NET 211 - Wireless Networking
Review for Third Test
The following questions are provided to help you study for
the third test. Do not expect to see these exact questions on the test.
- Why is protecting a wireless LAN more challenging than protecting a wired LAN?
- What would make an AP an open AP?
- Rogue APs are a problem for many environments. What makes a rogue AP a security risk?
- Why is an evil twin exploit like a man in the middle attack?
- How is an active man in the middle attack different from a passive one?
- What are some aspects of Denial of Service attack that are unique to a wireless LAN?
- What should be our standard advice about using Wi-Fi connections in hotels and restaurants?
- In chapter 9, what does the author mean by "access control"? How does he suggest we implement it?
- What do the first three pairs of hex charactes in a MAC address tell us? What about the last three pairs?
- What is an implicit deny, with regard to a list of MAC addresses?
- In many WLANs, authentication is done by the open system. What does this require the user to do with a station?
- What encryption standard followed the two versions of WEP?
- In WPA2, what improvement was made to replace TKIP?
- What does PSK mean, with regard to WPA personal?
- What is a large difference between WPA personal and WPA enterprise?
- In a RADIUS system, what is a supplicant? What is an authenticator?
- What is the basic difference between an intrusion detection system
and an intrusion protection system?
- In a WIDS system, what kind of device is used as an integrated sensor?
- How would using a VPN system provide a level of security if it is used on our wired and wireless LANs?
- What is a common use most people may have seen of Secure Sockets Layer?
- What is secure shell used for? Why is it better than the classic terminal program?
- What is the purpose of a wireless probe, with respect to the end of chapter 10?
- What is the difference between a threat and a threat agent?
- What is the difference between a vulnerability and an exploit?
- What are some of the types of risk management discussed in the text? When would you choose to use one over another?
- All exploits by a social engineer involve some kind of
pretense. What are some of the exploits mentioned in the text that are
- What does dumpster diving have to do with attacking an information system?
- Relate the concepts of policies, standards, and practices (also called procedures) to each other.
- What are some of the components of a good acceptable use policy, as applied to a wireless environment?
- When should staff be trained about the security aspects of their jobs?
- Why do we care about physical security in a wireless environment?
- Why do we want to measure the noise floor in our operating environment?
- When would you expect to have your WLAN affected by narrowband interference?
- What is the difference between diffraction and deflection of an RF signal? What kind of weather causes each?
- What does the text recommend that we do about cochannel interference?