Monday, April 21, 2014

CISSP Exam Preparation (Question 201 ~ 220)

(201) What is the relationship between a basic service set (BSS) and SSID?
A. A group of wireless devices are segmented into a BSS and assigned an SSID value.
B. A group of wireless devices are segmented into an SSID and assigned a BSS value.
C. The BSS delineates the access point and wireless devices, and the SSID delineates the wireless and wired devices.
D. The SSID delineates the access point and wireless devices, and the BSS delineates the wireless and wired devices.

Explanation:
When wireless devices work in infrastructure mode, the AP and wireless
clients form a group referred to as a basic service set (BSS). This group is assigned a name, which is the SSID value.
(202) Some wireless environments authenticate wireless devices before they are allowed access to the wired environment, via SSID and/or MAC values. Which of the following best describes the downfall of these approaches?
A. Both are easily captured through brute force attacks.
B. The SSID is broadcasted by the wireless device and the MAC address is broadcasted by the access point.
C. The MAC is not broadcasted by the wireless device and the SSID address is broadcasted by the access point.
D. Both are sent in cleartext.

Explanation:
The SSID is usually required when a wireless devices wants to
authenticate to an AP. For the device to prove that it should be allowed to communicate with the wired network, it must first provide a valid SSID value. The SSID should not be seen as a reliable security mechanism because many APs broadcast their SSIDs, which can be easily sniffed and used by attackers. If the AP is configured to require a MAC value for authentication, this data is also sent in
cleartext from the wireless device.
(203) What spread spectrum is used in the 802.11a standard?
A. FHSS
B. DSSS
C. OFDM
D. SSID

Explanation:
This standard uses a different method of modulating data onto the
necessary radio carrier signals. Where 802.11b uses DSSS, 802.11a uses OFDM and works in the 5 GHz frequency band.
(204) The 802.11a standard provides a higher bandwidth than 802.11 and 802.11b. Which of the following is a characteristic of 802.11a that is not shared by 802.11 and 802.11b?
A. Maximum distance that the wireless device should be from the access point is 25 feet.
B. It uses TKIP instead of WEB.
C. It uses the AES algorithm instead of the RC4 algorithm.
D. It increases the keying material for encryption.

Explanation:
802.1x provides port authentication, which means that all traffic is
restricted until the user is properly authenticated. 802.1x does not have anything to do with encryption. Extensible Access Protocol (EAP) extends the types of authentication types.
(205) Which of the following is not a characteristic of Protected Extensible Authentication Protocol?
A. Authentication protocol used in wireless networks and Point-to-Point connections
B. Designed to provide more secure authentication for 802.11 WLANs
C. Designed to support 802.1X port access control and Transport Layer Security
D. Designed to support password protected connections

Explanation:
PEAP (Protected Extensible Authentication Protocol) is a version of EAP
and is the authentication protocol used in wireless networks and Point-to-Point connections. PEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control and Transport Layer Security. It is a protocol that encapsulates EAP within a potentially encrypted and authenticated Transport Layer Security (TLS) tunnel.
(206) Julie has learned the 802.11i standard includes 802.1x. Which of the following best describes the 802.1x technology?
A. It extends the types of authentication that can take place.
B. It allows a user to authenticate using Kerberos, smart cards, or one-time passwords.
C. It offers port authentication.
D. It incorporates a stronger encryption algorithm.

Explanation:
The 802.1x standard offers port-based network access control.
(207) Which of the following is not an identified flaw in the Wired Equivalent Privacy (WEP) protocol?
A. Initialization vector was too long.
B. The wrong encryption algorithm was chosen.
C. There is no mutual authentication requirement.
D. Initialization vectors are reused.

Explanation:
The deficiencies within the original 802.11 standard include no user
authentication, no mutual authentication between the wireless device and access point, and a flawed encryption protocol. The initialization vector was too small and not different for each packet that is to be encrypted.
(208) Which of the following best describes the Temporal Key Integrity Protocols (TKIP) role in the 802.11i standard?
A. It provides 802.1x and EAP to increase the authentication strength.
B. It requires the access point and the wireless device to authenticate to each other.
C. It sends the SSID and MAC value in ciphertext.
D. It adds more keying material for the RC4 algorithm.

Explanation:
TKIP adds more keying material to be used by the RC4 algorithm
during the encryption and decryption process. This adds more randomness to the process so that the encryption cannot be easily broken.

(209) The 802.11i standard has two main components to it. Which of the following best describes these two components?
A. One component uses AES to allow for backward compatibility. The other component uses the TKIP algorithm in counter mode and CBC-MAC.
B. One component uses 802.1x to allow for backward compatibility. The other component uses the 3DES algorithm in counter mode and CBC-MAC.
C. One component uses TKIP to allow for backward compatibility. The other component uses the AES algorithm in counter mode and CBC-MAC.
D. One component uses CCMP to allow for backward compatibility. The other component uses the AES algorithm in counter mode and CBC-MAC.

Explanation:
Companies and individuals that already have a WLAN setup, can apply
802.11i, which uses TKIP. TKIP provides more keying material for the RC4 algorithm that is used within WEP. Companies that have not yet deployed a WLAN, can use the portion of the standard that uses the AES algorithm in counter mode and uses CBC-MAC.
(210) WEP has a long list of security vulnerabilities. Which of the following describes why the algorithm that was chosen by the WEP working group was not the best choice?
A. Its a stream cipher, which has an inherent deficiency in integrity.
B. Its a stream cipher, which has an inherent deficiency in key size.
C. Its a stream cipher, which has an inherent deficiency in being vulnerable to man-in-the-middle attacks.
D. Its a stream cipher, which has an inherent deficiency in being vulnerable to spoofing attacks.

Explanation:
Stream ciphers, by default, have a deficiency in that someone can
capture a message and modify the bits without the receiver being able to identify
it. This is because the message will decrypt properly.
(211) When a technology that is compliant to the 802.1x standard is implemented, what are the three main components that are involved?
A. Access point, authenticator, authentication server
B. Supplicant, authenticator, RADIUS server
C. Supplicant, RADIUS server, authentication server
D. Supplicant, authenticator, authentication server

Explanation:
The 802.1X technology actually provides an authentication framework
and a method of dynamically distributing encryption keys. The three main entities in this framework are the supplicant (wireless device), the authenticator (access point), and the authentication server (usually a RADIUS server).
(212) Peter has set up a wireless LAN that is compliant with the 802.11i standard. This implementation uses the AES algorithm. Before a user of a wireless device is authenticated, what type of traffic is allowed to go from the user to the authentication server?
A. DHCP, SMTP
B. DHCP, POP, FTP
C. Authentication traffic
D. Encrypted traffic

Explanation:
If this WLAN is using the AES algorithm, that means 802.1x is also
being used, which is port authentication. No traffic other than authentication data is available to the user and his wireless device until proper authentication has taken place. After this happens, the users wireless device can receive SMTP, DHCP, and all other types of traffic.
(213) Different vendors have implemented various solutions to overcome the vulnerabilities of WEP. Which of the following provides an incorrect mapping between these solutions and their characteristics?
A. LEAP requires a PKI.
B. PEAP only requires the server to authenticate using a digital certificate.
C. EAP-TLS requires both the wireless device and server to authenticate using digital certificates.
D. PEAP requires the user to provide a password.

Explanation:
Cisco uses a purely password-based authentication framework called
Lightweight Extensible Authentication Protocol (LEAP). Other vendors, including Microsoft, use EAP and Transport Layer Security (EAP-TLS), which carries out authentication through digital certificates. And yet another choice is Protective EAP (PEAP), where only the server uses a digital certificate.
(214) What are the values that are used by TKIP in the encryption and decryption process?
A. SSID, WEP key, IV
B. IV, MAC, WEP key
C. WEP key, BSS, SSID
D. SSID, MAC, IV

Explanation:
The protocol increases the length of the IV value and ensures that
each and every frame has a different IV value. This IV value is combined with the transmitter’s MAC address and the original WEP key, so that even if the WEP key is static the resulting encryption key will be different for each and every frame. (WEP key + IV value + MAC address = new encryption key.)
(215) Denise found out that she has been a victim of a Bluejacking. What does this mean?
A. Someone sent an unsolicited message through her PDA.
B. Someone captured her ciphertext data.
C. Someone spoofed a message, which caused a DoS.
D. Someone social engineered her.

Explanation:
Bluejacking is when someone sends an unsolicited message to a device
that is Bluetooth enabled. Bluejackers look for a receiving device (phone, PDA, laptop) and then send a message to it. Many times someone is trying to send someone else their business card, which will be added to the victims contact list in their address book.
(216) Which of the following does not describe a difference between WAP and i-mode?
A. WAP uses a markup language based on XML.
B. i-mode is popular mainly in Asia.
C. i-mode uses a markup language based on XML.
D. WAP is popular mainly in North America.

Explanation:
i-mode uses a markup language based on HTML (compact HTML) and is
popular mainly in Japan. WAP uses a markup language based on XML and is popular mainly in the U.S.
(217) Why are packet filter firewalls not always a competent countermeasure against instant messaging (IM) attacks?
A. They are the best type of countermeasure for this type of threat.
B. They cause an internal denial of service when dealing with IM traffic.
C. They can detect worms that are being transmitted through this traffic type.
D. IM clients can reconfigure themselves to work on a port that is open on the firewall.

Explanation:
Many firewalls do not have the capability to scan for this type of
traffic to uncover suspicious activity. Blocking specific ports on the firewalls is not usually effective because IM traffic can use common ports that need to be open (HTTP port 80 and FTP port 21). Many IM clients will auto-configure themselves to work on another port if their default port is unavailable and blocked by the firewall.
(218) If a company wants to allow their internal employees to use instant messaging among themselves, which of the following should be implemented?
A. Corporate IM server
B. IPSec and NAT
C. L2TP and PPTP
D. IGMP

Explanation:
Companies can implement corporate IM servers so that internal
employees communicate within the organizations network only.
(219) How does the Domain Name Service match Internet uniform resource locator (URL) requests?
A. With the actual address or location of the client providing that URL
B. With the actual address or location of the server providing that URL
C. With the virtual address or location of the client providing that URL
D. With the virtual address or location of the server providing that URL

Explanation:
The Domain Name Service matches Internet uniform resource locator (URL)
requests with the actual address or location of the server that is providing that URL.
(220) Which protocols are used for securing VPN connections?
A. S/MIME and SSH
B. TLS and SSL
C. IPSec and L2TP
D. PKCS#10 and X.509


Explanation:
VPN connections are secured using IPSec and L2TP.

- Muhammad Idham Azhari

No comments: