Chapter 8 Review Questions

1. Which technology is predominately used for contactless payment systems? A. near field communication (NFC) B. wireless local area network (WLAN) C. Bluetooth D. Radio Frequency ID (RFID)

2. Which of these Bluetooth attacks involves accessing unauthorized information through a Bluetooth connection? A. Bluesnarfing B. Bluejacking C. Bluecreeping D. Bluestealing

3. What is a difference between NFC and RFID? A. NFC is based on wireless technology while RFID is not. B. RFID is faster than NFC. C. RFID is designed for paper-based tags while NFC is not. D. NFC devices cannot pair as quickly as RFID devices.

4. Which of these technologies is NOT found in a wireless router? A. access point B. router C. dynamic host configuration protocol (DHCP) server D. firewall

5. Why is a rogue AP a security vulnerability? A. It uses the weaker IEEE 80211i protocol. B. It conflicts with other network firewalls and can cause them to become disabled. C. It allows an attacker to bypass network security configurations. D. It requires the use of vulnerable wireless probes on all mobile devices.

6. Which of these is NOT a risk when a home wireless router is not securely configured? A. Only a small percentage of the total traffic can be encrypted. B. An attacker can steal data from any folder with file sharing enabled. C. User names, passwords, credit card numbers, and other information sent over the WLAN could be captured by an attacker. D. Malware can be injected into a computer connected to the WLAN.

7. Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable? A. Push-Button method B. PIN method C. piconet method D. NFC method

8. Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to first agree to an Acceptable Use Policy (AUP) before continuing. What type of AP has he encountered? A. captive portal B. web-based portal C. rogue portal D. authenticated portal

9. Which of the following is NOT a wireless peripheral protection option? A. Update or replacing any vulnerable device B. Switch to a more fully tested Bluetooth model C. Install a network sensor to detect an attack D. Substitute a wired device

10. The primary design of a(n) _____ is to capture the transmissions from legitimate users. A. rogue access point B. WEP C. evil twin D. Bluetooth grabber

11. Which of these is a vulnerability of MAC address filtering? A. APs use IP addresses instead of MACs. B. The user must enter the MAC. C. MAC addresses are initially exchanged unencrypted. D. Not all operating systems support MACs.

12. Which of these is NOT a limitation of turning off the SSID broadcast from an AP? A. Turning off the SSID broadcast may prevent users from being able to freely roam from one AP coverage area to another. B. Some versions of operating systems favor a network that broadcasts an SSID over one that does not. C. Users can more easily roam from one WLAN to another. D. The SSID can easily be discovered, even when it is not contained in beacon frames, because it still is transmitted in other management frames sent by the AP.

13. What is the primary weakness of wired equivalent privacy (WEP)? A. It functions only on specific brands of APs. B. Its usage creates a detectable pattern. C. It slows down a WLAN from 104 Mbps to 16 Mbps. D. Initialization vectors (IVs) are difficult for users to manage.

14. WPA replaces WEP with _____. A. WPA2 B. Temporal Key Integrity Protocol (TKIP) C. Cyclic Redundancy Check (CRC) D. Message Integrity Check (MIC)

15. Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust? A. Frequency band B. Channel selection C. RFID spectrum D. Channel width

16. A wireless LAN controller (WLC) was recently installed, and now Kelsey needs to purchase several new APs to be managed by it. Which type of AP should he purchase? A. Controller AP B. Standalone AP C. Fat AP D. Any type of AP can be managed by a WLC.

17. AES-CCMP is the encryption protocol standard used in _____. A. WPA B. WPA2 C. IEEE 802.11 D. NFC

18. Elijah was asked by a student intern to explain the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP? A. It is the transport protocol used in TCP/IP for authentication B. It is a framework for transporting authentication protocols C. It is a subset of WPA2 D. It is a technology used by IEEE 802.11 for encryption

19. Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend? A. EAP-TLS B. EAP-TTLS C. EAP-SSL D. EAP-FAST

20. Which of these is NOT a type of wireless AP probe? A. wireless device probe B. WNIC probe C. dedicated probe D. AP probe