1.) Which of the following statements is false?
a. Extended service set identifier (SSID) is a wireless LAN's name.
b. SSID is sent in AP beacons so that stations can find the right WLAN.
c. SSID is sent in probe requests so that stations can find the right WLAN.
d. Omitting SSID from beacons prevents attackers from finding a WLAN.
2.) Which of the following is not a fast handoff option included in 802.11i?
a. 802.1X key delivery
b. Key caching
3.) Which of the following is not an alternative for controlling WLAN access?
a. MAC ACLs
4.) When a wireless intrusion detection system (WIDS) floods a rogue access point with deauthenticate messages, it is usually trying to:
a. Locate the rogue so that it can be removed
b. Prevent unauthorized stations from communicating with the rogue
c. Prevent the rogue from communicating with the wired network
d. Inhibit communication between the rogue and legitimate stations
5.) Which of the following can be used to compromise a WPA-protected WLAN?
6.) Rogue access points that are not connected to your corporate network pose no business risk.
7.) 802.1X Port Access Control can be used for wireless LAN authentication by companies with limited IT staff.
8.) Which is the most effective method of keeping wireless visitor traffic from infiltrating your company network?
a. Secure your WLAN with WPA-PSK
b. Split your WLAN into "guest" and "employee" SSIDs
c. Use 802.1X to return VLAN tags, then block untagged traffic
9.) Wireless interference from external sources can be avoided by:
a. Coating your walls with RF-reflective paint
b. Placing APs in the middle of your facility
c. Using directional antennas to focus wireless transmissions
d. Reassigning channels used by your APs
10.) Which of the following statements is true?
a. Given 802.11i, companies no longer need VPNs to protect wireless.
b. WPA2 requires purchasing all new wireless hardware.
c. An embedded WIDS cannot monitor the air full-time.
d. A WIDS may help with compliance reporting.
This was first published in April 2006