Quiz: Module 10 Wireless Network Attacks and Defenses

Simiso has been asked to research a new payment system for the retail stores that her company owns. Which technology is predominantly used for contactless payment systems that she will investigate?

a. Bluetooth

b. Near-field communication (NFC)

c. Wi-Fi

d. Radio Frequency ID (RFID)

b. Near-field communication (NFC)

Muchaneta is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be?

a. blueswiping

b. bluehiking

c. bluejacking

d. bluesnarfing

d. bluesnarfing

What is a difference between NFC and RFID?

a. NFC is based on wireless technology while RFID is not.

b. RFID is faster than NFC.

c. NFC requires the sender to be very close to the receiver.

d. NFC devices cannot pair as quickly as RFID devices.

c. NFC requires the sender to be very close to the receiver.

Which of the following attacks transfers the data from one RFID tag to another?

a. RFID swiping

b. RFID cloning

c. RFID duplicating

d. RFID mirroring

b. RFID cloning

Thubelihle has just been informed that an employee has tried to install their own wireless router in the employee lounge. Why is installing this rogue AP an issue?

a. It uses the weaker IEEE 80211i protocol.

b. It allows an attacker to bypass network security configurations.

c. It conflicts with other network firewalls and can cause them to become disabled.

d. It requires the use of vulnerable wireless probes on all mobile devices.

b. It allows an attacker to bypass network security configurations.

Zendaya is helping her neighbor install and configure a new wireless router. Her neighbor is reluctant to configure the settings on the device but just wants to accept the default settings. Which of these is NOT a reason Zendaya would give regarding the risks of an improperly configured wireless router?

a. An attacker can steal data from any folder with file sharing enabled.

b. Wireless devices could be susceptible to an INKSPOT attack.

c. User names, passwords, credit card numbers, and other information sent over the WLAN could be captured by an attacker.

d. Malware can be injected into a computer connected to the WLAN.

b. Wireless devices could be susceptible to an INKSPOT attack.

Which of these WPS methods is vulnerable?

a. Push-button

b. PIN

c. NXC

d. Click-to-send

b. PIN

Zuri is on vacation and visits a local coffee shop to enjoy a beverage and check her email through the free Wi-Fi. When she first connects, a screen appears asking her to agree to an acceptable use policy (AUP) before continuing. What type of AP portal has she encountered?

a. rogue portal

b. approval portal

c. limited portal

d. captive portal

d. captive portal

Which of the following is NOT a wireless denial attack that attempts to prevent a user from accessing or using a WLAN?

a. RTS/CTS replay attack

b. duration field values attack

c. disassociation attack

d. jamming

a. RTS/CTS replay attack

Nia is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is she describing?

a. NFC capture attack

b. evil twin attack

c. WPA grab attack

d. sleeper attack

b. evil twin attack

Which of these is a vulnerability of MAC address filtering in a WLAN?

a. Not all operating systems support MACs.

b. APs use IP addresses instead of MACs.

c. The user must enter the MAC.

d. MAC addresses are initially exchanged unencrypted.

d. MAC addresses are initially exchanged unencrypted.

Which of the following is NOT true about cellular networks?

a. Using a cellular network requires extensive security configurations on the part of the user.

b. Cellular networks are operated by telecommunication service providers.

c. The telecommunication service providers of cellular networks own, maintain, and manage their own network equipment and facilities.

d. The most widespread wireless networks are cellular networks.

a. Using a cellular network requires extensive security configurations on the part of the user.

Which of the following is NOT true about WLAN versions?

a. New versions of WLANs have appeared regularly.

b. Updated versions have resulted in increased speed, coverage area, and resistance to interference and stronger security.

c. WLAN standards are set by the IEEE.

d. WLAN-IEEE 8ax is the final version to be released.

d. WLAN-IEEE 8ax is the final version to be released.

Which of these is the encryption protocol for WPA2?

a. IEEE 802.1x

b. CCMP

c. XAP

d. CBC-MAC

b. CCMP

Which mode provides the highest level of security?

a. WEP mode

b. WPA2-Enterprise mode

c. WPA4-X mode

d. WPA3-Enterprise 192-bit mode

d. WPA3-Enterprise 192-bit mode

Nala needs to purchase WLCs for the office. What type of AP must she also purchase that can be managed by a WLC?

a. stand-alone AP

b. controller AP

c. fat AP

d. any type of AP can be managed by a WLC.

b. controller AP

Which WPA3 security feature is designed to increase security at the time of the handshake?

a. WEP

b. SAE

c. OWE

d. PXF

b. SAE

Hadiza is explaining the EAP to a new hire. What would be the best explanation of EAP?

a. It is the transport protocol used in TCP/IP for authentication.

b. It is a framework for transporting authentication protocols.

c. It is a subset of WPA2.

d. It is a technology used by IEEE 802.11 for encryption.

b. It is a framework for transporting authentication protocols.

Makena has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?

a. EAP-SSL

b. EAP-TLS

c. EAP-TTLS

d. EAP-FAST

d. EAP-FAST

Which of these is a WPA3 technology that mitigates against disassociation attacks?

a. OWE

b. SAE

c. XR3

d. PMF

d. PMF