Components and Operation
What is the minimum number of devices required to create a connection?
2
What does CAPWAP stand for?
Control and Provisioning of Wireless Access Points
What 2 things in a WLAN device allow the device to broadcast and take in data?
Transmitter and receiver
What type of attack is an “evil twin AP” attack?
Man-in-the-middle attack
What are the two types of authentication methods introduced with the original 802.11?
Open system authentication and Shared key authentication
Router, Switch, AP
What network device is most commonly associated with CAPWAP?
WLC (Wireless LAN Controller)
What is the benefit of DSSS (Direct-Sequence Spread Spectrum) and what frequency does it use?
DSSS can go over long ranges and hides the source of the signal. It uses 2.4 GHz
Why would you use 5GHz over 2.4GHz?
2.4 GHz band is used by other devices
What authentication method is used when security is of no concern?
Open system authentication
List the 3 types of antennas
Directional, omnidirectional, MIMO (Multiple Input, Multiple Output)
In a split MAC architecture what are the 2 categories of functions?
AP and WLC
Describe FHSS (Frequency-Hopping Spread Spectrum)
It transmits radio signals by rapidly switching a carrier signal among many frequency channels. With FHSS the sender and receiver must be synchronized to “know” which channel to jump to.
What are 3 thing that can cause a DoS attack?
Improperly configured devices, A malicious user intentionally interfering with the wireless communication, and Accidental interference
What are four mechanisms used to authenticate and encrypt data with Shared key authentication?
WEP, WPA, WPA2, and WPA3
Describe Active and Passive mode.
BONUS:
What does a client include in a probe request and what does the AP include in a Probe Response?
Active - Router or AP does not broadcast SSID, client must know it
Passive - Router or AP broadcasts SSID and client connects with password only
Client: SSID, supported standards AP: SSID, supported standards, security settings
What protocol is used for encryption between WLC and AP and is it?
BONUS:
Is it turned on by default?
DTLS (Datagram Transport Layer Security) and yes it is on by default.
Describe OFDM.
BONUS:
What does OFDM stand for?
This is a subset of frequency division multiplexing in which a single channel uses multiple sub-channels on adjacent frequencies. Sub-channels in an OFDM system are precisely orthogonal to one another which allow the sub-channels to overlap without interfering.
Orthogonal frequency-division multiplexing
What is a Rouge Access Point?
BONUS:
What could be used as a Rouge Access Point?
A wireless access point that has been installed on a secure network without explicit authorization from a local network administrator.
BONUS:
Personal Wireless Router, Hotspot, Wireless USB adapters configured as soft access points, etc
Out of the two WPA standards of encryption which is the strongest?
BONUS:
Why is that Standard Stronger?
Advanced Encryption Standard (AES)
BONUS:
The use of CCMP that allows destination hosts to recognize if the encrypted and non-encrypted bits have been altered.
List all IEEE 802.11 standards
802.11, a, b, g, n, ac, ax
List and describe the two modes of FlexConnect
Connected - WLC is connected and performs normal functions while FlexConnect is idle
Standalone - WLC is unreachable and FlexConnect assumes some of the WLC responsibilities such as switching client data locally and performing authentication.
How many channels in 5 GHz? And what infrastructure set the standard?
24, U-NNI (Unlicensed National Information Structure)
Name at least 4 WLAN based Attacks
Interception of data, Wireless intruders, Denial of Service (DoS) Attacks, Rogue APs, IP and MAC spoofing, DNS cache spoofing, Malware distribution, etc
What are the four features of WPA3?
WPA3-Personal, WPA3-Enterprise, Open Networks, and IoT Onboarding