Question 1

A ____ attack takes each word from a dictionary and encodes it in the same way the passphrase was encoded.&#10;A) social engineering&#10;B) brute force&#10;C) dictionary&#10;D) birthday

Accepted Answer

The given description matches the method of a dictionary attack. In this type of attack, the attacker uses a pre-compiled list of words (usually from a dictionary) and tries each of them, encoded in the same way as the password, until a match is found. This attack is successful if the password is weak and can be found in the dictionary list.

Question 2

In WEP, the ____ is a 24-bit value that changes each time a packet is encrypted.&#10;A) initialization vector (IV)&#10;B) pseudo-random number generator (PRNG)&#10;C) integrity check value (ICV)&#10;D) RC4

Accepted Answer

The initialization vector (IV) in WEP is a random 24-bit value that is concatenated with a 40-bit secret key to create a 64-bit key for encrypting each packet. The IV changes for each packet, making it more difficult for attackers to crack the encryption. However, WEP is now considered insecure and should not be used in modern network security.

Question 3

The SSID can be easily discovered even when it is not contained in beacon frames.

Accepted Answer

The SSID can be easily discovered through various passive and active scanning techniques, such as probing and sniffing, even without it being included in beacon frames. Therefore, the statement is true.

Question 4

At regular intervals (normally every 100 ms) an AP sends a(n) ____ to announce its presence and to provide the necessary information for other devices that want to join the network.&#10;A) association request frame&#10;B) CRC&#10;C) ICV&#10;D) beacon frame

Accepted Answer

A beacon frame is sent regularly by an access point to announce its presence and provide information for devices that want to join the network. It includes information such as the SSID (service set identifier), supported data rates, and security capabilities. Other options (A, B, C) are not relevant to the task of announcing an AP's presence.

Question 5

Deploying dynamic WEP is a very expensive solution that involves a lot of effort.

Accepted Answer

Dynamic WEP, while having its limitations in terms of security, does not involve a significantly higher cost or effort to deploy compared to static WEP. The main difference lies in how keys are generated and distributed, not in the infrastructure.

Question 6

A stream cipher takes one character and replaces it with another character. This output is known as the ____.&#10;A) initialization vector&#10;B) integrity check value&#10;C) cyclic redundancy check&#10;D) keystream

Accepted Answer

The output of a stream cipher is known as the keystream, which is produced by encrypting a stream of characters with a secret key. The keystream is then combined with the plaintext to produce the ciphertext. The other options (A, B, and C) are types of security measures but do not represent the output of a stream cipher.

Question 7

With ____ scanning a wireless device simply listens for a beacon frame for a set period of time.&#10;A) active&#10;B) passive&#10;C) interactive&#10;D) moving

Accepted Answer

Passive scanning is when a wireless device listens for beacon frames without actively transmitting any signals. The device waits for a set period of time to capture any nearby access points transmitting beacon frames. Active scanning involves the wireless device actively transmitting probe requests and waiting for a response, while interactive scanning involves a combination of listening for beacon frames and transmitting probe requests. Moving scanning refers to scanning while on the move, which is not relevant to the given scenario.

Question 8

Wired equivalent privacy (WEP) is intended to guard one of the three CIA characteristics of information, namely ____.&#10;A) confidentiality&#10;B) integrity&#10;C) availability&#10;D) non-repudiation

Accepted Answer

Wired equivalent privacy (WEP) is designed to provide confidentiality for wireless local area networks (WLANs).

Question 9

In a ____ attack, an attacker attempts to create every possible key combination by using a program to systematically change one character at a time.&#10;A) social engineering&#10;B) brute force&#10;C) dictionary&#10;D) birthday

Accepted Answer

This type of attack is known as a brute force attack, where the attacker attempts to crack a cryptographic key by trying every possible combination until they find the correct one. It can be very time-consuming and resource-intensive, but it is sometimes the only way to gain access to a system or device that is otherwise secure. Social engineering involves manipulating people into divulging sensitive information, dictionary attacks use a pre-made list of common passwords, and birthday attacks exploit weaknesses in cryptographic hash functions.

Question 10

____ requires the wireless device (and not the user) to be authenticated prior to being connected to the network.&#10;A) SSID&#10;B) Wireless authentication&#10;C) Wired confidentiality&#10;D) Wireless availability

Accepted Answer

Wireless authentication is the process of verifying the identity of a wireless device before granting access to the network. This ensures that only authorized devices are connected, increasing the security of the network. SSID is the network name, Wired confidentiality is the security of the wired network, and Wireless availability refers to the ability to connect to a wireless network, but does not involve authentication.

Question 11

WEP relies on a secret key shared between a wireless client device and the access point.

Accepted Answer

The answer of WEP relies on a secret key shared...

Question 12

In ____, a shared secret key is used to encrypt the cleartext as well as decrypt the ciphertext.&#10;A) public key cryptography&#10;B) asymmetric encryption&#10;C) asymmetric cryptography&#10;D) private key cryptography

Accepted Answer

The answer of In ____, a shared secret key is...

Question 13

To encrypt packets WEP can use only a 64-bit or ____-bit number.&#10;A) 72&#10;B) 90&#10;C) 110&#10;D) 128

Accepted Answer

The answer of To encrypt packets WEP can use only...

Question 14

Changing the original text to a secret message using cryptography is known as ____.&#10;A) ciphertext&#10;B) decryption&#10;C) encryption&#10;D) plaintext

Accepted Answer

The answer of Changing the original text to a secret...

Question 15

Access control is intended to guard the ____ of information by making it accessible only to authorized users.&#10;A) confidentiality&#10;B) availability&#10;C) integrity&#10;D) non-repudiation

Accepted Answer

The answer of Access control is intended to guard the...

Question 16

When WEP is used for shared key authentication it is serving a dual function of encryption and authentication.

Accepted Answer

The answer of When WEP is used for shared key...

Question 17

The APs can be positioned so that the cells overlap to facilitate movement between cells, known as ____.&#10;A) SSID broadcast&#10;B) handoff&#10;C) roaming&#10;D) scanning

Accepted Answer

The answer of The APs can be positioned so that...

Question 18

In WEP, the ____ is a cyclic redundancy check (CRC) value calculated with a checksum based on the contents of the text.&#10;A) initialization vector (IV)&#10;B) pseudo-random number generator (PRNG)&#10;C) integrity check value (ICV)&#10;D) RC4

Accepted Answer

The answer of In WEP, the ____ is a cyclic...

Question 19

Wireless access control through MAC address filtering is the same as access restrictions.

Accepted Answer

The answer of Wireless access control through MAC address filtering...

Question 20

A(n) ____ carries information about the data rates that a device can support along with the Service Set Identifier (SSID) of the network it wants to join.&#10;A) association request frame&#10;B) CRC&#10;C) PRNG&#10;D) ICV

Accepted Answer

The answer of A(n) ____ carries information about the data...

Question 21

Describe the main characteristics of the shared key authentication method.

Accepted Answer

The answer of Describe the main characteristics of the shared...

Question 22

What are some of the tools used to perform WEP attacks?

Accepted Answer

The answer of What are some of the tools used...

Question 23

____________________ is the science of transforming information so that it is secure while it is being transmitted or stored.

Accepted Answer

The answer of ____________________ is the science of transforming information...

Question 24

What is a MAC address?

Accepted Answer

The answer of What is a MAC address?...

Question 25

Describe the main characteristics of the open system authentication method.

Accepted Answer

The answer of Describe the main characteristics of the open...

Question 26

Briefly explain how WEP implementation violates the cardinal rule of cryptography: anything that creates a detectable pattern must be avoided.

Accepted Answer

The answer of Briefly explain how WEP implementation violates the...

Question 27

A(n) ____________________ acts as the central base station for the wireless network.

Accepted Answer

The answer of A(n) ____________________ acts as the central base...

Question 28

In WEP, RC4 uses a(n) ____________________ to create the keystream.

Accepted Answer

The answer of In WEP, RC4 uses a(n) ____________________ to...

Question 29

____ was developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of network users.&#10;A) Kerberos&#10;B) Dynamic WEP&#10;C) WEP2&#10;D) LDAP

Accepted Answer

The answer of ____ was developed by the Massachusetts Institute...

Question 30

The IEEE standard specifies that the access points and devices can hold up to four shared secret keys, one of which must be designated as the ____________________.

Accepted Answer

The answer of The IEEE standard specifies that the access...

Question 31

____ solves the weak initialization vector (IV) WEP problem by rotating the keys frequently.&#10;A) WEP2&#10;B) Dynamic WEP&#10;C) SSID&#10;D) Roaming

Accepted Answer

The answer of ____ solves the weak initialization vector (IV)...

Question 32

Briefly explain how turning off the beaconing of the SSID affects roaming in a wireless network environment.

Accepted Answer

The answer of Briefly explain how turning off the beaconing...

Question 33

WEP2 uses a different authentication system known as ____.&#10;A) RADIUS&#10;B) MS-CHAPS&#10;C) LDAP&#10;D) Kerberos

Accepted Answer

The answer of WEP2 uses a different authentication system known...

Question 34

Because of the weaknesses of the implementation of WEP it is possible for an attacker to identify two packets derived from the same IV (called a(n) ____).&#10;A) collision&#10;B) keystream&#10;C) ICV&#10;D) CRC vector

Accepted Answer

The answer of Because of the weaknesses of the implementation...

Question 35

What are the options for creating keys in WEP?

Accepted Answer

The answer of What are the options for creating keys...

Question 36

What was the criteria used by the IEEE 802.11 committee to design WEP?

Accepted Answer

The answer of What was the criteria used by the...

Question 37

____ traffic is traffic sent to all users on the network.&#10;A) Unicast&#10;B) Broadcast&#10;C) Singlecast&#10;D) Multicast

Accepted Answer

The answer of ____ traffic is traffic sent to all...

Question 38

____ traffic is traffic destined for only one address.&#10;A) Severalcast&#10;B) Multicast&#10;C) Unicast&#10;D) Broadcast

Accepted Answer

The answer of ____ traffic is traffic destined for only...

Question 39

A wireless device is set to look for beacon frames from the AP. This is known as ____________________.

Accepted Answer

The answer of A wireless device is set to look...

Question 40

What are the differences between Dynamic WEP unicast and broadcast keys?

Accepted Answer

The answer of What are the differences between Dynamic WEP...

Question 41

What are the main characteristics of Kerberos?

Accepted Answer

The answer of What are the main characteristics of Kerberos?...

Question 42

Match between columns&#10;                        Premises: adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;adds two new security enhancements to WEP.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;the &#34;network name&#34; for the wireless network.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;an encryption algorithm.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;stream cipher that accepts keys up to 128 bits in length.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;can limit a user's access to the Internet.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;tool to perform WEP attacks.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;looking over someone's shoulder.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of determining the keystream by analyzing two packets that were created from the same IV.&#10;method of restricting access to resources.&#10;method of restricting access to resources.&#10;method of restricting access to resources.&#10;method of restricting access to resources.&#10;method of restricting access to resources.&#10;method of restricting access to resources.&#10;method of restricting access to resources.&#10;method of restricting access to resources.&#10;method of restricting access to resources.

Accepted Answer

The Answer of SSID and RC4 and Cipher and AirSnort is...

Deck 2: Wireless LAN Vulnerabilities