Question 1

Unlike WEP the PSK is not used for encryption but instead serves as the starting point (____) for mathematically generating the encryption keys.&#10;A) seed&#10;B) per-packet key&#10;C) MIC&#10;D) CRC

Accepted Answer

PSK stands for Pre-Shared Key, which is used for authentication. Unlike WEP, which directly uses the shared key as an encryption key, PSK serves as the seed for generating encryption keys using mathematical functions. Therefore, the correct choice is A, i.e., seed. Choices B, C, and D are not correct in this context.

Question 2

It is recommended that AES encryption and decryption be performed in hardware because of the computationally intensive nature of AES.

Accepted Answer

AES encryption and decryption involves multiple rounds of complex mathematical computations, which can be time-consuming and resource-intensive when performed in software. Therefore, performing AES operations in specialized hardware can significantly improve performance and security.

Question 3

AES is designed to be an encryption technique that is secure from attacks.

Accepted Answer

AES (Advanced Encryption Standard) is designed to be secure from attacks and is widely used for encryption of sensitive data. It has gone through rigorous testing and analysis by cryptographers and is considered to be a robust and secure encryption technique.

Question 4

In the WPA personal security model, the wireless device has two keys, a 128-bit encryption key called the ____ key and a 64-bit MIC.&#10;A) per-packet&#10;B) temporal&#10;C) CRC&#10;D) TKIP

Accepted Answer

The WPA personal security model uses a 128-bit encryption key known as the Temporal Key. This key is part of the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys to prevent unauthorized access and ensure data integrity.

Question 5

IEEE 802.11i authentication and key management is accomplished by the IEEE ____ standard.&#10;A) 802.1a&#10;B) 802.1g&#10;C) 802.1x&#10;D) 802.1z

Accepted Answer

IEEE 802.11i authentication and key management is accomplished by the IEEE 802.1x standard.

Question 6

IEEE 802.11i includes ____, which stores information from a device on the network so if a user roams away from an AP and later returns,he does not need to re-enter all of the credentials.&#10;A) pre-authentication&#10;B) port security&#10;C) MIC&#10;D) key-caching

Accepted Answer

IEEE 802.11i includes key-caching, which is a feature that stores information from a device on the network so if a user roams away from an AP and later returns, he does not need to re-enter all of the credentials. This improves the user experience and reduces the amount of time needed for authentication and connection re-establishment. Options A, B, and C are also part of IEEE 802.11i, but they do not provide the functionality described in the question.

Question 7

PSK keys are automatically authenticated between devices after a specified period known as the ____.&#10;A) MIC interval&#10;B) IV interval&#10;C) rekey interval&#10;D) CRC interval

Accepted Answer

PSK keys are rekeyed periodically to ensure security. The rekey interval is the specified period when a new PSK is automatically generated and used for authentication between devices. This helps to mitigate the risk of compromised keys by refreshing them at regular intervals. Choices A, B, and D are not relevant to PSK authentication.

Question 8

Pre-authentication allows for faster roaming between access points.

Accepted Answer

Pre-authentication involves the process of authenticating with a new access point before actually switching to it. This allows for a faster switch and reduces the time it takes to re-authenticate with the new access point.

Question 9

PSK passphrases of fewer than 20 characters can be subject to ____ attacks.&#10;A) DDoS&#10;B) QoS&#10;C) offline dictionary&#10;D) DoS

Accepted Answer

Offline dictionary attacks involve trying predefined words from a dictionary or a list of commonly used passwords to crack a passphrase. Passphrases with fewer than 20 characters are vulnerable and can be easily cracked with these types of attacks. DDoS and DoS attacks are not related to passphrase cracking, and QoS (Quality of Service) is a mechanism to prioritize network traffic.

Question 10

An 802.1x ____ only job is to verify the authentication of devices.&#10;A) wireless gateway&#10;B) port security&#10;C) authentication server&#10;D) WNIC

Accepted Answer

An 802.1x authentication server's primary role is to verify the authentication of devices attempting to connect to a network. This process ensures that only authorized devices can access network resources, enhancing security.

Question 11

The ____ standard addresses the two weaknesses of wireless networks: encryption and authentication.&#10;A) 802.3&#10;B) 802.11i&#10;C) AES&#10;D) RC4

Accepted Answer

The answer of The ____ standard addresses the two weaknesses...

Question 12

When using the transitional security model, open system authentication should be used instead of shared key authentication.

Accepted Answer

The answer of When using the transitional security model, open...

Question 13

PSK keys are automatically changed (called ____).&#10;A) MIC&#10;B) key mixing&#10;C) IV sequence&#10;D) rekeying

Accepted Answer

The answer of PSK keys are automatically changed (called ____).&#10;A)...

Question 14

WPA replaces the Cyclic Redundancy Check (CRC) function in WEP with the ____.&#10;A) per-packet keys&#10;B) Message Integrity Check (MIC)&#10;C) TKIP check&#10;D) TKIP keys

Accepted Answer

The answer of WPA replaces the Cyclic Redundancy Check (CRC)...

Question 15

The ____ model is used as a &#34;bridge&#34; solution in situations where WPA or WPA2 security is not available.&#10;A) personal security&#10;B) enterprise security&#10;C) SOHO security&#10;D) transitional security

Accepted Answer

The answer of The ____ model is used as a...

Question 16

Encryption in 802.11i is accomplished by replacing the RC4 stream cipher algorithm with a ____.&#10;A) block cipher&#10;B) chain cipher&#10;C) text cipher&#10;D) CRC cipher

Accepted Answer

The answer of Encryption in 802.11i is accomplished by replacing...

Question 17

The ____ model is designed for single users or small office/home office (SOHO) settings of generally 10 or fewer wireless devices.&#10;A) enterprise security&#10;B) personal security&#10;C) transitional security&#10;D) temporal security

Accepted Answer

The answer of The ____ model is designed for single...

Question 18

WPA2 uses the Advanced Encryption Standard (AES) for data encryption but does not support IEEE 802.1x authentication or PSK technology.

Accepted Answer

The answer of WPA2 uses the Advanced Encryption Standard (AES)...

Question 19

____ prevents an unauthenticated device, either wired or wireless, from receiving any network traffic until its identity can be verified.&#10;A) AES&#10;B) RC4&#10;C) Block cipher&#10;D) Port security

Accepted Answer

The answer of ____ prevents an unauthenticated device, either wired...

Question 20

TKIP keys are known as ____ keys.&#10;A) per-packet&#10;B) CRC&#10;C) MIC&#10;D) MAC

Accepted Answer

The answer of TKIP keys are known as ____ keys.&#10;A)...

Question 21

In 802.1x, the supplicant sends the request to a(n) ____ that serves as an intermediary device.&#10;A) supplicant&#10;B) authenticator&#10;C) authentication server&#10;D) RADIUS

Accepted Answer

The answer of In 802.1x, the supplicant sends the request...

Question 22

AES performs three steps on every block (128 bits) of cleartext. Within the second step, multiple iterations (called ____________________) are performed depending on the key size.

Accepted Answer

The answer of AES performs three steps on every block...

Question 23

____ uses dynamic negotiation of authentication and encryption algorithms between access points and wireless devices.&#10;A) RSN&#10;B) WPA&#10;C) WPA2&#10;D) 802.1i

Accepted Answer

The answer of ____ uses dynamic negotiation of authentication and...

Question 24

In 802.1x, the ____ is the wireless device that requires secure network access.&#10;A) supplicant&#10;B) authenticator&#10;C) authentication server&#10;D) RADIUS

Accepted Answer

The answer of In 802.1x, the ____ is the wireless...

Question 25

The block cipher used in 802.11i is the ____________________.

Accepted Answer

The answer of The block cipher used in 802.11i is...

Question 26

What are some of the limitations of MAC address filtering?

Accepted Answer

The answer of What are some of the limitations of...

Question 27

The ____ in an 802.1x configuration stores the list of the names and credentials of authorized users to verify their authenticity.&#10;A) supplicant&#10;B) authenticator&#10;C) authentication server&#10;D) RADIUS

Accepted Answer

The answer of The ____ in an 802.1x configuration stores...

Question 28

Briefly describe the history of AES.

Accepted Answer

The answer of Briefly describe the history of AES....

Question 29

The original PSK passphrase is mathematically manipulated (known as ____________________) 4,096 times before it is transmitted.

Accepted Answer

The answer of The original PSK passphrase is mathematically manipulated...

Question 30

What are the benefits of limiting the maximum number of DHCP users?

Accepted Answer

The answer of What are the benefits of limiting the...

Question 31

When should you use the transitional security model?

Accepted Answer

The answer of When should you use the transitional security...

Question 32

PSK requires that a key (also called a(n) ____) be entered in both the access point and the wireless devices.&#10;A) shared secret&#10;B) MIC key&#10;C) mixed key&#10;D) interval key

Accepted Answer

The answer of PSK requires that a key (also called...

Question 33

What are the steps involved in the 802.1x authentication procedure?

Accepted Answer

The answer of What are the steps involved in the...

Question 34

WPA replaces WEP with an encryption technology called ____________________.

Accepted Answer

The answer of WPA replaces WEP with an encryption technology...

Question 35

WPA authentication can be accomplished by using either IEEE 802.1x or ____________________ technology.

Accepted Answer

The answer of WPA authentication can be accomplished by using...

Question 36

What are the main characteristics of the Temporal Key Integrity Protocol (TKIP)?

Accepted Answer

The answer of What are the main characteristics of the...

Question 37

What are some of the PSK key management weaknesses?

Accepted Answer

The answer of What are some of the PSK key...

Question 38

What are some of the reasons why turning off SSID beaconing provides a limited degree of security?

Accepted Answer

The answer of What are some of the reasons why...

Question 39

The most robust level of security that can be achieved today for wireless LANs is using the ____ model.&#10;A) personal security&#10;B) transitional security&#10;C) temporal security&#10;D) enterprise security

Accepted Answer

The answer of The most robust level of security that...

Question 40

What are the TKIP major components?

Accepted Answer

The answer of What are the TKIP major components?...

Question 41

How do TKIP and MIC perform encryption in the WPA personal security model?

Accepted Answer

The answer of How do TKIP and MIC perform encryption...

Question 42

Match between columns&#10;                        Premises: allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;allows a company to maintain user profiles in a central database that all remote servers can share.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;subset of 802.11i that addresses both encryption and authentication.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;allows a device to become authenticated to an AP before moving into range of the AP.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;second generation of WPA security.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;encryption protocol in the 802.11i standard.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;&#34;leases&#34; IP addresses to clients to use while they are connected to the network.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;manipulates an entire block of text at one time.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;intended for settings in which an authentication server is unavailable.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.&#10;designed for medium to large-sized organizations such as businesses, government agencies, and universities.

Accepted Answer

The Answer of Pre-authentication and Personal security model and AES-CCMP is...

Deck 5: Wireless Security Models