NET 211 - Wireless Networking

Review for Third Test

The following questions are provided to help you study for the third test. Do not expect to see these exact questions on the test.

  1. Why is protecting a wireless LAN more challenging than protecting a wired LAN?

  2. What would make an AP an open AP?

  3. Rogue APs are a problem for many environments. What makes a rogue AP a security risk?

  4. Why is an evil twin exploit like a man in the middle attack?

  5. How is an active man in the middle attack different from a passive one?

  6. What are some aspects of Denial of Service attack that are unique to a wireless LAN?

  7. What should be our standard advice about using Wi-Fi connections in hotels and restaurants?

  8. In chapter 9, what does the author mean by "access control"? How does he suggest we implement it?

  9. What do the first three pairs of hex charactes in a MAC address tell us? What about the last three pairs?

  10. What is an implicit deny, with regard to a list of MAC addresses?

  11. In many WLANs, authentication is done by the open system. What does this require the user to do with a station?

  12. What encryption standard followed the two versions of WEP?

  13. In WPA2, what improvement was made to replace TKIP?

  14. What does PSK mean, with regard to WPA personal?

  15. What is a large difference between WPA personal and WPA enterprise?

  16. In a RADIUS system, what is a supplicant?  What is an authenticator?

  17. What is the basic difference between an intrusion detection system and an intrusion protection system?

  18. In a WIDS system, what kind of device is used as an integrated sensor?

  19. How would using a VPN system provide a level of security if it is used on our wired and wireless LANs?

  20. What is a common use most people may have seen of Secure Sockets Layer?

  21. What is secure shell used for? Why is it better than the classic terminal program?

  22. What is the purpose of a wireless probe, with respect to the end of chapter 10?

  23. What is the difference between a threat and a threat agent?

  24. What is the difference between a vulnerability and an exploit?

  25. What are some of the types of risk management discussed in the text? When would you choose to use one over another?

  26. All exploits by a social engineer involve some kind of pretense. What are some of the exploits mentioned in the text that are classic methods?

  27. What does dumpster diving have to do with attacking an information system?

  28. Relate the concepts of policies, standards, and practices (also called procedures) to each other.

  29. What are some of the components of a good acceptable use policy, as applied to a wireless environment?

  30. When should staff be trained about the security aspects of their jobs?

  31. Why do we care about physical security in a wireless environment?

  32. Why do we want to measure the noise floor in our operating environment?

  33. When would you expect to have your WLAN affected by narrowband interference?

  34. What is the difference between diffraction and deflection of an RF signal? What kind of weather causes each?

  35. What does the text recommend that we do about cochannel interference?