True/False
Indicate whether the
statement is true or false.
|
|
|
1.
|
Information security involves more than protecting the information
itself.
|
|
|
2.
|
WPA authentication can be accomplished by using either IEEE 802.1x or pre-shared
key (PSK) technology.
|
|
|
3.
|
Pre-shared key (PSK) authentication uses a passphrase that is automatically
generated to generate the encryption key.
|
|
|
4.
|
Wireless DoS attacks are exactly the same as wired DoS attacks.
|
|
|
5.
|
Cryptography is a new invention of the 20th Century.
|
|
|
6.
|
Employees pose only a small threat to networks.
|
|
|
7.
|
WEP2 attempted to overcome the limitations of WEP by adding two new security
enhancements.
|
|
|
8.
|
A virtual private network (VPN) uses a public, unsecured network as if it were a
private, secured network.
|
|
|
9.
|
The block cipher used in 802.11i is the Data Encryption Standard (DES).
|
|
|
10.
|
Open system authentication and shared key authentication are the only two types
of wireless authentication available under the 802.11 standard.
|
Multiple Choice
Identify the
choice that best completes the statement or answers the question.
|
|
|
11.
|
____ was initially founded by the U.S. Department of Defense and is now part of
the Software Engineering Institute at Carnegie Mellon University.
a. | Computer Emergency Response Team Coordination Center (CERT/CC) | b. | SysAdmin, Audit,
Network, Security (SANS) Institute | c. | InfraGard | d. | National Security
Institute (NSI) |
|
|
|
12.
|
MAC address filtering ____.
a. | is difficult to implement | c. | requires pre-approved
authentication | b. | is expensive | d. | does not work well |
|
|
|
13.
|
A ____ is not malicious but often seeks to expose security flaws.
a. | script kiddie | c. | cracker | b. | spy | d. | hacker |
|
|
|
14.
|
What feature of IEEE 802.11i allows a device to become authenticated to an AP
before moving to it?
a. | key caching | c. | pre-authentication | b. | port security | d. | message passing |
|
|
|
15.
|
____ is another name for open systems authentication.
a. | WEP | c. | Symmetric key encryption | b. | SSID filtering | d. | Public key
encryption |
|
|
|
16.
|
____ was designed to address WEP vulnerabilities with a minimum of
inconvenience.
a. | IEEE 802.11i | c. | dynamic WEP | b. | WPA | d. | TGi |
|
|
|
17.
|
The ____ method of encryption is used in a personal security model.
|
|
|
18.
|
When the recipient receives the encrypted text, it must be decrypted with the
cipher and the key to produce the original ____.
a. | ciphertext | c. | plaintext | b. | detext | d. | deciphertext |
|
|
|
19.
|
RC4 is a ____ cipher that accepts keys up to 128 bits in length.
a. | stream | c. | cyclic | b. | key | d. | logical |
|
|
|
20.
|
What authentication system did the proposed WEP2 standard use?
a. | key caching | c. | AES-CCMP | b. | Kerberos | d. | dynamic WEP |
|
|
|
21.
|
Which type of attacker typically has a high skill level?
a. | spy | c. | cracker | b. | hacker | d. | All of the
above |
|
|
|
22.
|
On wireless networks, ____ attacks are commonly done by attackers setting up a
“fake” access point.
a. | spoof | c. | man-in-the-middle | b. | weak key | d. | DoS |
|
|
|
23.
|
____ ensures that the information is correct and that no unauthorized person or
malicious software program has altered that data.
a. | Access control | c. | Integrity | b. | Availability | d. | Confidentiality |
|
|
|
24.
|
According to the IEEE 802.11 cryptography objectives, how strong should WEP
be?
a. | reasonably | c. | difficult | b. | extremely | d. | unbreakable |
|
|
|
25.
|
The ____ wireless security standard provides a low level of security.
a. | WEP2 | c. | WEP | b. | Dynamic WEP | d. | All of the
above |
|
|
|
26.
|
What disadvantage of wireless networks provides the biggest stumbling block to
the adoption of wireless technology?
a. | security | c. | cost | b. | speed | d. | complexity |
|
|
|
27.
|
Within Step 2 of Advanced Encryption Standard (AES), multiple iterations (called
rounds) are performed depending upon the key size: 128-bit key performs 9 rounds, a 192-bit key
performs 11 rounds, and a 256-bit key uses ____ rounds.
|
|
|
28.
|
What is the first step in implementing an interim security model?
a. | port security | c. | MAC address filtering | b. | turning off SSID
beaconing | d. | shared key
authentication |
|
|
|
29.
|
A ____ VPN is a user-to-LAN connection used by remote users.
a. | site-to-site | c. | peer-to-peer | b. | remote-to-LAN | d. | remote-access |
|
|
|
30.
|
At the heart of a WIDS are ____; these devices, which can be either separate
hardware devices or a standard access point operating in a special “scan” mode, monitor
the airwaves to detect signals from rogue access points.
a. | firewalls | c. | VPNs | b. | captive portals | d. | wireless
sensors |
|
|
|
31.
|
____ authentication is used in the enterprise security model using WPA and
WPA2.
a. | TKIP | c. | AES | b. | IEEE 802.1x | d. | All of the
above |
|
|
|
32.
|
Which characteristic of information is guarded by access control?
a. | confidentiality | c. | availability | b. | robustness | d. | integrity |
|
|
|
33.
|
The personal security model is intended for settings in which a(n) ____ is
unavailable.
a. | AP | c. | intermediate security model | b. | wired network | d. | authentication
server |
|
|
|
34.
|
In a 64-bit packet sent using WEP, how many bits are actually encrypted?
|
|
|
35.
|
A standard personal computer can easily create over ____ possible password
combinations per second.
a. | 100 | c. | 1,000,000 | b. | 1,000 | d. | 1,000,000,000 |
|
|
|
36.
|
What security technology was most recently introduced?
a. | WPA2 | c. | WEP2 | b. | Dynamic WEP | d. | WPA |
|
|
|
37.
|
When implementing an interim security model, most vendors have the option of a
128-bit WEP key, which can be created by entering 16 ____ characters. This provides the most
secure option.
a. | ciphered | c. | hexadecimal | b. | ASCII | d. | plaintext |
|
|
|
38.
|
MAC address filtering is vulnerable because there are programs available that
allow users to ____ a MAC address.
a. | spoof | c. | break | b. | modify | d. | disable |
|
|
|
39.
|
____ is considered to be the “heart and soul” of WPA
security.
|
|
|
40.
|
The 802.11i standard addresses both ____.
a. | authentication and direction | c. | integrity and
confidentiality | b. | encryption and confidentiality | d. | encryption and
authentication |
|
|
|
41.
|
What is the name of the 128-bit key used in TKIP?
a. | PRNG | c. | XOR | b. | temporal key | d. | MIC |
|
|
|
42.
|
In dynamic WEP, the ____ key is changed every time the user roams to a new AP or
logs out and logs back in.
a. | unicast | c. | ticket | b. | broadcast | d. | passphrase |
|
|
|
43.
|
In WEP, the CRC generates a(n) ____ based on the contents of the text.
a. | key | c. | checksum | b. | initialization vector | d. | cipher |
|
|
|
44.
|
Within the IEEE 802.1x standard, ____ ensures that a device (wired or wireless)
that requests access to the network is prevented from receiving any traffic until its identity
can be verified.
a. | port blocking | c. | port security | b. | port scanning | d. | an access control
list |
|
|
|
45.
|
Encryption under the WPA2 personal security model is accomplished by using the
block cipher ____.
|
|
|
46.
|
How long is the per-packet key used in TKIP?
a. | 40-bits | c. | 128-bits | b. | 64-bits | d. | 256-bits |
|
|
|
47.
|
____ replaces CRC in WPA.
|
|
|
48.
|
A ____ attack on WEP involves viewing collisions to derive plaintext
values.
a. | keystream | c. | weak key | b. | capture | d. | pseudo-random
number |
|
|
|
49.
|
Which aspect of information security does WEP protect?
a. | integrity | c. | availability | b. | confidentiality | d. | All of the
above |
|
|
|
50.
|
A WEP key can be a passphrase created by entering ____ ASCII characters.
|
|
|
51.
|
A wireless DoS attack may involve an attacker sending a series of ____ frames to
a wireless device.
a. | disassociation | c. | incomplete | b. | drop | d. | misaddressed |
|
|
|
52.
|
In a brute force attack, what key combination would follow 00001?
a. | 00000 | c. | 00010 | b. | 00002 | d. | 10000 |
|
Matching
|
|
|
Match each term with the correct statement below. a. | pre-shared key authentication | f. | supplicant | b. | dynamic
WEP | g. | key
caching | c. | AES-CCMP | h. | broadcast | d. | Advanced Encryption
Standard | i. | Message Integrity
Check | e. | 802.11i |
|
|
|
53.
|
performs three steps on every block (128 bits) of plaintext
|
|
|
54.
|
encryption protocol in the 802.11i standard
|
|
|
55.
|
wireless device that requires secure network access
|
|
|
56.
|
traffic sent to all users on the network
|
|
|
57.
|
solves the weak IV problem by rotating the keys frequently
|
|
|
58.
|
designed to prevent an attacker from capturing, altering, and resending data
packets
|
|
|
59.
|
uses a passphrase that is manually entered to generate the encryption
key
|
|
|
60.
|
robust security network
|
|
|
61.
|
stores information from a device on the network so if a user roams away from an
AP and later returns, she does not need to re-enter all of the credentials
|
|
|
Match each term with the correct statement below. a. | cipher | f. | computer spy | b. | keystream | g. | hacker | c. | cracker | h. | filter | d. | default key | i. | jam | e. | script
kiddies |
|
|
|
62.
|
person who violates system security with malicious intent
|
|
|
63.
|
key value that is used to encrypt wireless data transmissions when they are
sent
|
|
|
64.
|
series of 1’s and 0’s equal in length to the text plus the
ICV
|
|
|
65.
|
encryption algorithm
|
|
|
66.
|
person who has been hired to break into a computer and steal
information
|
|
|
67.
|
person who uses his or her advanced computer skills to attack computers but not
with a malicious intent
|
|
|
68.
|
attacker floods the radio frequency spectrum with noise
|
|
|
69.
|
limit a user’s admission to the access point
|
|
|
70.
|
unskilled or novice users who break into computer systems with malicious
intent
|