Page 797 - StudyBook.pdf
P. 797

Self Test Appendix • Appendix  781

                      A. Unauthorized users accessing the network by spoofing EAP-TLS messages
                      B. DoS attacks occurring because 802.11 management frames are not authenticated
                      C. Attackers cracking the encrypted traffic
                      D. None of the above
                  Answer B is correct. One of the biggest problems identified in a paper discussing 802.1x secu-
                    rity is the lack of authentication in the 802.11 management frames and that 802.1x does not
                    address this problem.Answer A is incorrect because spoofing EAP-TLS is impossible.The
                    attacker needs the user’s certificate and passphrase.Answer C is incorrect because cracking
                    encrypted traffic is possible but unlikely since EAP-TLS allows for WEP key rotation.Answer
                    D is incorrect.

                  9.  Concerning wireless network security,WEP (Wired Equivalent Privacy) was originally
                      designed to do which of the following?
                      A. Provide wireless collision detection and collision avoidance access methods
                      B. Provide the same level of security as a LAN (Local Area Network)
                      C. Provide the ability to allow RF signals to penetrate through walls
                      D. Provide greater accessibility than a wired LAN
                  Answer B is correct.WEP was designed to provide the same level of security as a LAN (Local
                    Area Network).Answers A, C and D are simply incorrect.

                  10. Which of the following is the most common method used by attackers to detect and identify
                      the presence of an 802.11 wireless network?
                      A. Packet phishing
                      B. War dialing
                      C. Packet sniffing
                      D. War driving
                  Answer D is correct.War driving is the most common method used by attackers to detect and
                    identify the presence of an 802.11 wireless network.Answers A and C are incorrect.Answer B
                    is incorrect because.When hackers and attackers only had modems, they ran programs designed
                    to search through all possible phone numbers and call each one, looking for a modem to
                    answer.This type of scan was typically referred to as war dialing.

                  11. Your company uses WEP (Wired Equivalent Privacy) for its wireless security.Who may
                      authenticate to the company’s access point?
                      A.  Anyone in the company can authenticate
                      B. Only the administrator can authenticate
                      C. Only users with the valid WEP key
                      D. None of the above







                                                                              www.syngress.com
   792   793   794   795   796   797   798   799   800   801   802