Review Questions Chapter 4.6 Wireless Security

MIS 4850 Systems Security

Review Questions | Chapter 4.6 Wireless Security

Student Name: __________________________________________

Chapter 4: Wireless Security (p.220-240)

1) Drive-by hacking is found when a company uses _____.

A) Parking garages with poor automated access control

B) WLANs

C) Both of the above.

D) Neither a. nor b.

2) The main family of WLAN standards in business is _____.

A) 802.1

B) 802.3

C) 802.5

D) 802.11

E) Bluetooth

3) SSIDs provide reasonable security when they are turned on.

a) TRUE b) FALSE

4) All access points in a Wireless LAN must have the same SSID.

a) TRUE b) FALSE

5) Eavesdropping usually is more of a concern for ________ LANs than for ________ LANs.

A) wired, wireless

B) wireless, wired

C) about an equal concern for wired and wireless LANs

D) None of the above

6. Wireless 802.11 networks generally have a range of ________.

A) 5 to 10 meters

B) 10 to 30 meters

C) 15 to 45 meters

D) None of the above

7. Which of the following is an example of a wireless attack?

A) unauthorized network access

B) man-in-the-middle attack using an evil twin

C) wireless DOS attacks

D) All of the above

8. The most common attack against a wireless network is a wireless DoS attack.

a) TRUE b) FALSE

9. The most common attack against a wireless network is a(n) ________.

A) man-in-the-middle attack using an evil twin

B) wireless DOS attacks

C) unauthorized network access

D) None of the above

10. Secure wireless networks can be legally accessed by anyone and are frequently posted as such.

a) TRUE b) FALSE

11. Open networks can be legally accessed by anyone and are frequently posted as such.

a) TRUE b) FALSE

12. Rogue access points are authorized access points set up by individuals or departments.

a) TRUE b) FALSE

13. Rogue access points are unauthorized access points set up by individuals or departments.

a) TRUE b) FALSE

14. By giving unauthorized users access to a local WLAN means that they are on the local network.

a) TRUE b) FALSE

15. After gaining wireless access to the private network, the attacker can ________.

A) cause harm to internal clients

B) steal data

C) launch external attacks

D) All of the above

16. In a man-in-the-middle attack, an evil twin sends its own attacks, impersonating the victim.

a) TRUE b) FALSE

17. In a man-in-the-middle attack, ________.

A) an evil twin must have a stronger signal than the legitimate AP

B) an evil twin sends its own attacks, impersonating the victim

C) Both A and B

D) Neither A nor B

18. Evil twin access point attacks are most common in ________.

A) secure WLANs

B) public hotspots

C) wired connected networks

D) None of the above

19. WLAN DoS attacks are designed to affect the ________ of the network.

A) confidentiality

B) integrity

C) availability

D) authentication

20. The original 802.11 core security protocol, ________, was deeply flawed.

A) 802.11i

B) WPA

C) WEP

D) None of the above. The original core protocol was NOT deeply flawed.

21. WEP stands for ________.

A) wireless equivalent privacy

B) wireless equivalent policy

C) wired equivalent privacy

D) wired equivalent policy

22. WEP typically takes ________ to crack today.

A) minutes

B) hours

C) days

D) weeks

23. WEP encrypts each frame with a per-frame key that consists of the shared RC4 key plus a 24-bit initialization vector that is different for each frame.

a) TRUE b) FALSE

24. What mistake did the 802.11i Working Group make when creating IVs?

A) transmitting IVs in the clear

B) making the IV too short

C) Both A and B

D) Neither A nor B

25. Attackers can exploit WEPs weaknesses by ________.

A) using WEP cracking software

B) reading two messages encrypted with the same key

C) Both A and B

D) Neither A nor B

26. In a large organization, WEP rekeying is inexpensive.

a) TRUE b) FALSE

27. Nearly all wireless access points can support 802.11i.

a) TRUE b) FALSE

28. The Wi-Fi Alliance calls 802.11i ________.

A) WPA

B) WPA2

C) WEP

D) None of the above

29. Pre-shared key mode was created for homes and small businesses with a single access point.

a) TRUE b) FALSE

30. 802.11i works in ________ mode.

A) pre-shared key

B) enterprise

C) Both A and B

D) Neither A nor B

31. An unauthorized access point set up by individuals or departments is called a(n) ________ access point.

A) rogue

B) evil twin

C) Both A and B

D) Neither A nor B

ReadingQuestionsCh4-6(WirelessSecurity).doc 3/4