronger, a signal with a taller wavelength or a short wavelength?
Taller.
Smaller is less powerful.
Taller is more powerful.
More Energy = More Amplitude
What is RSSI and what does it stand for?
Received Signal Strength Indicator
A wireless receiver can identify and compare and contrast the actual signal strength received from a transmitter.
When more than one access point is available to a wireless receiver, how will the receiver determine which one to use?
The client or wireless receiver will connect to the AP that has the strongest signal (RSSI).
Which RSSI is stronger, -87 or -62?
-62 is stronger. The closer the RSSI is to 0 dBm, the better or stronger the signal is.
What are some things that can hurt wireless signals? Name 6.
Path Loss Scattering Obstacles Mirror/Reflections Long Range Atmosphere Refraction Noise
What is Path Loss (aka Free Path Loss) and what is the primary cause of it?
When there aren’t any obstacles within the path of the wireless transmitter or receiver but the signal gets weaker and weaker (attenuates) the further it travels from the receiver.
Spreading is the primary cause.
Energy traveling in an electromagnetic wave spreads in three dimensions , weakening the signal strength over a distance.
Think of the waves generated by through a rock into a body of water (even though that is two dimensions). The waves around the rock are big but get smaller and smaller as they travel away from where the rock entered the water, even though there isn’t anything in those wave’s way.
What is Scattering?
Similar to Path Loss it doesn’t require anything big to be in the way.
An example is the water molecules in the air on a humid day. These water molecules could cause the signal to go in many directions (scatter) and that would degrade the signal.
How do obstacles hurt wireless signals and what is an example?
They absorb some of the signal. Different obstacles absorb differently.
A lead wall is an example.
What is Reflection?
When the wireless signal hits an object and is then bounce off in some strange direction.
What is a condition that is caused by Reflection?
Multipath
What is Multipath?
Happens when a signal is reflected and splits in different directions and both paths make it to the receiver. This is a bad thing.
What is a Phase?
When the multiple signals look the same they are considered to be “In Phase”. They are in exact harmony with one another. If you were to draw them on paper and put them right on top of one another then they would match up exactly.
What is Noise Cancellation?
When two phase shifts caused by a reflection are 180 degrees (exact opposite of each other).
What is downfade?
When the reflected signals reach the receiver out of phase with each other but are not exactly 180 degrees (opposite) out of phase.
What is upfade?
When reflected signals reach the receiver and are in Phase (exact same).
What are 3 scenarios relating to Fade?
- Two reflected signals 180 degrees out of phase - Won’t work. They cancel each other. This is rare.
- Two reflected signals are in Phase = Upfade. This works and actually makes the signal stronger but it is rare.
- Two reflected signals Out of Phase by a small amount (20 to 100 degrees) = Downfade. Degradation of the signal at the client. This is most common.
What is Noise?
Anything interfering with or harming RF (Radio Frequency) signal. For example:
- Multipath out of phase signal
- Other devices using the same frequency and in range.
How much noise can we tolerate and still survive with our Radio Frequency being used?
It depends on many factors but there is a guideline called SNR or Signal to Noise Ratio that can be used to determine it.
What is SNR and what does it stand for?
Signal to Noise Ratio
Used to determine how much noise we can tolerate and still survive/transmit data.
What is the formula used to determine SNR?
RSSI minus Noise
What is the best way to fix Noise in your wireless environment?
Remove the noise or move to a different frequency.
What is a Watt?
A measurement of energy.
Name after James Watt.
How is 1 Watt represented?
1W
How is 1000 Watts represented and what is it called?
1 kW - Kilowatt
How is One Thousandth of a Watt (1/1000) represented and what is it called?
1 mW - Milliwatt
What measurement of energy is most common when dealing with Wireless.
1 mW - Milliwatt
What is a Decibel?
Gives us the ability to compare and contrast one signal compared to a baseline.
What is dBm?
Decibels (dB) in relation to Milliwatts (mW)
What is 10 dBm in mW?
10 mW
What is 0 dBm in mW?
1 mW
What is -10 dBm in mW?
1/10 or .1 mW
What is the scale to figure out dBm to MilliWatt calculations?
10 = 10x 3 = 2x 0 = Same -3 = 1/2 or .5 -10 = 1/10 or .1
If something is 3 dBm then it is 2 times the reference. For example, if you are using 1 mW as the reference point then 3dBm would equal 2 mW.
What is the H-Plane and what is another name for it?
Horizontal Plane (aka Azimuth Plane)
Top view
Where the signal radiates from horizontally as if you were looking down on the AP.
What is the E-Plane?
Side View
Where the signal radiates from as if you were looking at it from the side.
What is EIRP and what does it stand for?
Effective Isotropic Radiated Power (EIRP)
How much power we can actually emit from our access point with its associated antenna or antennas.
Who sets the EIRP value in the USA and what is that value?
FCC
The EIRP is always limited to + 36 dBm in the 2.4-GHz band, except in the case of point-to-point links.
What is the formula for figuring out the EIRP value.
Tx Power (dBm) + Antenna Gain (dBi) - Cable Loss = EIRP
What is dBi and what does it stand for?
Antenna Gain (dBi) - Decibels dB & Isotropic i
Takes the energy given to it from an access point and focuses it over a certain area. The amount of focus that the antenna is going to apply to that incoming signal as it sends it out.
What is Cable Loss?
Loss as the signal goes between the access point and the connected antenna, especially if it is an antenna connected with a very long cable.
What is dBd and what does it stand for?
Diplole Reference (dBd) - Decibels dB & Diplole
Refers to a decibel gain in relation to a dipole antenna
What is the gain of a dipole antenna?
2.14 dBi (Cisco Press) or 2.15 dBi (CBT Nuggets and general Google Search)
What is the formula for figuring out dBi?
dBd + 2.15 = dBi
If an antenna has a 4.85 dBd, what will the dBi be?
7.00
dBd + 2.15 = dBi 4.85 dBd 2.14 \+------- 7.00
What are the 2 main Antenna classifications?
- Uni directional
2. Omni directional
What is a Uni Directional Antenna?
Radiated power would go out in only a certain direction
What is an Omni Directional Antenna?
Radiated power would go out in all directions
The antenna on its own power is sending signals out in all directions.
What is one of the most important aspects of making sure we get the right coverage?
Doing a site survey on the premises
What is Diversity?
Allows the access point to choose which antenna it is going to use for sending and receiving.
Most of the connections between the Access Point and the Antenna are propriety? T or F and why?
True - Because FCC encourages it so you can’t connect the wrong type of antenna to the gear and put your EIRP out of spec.
When would an amplifier be used?
When the cable is too large or too long and you need to insert it between the AP and the Antenna to boost the signal.
When would a Lightning Arrestor be used?
Inserted between an outdoor antenna and the AP to protect the AP from also being damaged in case of a large transient spike of energy but cannot protect against direct lightning strikes on the antenna.
When would a splitter be used?
When you need to connect the AP to multiple antennas.
What does ISM stand for?
Idustrial, Scientific and Medical Bands or frequencies being used in our wireless local area networks
What does UNII stand for?
What is the U-NII-1 Band used for and which channel number does it begin at?
Unlicensed National Information Infrastructure bands or frequencies being used in our wireless local area networks
The U-NII-1 band is the first of four 5-GHz bands set aside for wireless LAN use and begins at channel 36.
What is Spread Spectrum?
Encoding the signal over a range of frequencies that are grouped together.
What are the 3 different types of Spread Spectrums?
- FHSS - Frequency Hopping Spread Spectrum
- DSSS - Direct Sequence Spread Spectrum
- OFDM - Orthogonal Frequency Division Multiplexing
What does DSSS stand for and what are some of its characteristics?
DSSS - Direct Sequence Spread Spectrum
- 22 MHz range of frequencies (channel width is 22 MHz)
- More efficient than FHSS (Frequency Hopping Spread Spectrum)
- Used by 802.11, 802.11b, & 802.11g
What does OFDM stand for and what are some of its characteristics?
OFDM - Orthogonal Frequency Division Multiplexing
- 20 MHz range
- Chops up the Spread Spectrum into smaller chunks and more efficiently uses that bandwidth for those frequencies. The result is faster speeds.
- Used by 802.11g, 802.11a & 802.11n
What is ERP and what does it stand for?
ERP - Extended Rate Physical
Fancy way for saying the client can support 802.11g
What are the characteristics of the original 802.11 standard?
- Frequency - 2.4 GHz
- Coding/Modulation - FHSS or DSSS
- Max Throughput - 2 Mbps
What are the characteristics of the 802.11b standard?
- Frequency - 2.4 GHz
- Coding/Modulation - DSSS
- Max Throughput - 11 Mbps
What are the characteristics of the 802.11g standard?
- Frequency - 2.4 GHz
- Coding/Modulation - DSSS or OFDM
- Max Throughput - 54 Mbps
- Backward compatible with 802.11b
What are the characteristics of the 802.11n standard?
- Frequency - 2.4 or 5 GHz
- Coding/Modulation - OFDM
- Max Throughput - 300+ Mbps
- Uses 40 MHz wide range of frequencies (every channel will be 20 MHz wide and get bonded together to make 40 MHz)
What is MIMO?
Multiple In Multiple Out
When you have more than one antenna on your AP being used together to get more throughput by putting multiple streams across the network at the same time.
What is Spatial Multiplexing?
Taking data that needs to be sent and chopping it up it up into two or more streams and sending them simultaneously.
Abbreviated as SM or SMX
What is Beamforming?
Adjusting the phase as you’re sending a signal out multiple antennas at the same time, so that when the customer gets it, it looks like one nice, strong signal.
What is MRC and what does it stand for?
Maximal Ratio Combining
When an AP takes signals it receives from clients when the client’s signal finally reaches the AP after being bounced around off of different things in the environment and combining them to make it a better signal.
Is Wireless half duplex or full duplex?
Half
What are the 3 categories of Wireless Frame types?
- Management
- Control
- Data
What are 4 Management Frames?
- Beacons
- Probes
- Association
- Authentication
What are 3 Control Frames?
- RTS - Request to Send
- CTS - Clear to Send
- ACK - Acknowledgment
What is the sequence a PC uses to send wirelessly?
- Pick a number between 0 and 31 at random
- Count down from that number to 0 while listening for other traffic.
- If other traffic is seen, take the number it is currently at and add the NAV of the other traffic and continue to count down.
- Send a RTS it counts down to 0.
- Get a CTS.
- Send the Data with NAV telling other how long it needs.
- Receive Acknowledgment
What is DCF and what does it stand for?
Distributed Coordination Function
- Method used in Wireless networks to coordinate sending traffic so its not on top of each other.
- It is how we implement CSMA/CA by using the RTS, CTS and ACK
What is DIFS and what does it stand for?
DCF Inter-Frame Space
It is the normal delay you will have between packets or frames on a wireless network.
What is SIFS and what does it stand for?
Short Inter-Frame Space
Used for receiving acknowlegments and allows those ACKs to be sent immediately.
Can be thought of as prioritized frame sending.
What are the 10 frames you will most likely see when a device pings another device in infrastructure mode?
- Source sends RTS to AP
- AP sends CTS to Source
- Source sends ICMP echo-ping to Destination
- AP sends ACK to Source
- AP sends ICMP echo-ping to Destination
- Destination sends ACK to AP
- Destination send IPCM echo-reply to Source
- AP sends ACK to Destination
- AP send ICMP echo-reply to Source
- Source sends ACK to AP
Will you always see a source address for a frame in a Wireshark capture?
No, if you were to look at the packets in Wireshark you would not see a Source Address for Clear-to-Send or Acknowledgment messages.
This is because it is implied that it is the device that the Request-to-Send frame was sent to is the device that is replying so we save a little bit of space in the CTS and ACK frames by not having to include a Source Address.
What is the DS Status Flag?
Flag in the frame that tells you if the frame is coming from or going to a DS (Distribution System).
What is the first bit for in the DS Status Flag?
Indicates if it is coming from the Distribution System (DS)
What is the second bit for in the DS Status Flag?
Indicates if it is going to the Distribution System (DS)
What are the valid combinations of DS Status Flags and their meanings?
00 - Not coming from or going to a DS (non-data packets or ad-hoc mode)
01 - Going to a DS
10 - Coming from a DS
11 - Coming from a DS going to another DS (mesh or repeaters)
Will an RTS/CTS combo always be used?
No. If a device is going to send a small packet that doesn’t exceed the RTS/CTS threshold then the device will get that random #, do the countdown and then simply send without the RTS/CTS.
Devices can send an RTS and not wait for a CTS? T/F
True
Devices will send an RTS and then just start sending traffic.
What is a CTS-Self?
When a devices sends a CTS to itself which tells other devices to back off because it is using some bandwidth.
What are some things that can interfere with 802.11 Wireless (name 4 main categories)?
- WiMax
- ZigBee
- Bluetooth
- Anything that generates a signal such as:
- Gaming
- Wireless Phones
- Microwave ovens
- Monitors (like baby monitors)
- Lights
What is Split MAC?
Split MAC is when the responsibilities between the AP and WLC are split up.
AP
- Uses its radio to generate the wireless signal
- Takes care of any real-time messaging to clients such as:
- Beacons
- Response to probes
- ACKs
- CTS/RTS
WLC
- Takes care of decisions like:
- Authentication
- Authorization
- Policy
- Disassociation Requests
What is CAPWAP and what does it stand for?
Control and Provisioning of Wireless Access Points
It is the language of love between the AP and WLC
What are the two different streams used by CAPWAP?
- Control - Used to manage the AP from the WLC (like telling the AP to change frequency or channel for example)
- Data - Used to pass data from wireless clients
What is the quick overview of traffic from a wireless client to a server using CAPWAP?
- PC sends traffic to AP wirelessly
- AP encapsulates it into CAPWAP and sends the traffic down to the WLC over the data stream.
- WLC then de-encapsulates the packet out of CAPWAP and decides what to do with it.
- WLC forwards the frame with the appropriate layer 2 source address (the original PC sending the traffic) and the appropriate layer 2 destination address (the server, if on the same vlan or the MAC of the router to get to the server if the server is on a different vlan).
What is WCS and what does it stand for?
Wireless Control System
Single point of management that allows you to manage multiple Wireless LAN Controllers
What does the WCS Navigator do?
Manages multiple instances of the WCS.
What is MSE and what does it stand for?
Mobility Services Engine
Provides (among other things) better insight into what is really happening in the RF space that we’re using, including something called wireless intrusion prevention system which can warn you if an unauthorized AP pops up in your space.
What device would be responsible for authentication of a user in a stand alone or autonomous WLAN?
AP
If it was using a WLC then the WLC would be responsible but it is not in this case.
What is MBSSIDs and what does it stand for?
Multiple Basis Service Set Identifiers
Where one physical AP appears as multiple APs because it is advertising more than one Service Set Identifiers (SSID).
What is an LWAP and what does it stand for?
Lightweight Access Point
An access point that is controlled/management by a WLC
What is H-REAP and what does it stand for?
Hybrid Remote Edge Access Point
An AP in this mode has the ability to make forwarding decisions on what Vlan the traffic goes on without sending it back to the WLC.
How should an LWAP be configured on a switch.
switchport mode access
switchport access vlan
mls qos trust dscp
spanning-tree portfast
How should a WLC, Autonomous AP, or H-REAPs be configured on a switch?
switchport mode trunk
switchport trunk encapsulation dot1q
mls qos trust cos
spanning-tree portfast trunk
Can the Service IP Address and the Management IP Address on a WLC be in the same subnet? T/F
False
They cannot be in the same subnet
How can you determine what WLC to use?
Figure out how many APs you need and purchase a WLC based on current needs and future growth.
What is the Service Port on a WLC used for?
It is an Out Of Band (OOB) Management port used to administer the WLC.
What is the Management Port on a WLC used for?
To communicate to the APs with and it could also be used for management of the controller.
What DHCP option do APs use to find the WLC they should build a CAPWAP tunnel to?
Option 43
What are the 4 basic steps to set up a WLAN so a client can connect after the controller has been installed? (This assumes switch and DHCP and router, etc. are already configured).
- Name your AP (optional)
- Set the mode on the AP (FlexConnect is a good one)
- Create a new Logical Interface
- Create a new SSID and associate it with that logical interface.
What is the FlexConnect Mode on an AP used for?
Does switching and forwarding of frames without having to send all of that information to the controller.
What is the summary boot process for an AP?
- Boot
- Discovery
- Join
- Check Code
- If code matches then go to step 5
- If code doesn’t match then upgrade and start back at 1 - Get config from WLC
- Run
What are the 4 methods of Discovery for an AP to learn about a WLC (List them in order)?
- Broadcast
- Flash (Primed Entries or list from previously joined)
- DHCP
- DNS
How does the Broadcast Discovery method for an AP to learn about a Controller work?
The AP does a network broadcast asking if there are any wireless LAN controllers. If some do exist in the same Vlan as the APs then they will respond.
How does the Flash Discovery method for an AP to learn about a Controller work?
If the AP has successfully connected with a WLC previously then it will remember that using its Flash memory and can use that information to connect to it again, even if the AP itself has been moved to a different subnet.
How does the DHCP Discovery method for an AP to learn about a Controller work?
Use option 43 in your DHCP scope to tell the AP the IP address of the WLC.
How does the DNS Discovery method for an AP to learn about a Controller work?
AP makes a DNS request for the DNS name of CISCO-CAPWAP-CONTROLLER.
If the AP learns about multiple controllers, what is the order in which they will connect?
They will connect to the configured WLCs first:
Primary
Secondary
Tertiary
If none are configured then they will connect to the Master Controller if there is one.
If no Master Controllers then they will connect to the least utilized controller based on percentage of APs registered.
What protocol, port and stream does the AP use to Join the WLC? Is that traffic encrypted by default?
Uses DTLS which is UDP port 5246 over the Control stream. This is encrypted traffic.
What port and stream does the AP use to communicate client data traffic to the WLC? Is that traffic encrypted by default?
Uses UDP port 5247 over the Data stream. This is not encrypted traffic by default.
What does DTLS stand for?
Datagram Transport Layer Security
What is the Heartbeat (keepalive messages) between the AP and the WLC used for and how often are they sent?
Every 30 seconds there is a keepalive message sent on the Control channel between the AP and the WLC to make sure the WLC is still there. If it isn’t then the AP will connect to its secondary controller, if configured.
What Channel is the does the AP use to get its code and config from the WLC?
The Control Channel
What are the 8 available AP modes?
- Local
- FlexConnect (H-REAP)
- Monitor
- Rogue Detector
- Sniffer
- Bridge
- SE-Connect (Spectrum Expert)
- OEAP (Office Extend AP)
What does the AP Local mode do?
Provides data access for clients and also scans all other channels every 180 seconds by default and feeds the information back to the WLC.
Where do you set the scan interval for AP Local mode?
Wireless > 802.11b/g/n > General > Channel Scan Interval
What is the AP Rogue Detector mode used for?
Acts as a collection point. It looks to see if any of the APs it sees as being rogue is not only in the Wireless space but also in the Wired space generate an alert.
What is AP Bridge mode used for?
For Mesh networks. Mesh AP is sometimes referred to as MAP.
What is AP SE-Connect mode used for?
Collect information that can be given to a computer program called Spectrum Expert to really get into the details of the RF space where the AP was placed.
What is AP OEAP mode used for?
Office Extend AP
Wireless extension of the corporate office for remote teleworkers.
AP “phones home” over the internet to the controller and has a wireless SSID for the remote teleworker. This is tunneled over the internet so remote worker has access to corporate resources.
What is AP FlexConnect mode used for?
Usually deployed at a remote office across a WAN, the AP can make decisions on authentication and frame forwarding locally without sending it back to the controller. This is the new term for H-REAP.
What is AP Monitor mode used for?
Same as local mode except it does not pass client data. Can be used for IPS or to troubleshoot.
What is AP Sniffer mode used for?
Redirects frames to a management PC or Server for troubleshooting and analysis.
What are the 6 basic requirements for roaming?
- All APs must be talking same language (CAPWAP) back to the controllers.
- All WLCs must be using the same Mobility Group Name also known as the Mobility Domain. (This may not always be the case)
- All WLCs must have the same virtual IP address
- All WLCs must be “Compatible” and have compatible software to support Mobility Groups. They do not have to be the same model.
- All WLCs must be configured to be aware of one another.
- All WLCs must share the same SSID
What is layer 2 roaming?
When a client migrates from one AP to another AP when both APs are associated to the same WLC or even if the APs are associated to different WLCs but both WLCs are on the same subnet.
What is layer 3 roaming?
When a client migrates from one AP associated to one controller on one subnet to another AP associated to a different controller on a different subnet.
What is the name of the original WLC that the client was associated to when roaming?
Anchor
What is the name of the new WLC that the client is now associated to after roaming?
Foreign
What is Asymmetric routing in wireless?
When the path to the destination is different than the path back from the destination.
What is Symmetric routing in wireless?
When the path to the destination is the same as the path back from the destination.
Describe the path a PC would take to get to a server when Asymmetric routing is being used with wireless roaming.
Traffic to:
PC goes to AP2
AP2 goes to WLC2 (Foreign)
WLC2 (Foreign) goes to Server
Traffic back: Server goes to WLC1 (Anchor) WLC1 (Anchor) goes to WLC2 (Foreign) WLC2 (Foreign) goes to AP2 AP2 goes to PC
Describe the path a PC would take to get to a server when Symmetric routing is being used with wireless roaming?
Traffic to: PC goes to AP2 AP2 goes to WLC2 (Foreign) WLC2 (Foreign) goes to WLC1 (Anchor) WLC1 (Anchor) goes to Server
Traffic back: Server goes to WLC1 (Anchor) WLC1 (Anchor) goes to WLC2 (Foreign) WLC2 (Foreign) goes to AP2 AP2 goes to PC
What is a Mobility Anchor?
A Mobility Anchor is planned ahead of time unlike a normal Anchor used in Roaming.
It is used to assign a specific function for a WLAN.
If a PC is associated to the Guest SSID on AP 3 which is managed by WLC 3 and WLC 1 is configured as the Mobility Anchor for the Guest SSID, and that client needs to communicate over the network, what path will that traffic take?
That traffic will be received initially by AP3 and then be sent to WLC 3 which will then be tunneled over to WLC 1 since WLC 1 is the Mobility Anchor and then WLC 1 will make the decision from there on what to do with the traffic.
What is Static Address Tunneling?
When a client has a static address and tries to associate with an AP managed by a WLC that does not have the PC’s VLAN/subnet associated to it then the WLC will communicated to other WLCs in its Mobility Group to see if they are aware of that subnet and if so, it will associate the client.
What are the two modes APs can operate in?
- Autonomous
2. Lightweight
How can you tell if an image is for a Lightweight or an Autonomous AP?
The Lightweight file name contains k9w8
The Autonomous file name contains k9w7
What type of image is it if it contains k9w7
Autonomous
What type of image is it if it contains k9w8
Lightweight
What do you name the Lightweight image if you are converting from autonomous to lightweight?
platform-k9w7-tar.default
Substitute the word platform with the actual model of the AP you are converting. For example, C1130-k9w7-tar.default
What is the default IP of an AP that you pressed the mode button on?
10.0.0.1
What are the 3 different basic authentication methods?
- Know - Something we know (Like a username, PIN or Password)
- Has - Something we have (a physical object like an ATM card)
- Are - Something we are (like DNA, blood sample or fingerprint)
What is Multi-factor authentication?
It is when something uses two or more methods of authentication such as Know (like a PIN) and Has (like an ATM card)
What is encryption?
A method of hiding the contents, or scrambling the contents, of the data so that any unauthorized person, when they see it, it’ll just be cypher text and they won’t be able to read it.
What are two general types of algorithms used in cryptography?
- Symmetrical algorithm means that we use the same keys on both sides (Tx and Rx). Example is 3DES and AES.
- Asymmetrical algorithm uses a key pair. One key to encrypt and a different key to decrypt. Public key is given out to anyone. Private key is kept secure. This is more secure than Symmetrical but requires much more CPU to do.
What is a PSK and what does it stand for?
Pre-shared Key
Can be used for authentication and/or encryption.
Not good to use in corporate environments.
What is WEP and what does it stand for?
Wired Equivalent Privacy
Can be used for authentication and encryption.
Uses a pre-shared key
Very easy to crack but better than nothing.
What does AAA stand for?
Authentication
Authorization
Accounting
What can you use to do MAC filtering for a group of WLCs without adding the MACs to each WLC?
Use an AAA server such as Cisco ACS to perform that checking.
What are the 3 main components (players) in 802.1X?
- Supplicant
- Authenticator
- Authentication Server
What is a Supplicant in 802.1X?
Device that is supplying the credentials to the AP (such as a PC)
What is an Authenticator in 802.1X?
Device that is asking for the credentials (such as an AP)
What is an Authentication Server in 802.1X?
A centralized server that can be used for validating individuals based on a set of credentials (AAA Server)
What are two types of Cisco AAA servers?
- Cisco ACS (Access Control Server)
2. Cisco ISE (Identity Services Engine)
What is the protocol that is used between the AP and the AAA server called?
RADIUS
What is the general flow for authentication in 802.1X?
- PC (Supplicant) tries to connect
- AP (Authenticator) requests credentials
- Supplicant provides credentials
- Authenticator says wait, need to verify and passes those credentials to AAA server via RADIUS
- AAA server says yes or no. If yes then client is connected using a temporary key created just for that session only.
What is EAP and what does it stand for?
Extensible Authentication Protocol
A framework for providing that authentication in an 802.1x environment.
What are the 4 different types of EAP?
- LEAP (Lightweight EAP)
- EAP-FAST (EAP Flexible Authentication via Secure Tunneling)
- PEAP (Protected EAP)
- EAP-TLS (EAP Transport Layer Security)
What two types of EAP use certificates?
PEAP
EAP-TLS
What is LEAP and what does it stand for?
Lightweight Extensible Authentication Profile
Does mutual authentication between the Supplicant and the AAA server. Both will validate each other.
Does not require a certificate.
What is EAP-FAST and what does it stand for?
Extensible Authentication Profile Flexible Authentication via Secure Tunneling
Does mutual authentication between the Supplicant and the AAA Server via a secure tunnel between the Supplicant and the AAA.
Uses PAC for additional security.
Does not require a certificate.
What is PAC and what does it stand for?
Protected Access Credentials
Used in EAP-FAST for extra security.
What is PEAP and what does it stand for?
Protected Extensible Authentication Profile
Requires a digital certificate on the AAA server
Supplicant uses a username and password to connect.
What is EAP-TLS and what does it stand for?
Extensible Authentication Profile Transport Layer Security
Requires digital certificate on the AAA server and on the Supplicant
What does PKI stand for and when is it used?
Public Key Infrastructure
Used when dealing with certificates
What protocol and port does RADIUS use by default?
UDP Port 1812
What are 3 different Encryption keys?
WEP
WPA
WPA2/802.11i
What is WPA and what does it stand for?
WiFi Protected Access
Uses TKIP and an Initialization Vector
Can optionally use AES.
What is WPA2 and what does it stand for?
WiFi Protected Access version 2
Uses AES and CCMP
What is AES and what does it stand for?
Advanced Encryption Standard
It is a symmetrical encryption algorithm.
What is TKIP and what does it stand for?
Temporal Key Integrity Protocol
Used in WPA Encryption.
What is CCMP and what does it stand for?
Counter Cypher Mode Protocol
Used in WPA2/802.11i, it improves the encryption and confidentiality of the encryption being done.
What is the difference between WPA Enterprise VS WPA Personal?
Personal uses a PSK configured on the client and AP. No AAA server.
Enterprise uses a AAA server and is the best option for an Enterprise environment
What is PMK and what does it stand for?
Pairwise Master Key
Sometimes called a Session Key.
AAA Server gives out this key after authenticating a client and uses it for the duration of that session.
What is PTK and what does it stand for?
Pairwise Transient Key
Generated by doing a 4 way handshake between the client and the AP after that PMK has been generated by the AAA server.
Once created it can be divided up (called Keying Material) so it can be used for various functions
Describe the overall Encryption process?
- The AAA server successfully authenticates Bob
- The AAA server assigns Bob a pairwise master key (PMK) that’s kept in memory on Bob and the access point.
- The access point and Bob have a four-way handshake to negotiate a pairwise transient key (PTK) from which they can go ahead and subdivide that further and then start using that keying material for their encryption and data integrity checking functions. Traffic is then encrypted between the client and the access point.
What are some likely options for Encryption in a production environment and which is the best?
WPA2 + AES (Best)
WPA + AES
WPA + TKIP + AES
WPA + TKIP
You can make a change by default to the controller while connected to an AP that is management by that controller? T/F
False. The WLC will try to stop you from making any changes that could potentially prevent you from connecting unless you change the default behavior.
What is a WCS and what does it stand for?
Wireless Control System
Allows you to manage multiple WLCs
What are the 3 license levels for WCS?
- Base
- Plus
- Enterprise Plus
What does the Plus license for WCS give you?
High availability
M.S.E. (Mobility Services Engine)
What does the Enterprise Plus license of the WCS give you?
Navigator which allows you to manage multiple WCS’s
What is the highest amount of APs you could manage with the WCS Enterprise Plus License
30,000
What operating systems does WCS run on?
Windows 2003
Specific Red Hat Linux
What are the 3 alarm status and what colors are associated to each?
Critical - Red
Major - Orange
Minor - Yellow
Where can you go in WCS to see Rogue APs?
Security Tab
Where do you go to add a WLC in WCS?
Configure > Controller
What remote access methods are available on a WLC by default?
SSH
Telnet is disabled by default
What is a heat map?
Represents the signal strength for an AP
What are the major colors in a heat map?
Red is the strongest
Blue is the weakest
No color (white) means there is no signal
What does the top half of the circle represent when viewing an AP icon in WCS?
Status of the A (5 GHz) radio
What does the bottom half of the circle represent when viewing an AP icon in WCS?
Status of the B/G (2.4 GHz) radio
If an AP was having a critical alarm for the A Radio and the B/G radio was fine, what would the icon look like in WCS?
Top half would be red, bottom half would be green, Red Arrow on the right side.
If an AP was having a critical alarm for the A Radio and the B/G radio was turned off, what would the icon look like in WCS?
Top half would be red, bottom half would have an X in it, Red Arrow on the right side.
Where do you go in WCS to work with Maps?
Monitor > Maps
What is the 3 step approach to troubleshooting a wireless infrastructure?
- Verify WLC
- Verify AP
- Verify Clients
How can you connect to a WLC by default?
Console and then SSH or HTTPS
What is the command on the WLC to see what has been done through the initial set up script at the command line, as well as all of the changes through the GUI
show running-config commands
What is the command on the WLC to see the arp cache
show arp switch
What command can you use on the WLC to verify the data plane for a mobility group?
eping
What command can you use on the WLC to verify the control plane for a mobility group?
mping
What command on a WLC shows you APs and their connectivity?
show ap summary
What command on a WLC gives you an overview of join requests and if the AP is joined or not?
show ap join stats summary all
What command on a WLC allows you to troubleshoot the connectivity between the AP and WLC?
debug capwap
How do you disable all debugs on a WLC?
debug disable-all
What command on a WLC shows what clients are connected?
show client summary all
What is a MIC?
Manufacturer Installed Certificate
What is MFP?
Management Frame Protection
Helps validate management frames inside of 802.11 by adding a message integrity check to management frames so they cannot be replayed by a rogue device.
What are the different levels of syslog severities (Number and Name)?
7 - Debug 6 - Informational 5 - Notification 4 - Warning 3 - Error 2 - Alert 1 - Critical 0 - Emergency
Where do you find a crash log for a WLC?
Management > Tech Support > Controller Crash
What is a Rogue AP?
An access point is some access point that is not recognized by one of our controllers
How do you see what APs are Rogue in a WLC?
Click on Monitor and click on Detail under Rogue Summary
What are the different classifications you can classify a Rogue AP as and what is the default?
Friendly
Malicious
Unclassified (default)
Custom
Can you undo setting a Rogue AP to Malicious?
Not really. You’d have to delete and let it be rediscovered. You can’t just pick a different category from the drop down.
What action can you take against a Rogue AP?
Receive alerts or contain
What does the Contain action do to Rogue APs?
Causes neighbor APs to get on the same channel as the Rogue device and send deauth messages to clients which would cause them to disassociate or be unable to connect.
How many APs can you configure to Contain a rogue AP?
Up to 4
What is the default action for a WLC regarding a Rogue AP?
Alert
What is RRM?
Radio Resource Management
Does dynamic channel assignment by automatically picking channels where there is no other interference or moving to a different channel when interference is detected.
What is AQI?
Air Quality Index
Refers to the clean air regarding radio frequency and wireless local area networks.
What is the scale for AQI?
1 to 100
1 is worst
100 is the best
If an AP detects interference as part of Clean Air, how is it rated?
1 to 100
1 is the least interference (best)
100 is the most (worst)
What are the sensitivity levels you can set for clean air and their associated AQI?
High - 60
Medium - 50
Low - 35
What is WIPS?
WLAN Intrusion Prevention System
What do you need to enable WIPS?
License
APs that support it configured for the correct mode
What are at least 2 AP modes that support WIPS?
Local
Monitor
Probably FlexConnect
What are at least 2 AP modes that do not support WIPS?
Rogue Detect
Sniffer
What are the modules in the AnyConnect Client?
VPN NAM (Network Access Manager) Diagnostic AnyConnect Reporting Tool (DART) Posturing Telemetry Web Security
How do you see additional info about a wireless network on a MAC?
Hold down the option key while clicking on the network.
How do you know if you are connecting to a secured network on a MAC?
There will be a little lock icon next to the wireless network.
How do you know if you are connecting to an unsecured network on a MAC?
There won’t be a little lock icon next to the wireless network.
How do you know if you are connecting to a secured network on a PC?
There won’t be a little yellow shield icon next to the wireless network.
How do you know if you are connecting to an unsecured network on a PC?
There will be a little yellow shield icon next to the wireless network.
What does WPA2 Personal use for security?
AES/CCMP and a Pre-Shared Key
What does WPA2 Enterprise use for security?
Authentication against a AAA server.
To avoid interference problems, how much greater should your transmitter’s signal be above all of the others at least?
+ 20 dBm
Cisco recommends a separation of at least 19 dBm, so your signal needs to be at least + 20 dBm greater.
What is the first Fresnel zone?
The area around a signal path that should be kept clear of any obstructions.
The first Fresnel zone is an elliptical area along the length of a signal path that should be kept free of obstructions . When an object extends into a significant portion of the Fresnel zone, the signal can be diffracted and distorted.
What is Beamwidth?
The angle measured between the two points on a radiation pattern plot that are 3 dB below the maximum.
What is the orientation of an electromagnetic wave with respect to the horizon called?
Polarization
What type of antenna would have the highest gain?
Parabolic Dish because it focuses the RF energy into a tight beam.
What are two characteristics of an omnidirectional antenna?
- Has a large Beamwidth because it needs to cover a large area.
- Has small gain, again because it needs to cover a large area.
What type of antennas are used in certain Cisco wireless access point models where the antennas are hidden inside the case?
Omnidirectional
How many address fields does an 802.11 frame contain and what are their purposes?
4
Address1 - Receiver Address (RA) - Layer 2 MAC address of the radio receiver.
Address2 - Transmitter Address (TA) - Layer 2 MAC address of the device who put the frame into radio frequency and put it in the air.
Address3 - Destination Address (DA) - Layer 2 MAC address of the destination device where the frame needs to get to.
Address4 - Source Address (SA) - Layer 2 MAC address of the device initiating the frame (does not come into play unless a frame is being transported from one AP to another AP across a wireless link.)
What is NAV?
Network Allocation Vector
Timer that is used to predict when the channel will become free.
What are the default credentials to log into an AP?
Username Cisco
Password Cisco
