Section 4.1

Question 1

What is an MDM?

Answer 1

A Mobile Device Manager (MDM) is used to control and manage many mobile devices especially to push out policies on apps, data, camera, authentication, etc. It also allows to push security updates.

Mostly used on company owned mobile devices.

Question 2

What is a Site Survey?

Answer 2

A site survey allows you to better understand how the wireless network performs. It identifies existing access points and access points that are outside of your control.

Question 3

What is a heat map?

Answer 3

A heat map identifies wireless signal strength.

Question 4

What is BYOD?

Answer 4

Bring Your Own Device (BYOD) means the employee owns the device but it needs to meet the company’s requirement to be in its network.

Question 5

What is COPE?

Answer 5

Corporate Owned Personally Enabled (COPE) means that the company buys and owns the device but it is configured to be used as both a corporate device and a personal device. This is similar to company owned laptops and desktops.

Question 6

What is CYOD?

Answer 6

Choose Your Own Device (CYOD) is similar to COPE but the user can choose the type of mobile device to use.

Question 7

What is MIC?

Answer 7

Message Integrity Check (MIC) is the verification of the integrity on all communication.

Question 8

What is SAE?

Answer 8

Simultaneous Authentication of Equals (SAE) (also known as the dragon fly handshake) is an authentication mode in which everyone uses a different session key even with the same PSK.

Question 9

What is PSK?

Answer 9

Pre Shared Key (PSK) is another way of saying a shared password. for example the home wifi password is a pre shared key since all users use the same password.

Question 10

What is Centralized Authentication (802.1X)?

Answer 10

802.1X Centralized Authentication is usually used in workplaces. This method asks for a username and password and sometimes MFA. This makes the authentication to the WiFi unique for all users.

Question 11

What Wireless Model do most home/personal wireless networks use?

Answer 11

WPA3-Personal / WPA3-PSK. This is a WPA2 or WPA3 with a pre shared key. Everyone uses the same shared key.

Question 12

What Wireless Model do most Enterprise networks use?

Answer 12

WPA3-Enterprise / WPA3-802.1X. This model authenticates users individually with an authentication server. (ex, RADIUS)

Question 13

What is AAA framework?

Answer 13

Authentication
- Prove you are who you say you are
Authorization
- Based on identification and authentication, what access do you have.
Accounting
- List of metrics with your logic session such as login time, data sent and received and logout time.

Question 14

What is RADIUS?

Answer 14

Remote Authentication Dial-In User Service (RADIUS) is one of the more common AAA protocols. It’s a centralized authentication protocol for users authenticating in a wide variety of platforms and devices.

Question 15

What is IEEE 802.1X?

Answer 15

This is a Network Access Control (NAC) that prevents anyone from accessing the network until they authenticate.

Question 16

What is EAP?

Answer 16

Extensible Authentication Protocol (EAP) is an authentication framework. It provides different ways to authenticate based on RFC Standards. EAP integrates with 802.1X to prevent access to the network until the authentication succeeds.

Question 17

What is fuzzing?

Answer 17

Fuzzing is the input of random data into an application input fields to see what the application will do.

Question 18

What are cookies?

Answer 18

Cookies are small bits of information stored on the computer by the browser and its used for tracking, personalization, and session management.

Question 19

What is SAST?

Answer 19

Static Application Security Testing (SAST) is a for of testing to find vulnerabilities in the code such as buffer overflows, data injections and more.