Kerberos B. RADIUS - IEEE 802.11 RF Site Surveying

IEEE 802.11 RF Site Surveying

A. Kerberos B. RADIUS

C. 802.1X/EAP D. OAuth E. TACACS

lxviii Assessment Test

fl ast.indd 08/21/2014 Page lxviii

Answers to the Assessment Test

1. A and C. The IEEE 802.11-2012 standard defines communication mechanisms at only the Physical layer and MAC sublayer of the Data-Link layer of the OSI model. For more information, see Chapter 1.

2. C. WMM-PS helps conserve battery power for devices using Wi-Fi radios by managing the time the client device spends in sleep mode. Conserving battery life is critical for handheld devices such as bar code scanners and VoWiFi phones. To take advantage of power-saving capabilities, both the device and the access point must support WMM Power Save. For more information, see Chapter 1.

3. A. A 750 KHz signal has an approximate wavelength of 1,312 feet, or 400 meters. A 252 GHz signal has an approximate wavelength of less than 0.05 inches, or 1.2 mil- limeters. Remember, the higher the frequency of a signal, the smaller the wavelength property of an electromagnetic signal. For more information, see Chapter 2.

4. C. Phase involves the positioning of the amplitude crests and troughs of two wave- forms. For more information, see Chapter 2.

5. E. The 10 mW of power is decreased by 3 dB, or divided by 2, giving 5 mW. This is then increased by 20 dBi, or multiplied by 10 twice, giving 500 mW. For more information, see Chapter 3.

6. D. Theoretically, an isotropic radiator can radiate an equal signal in all directions.

An antenna cannot do this because of construction limitations. However, antennas are often referred to as isotropic radiators because they radiate RF energy. The gain, or increase, of power from an antenna when compared to what an isotropic radiator would generate is known as decibels isotropic (dBi). Another way of phrasing this is decibel gain referenced to an isotropic radiator, or change in power relative to an antenna. dBi is a measurement of antenna gain. For more information, see Chapter 3.

7. B, C and D. Reflected voltage caused by an impedance mismatch may cause a degrada- tion of amplitude, erratic signal strength, or even the worst-case scenario of transmitter burnout. See Chapter 4 for more information.

8. A and D. When the gain of an omnidirectional antenna is increased, the vertical coverage area decreases while the horizontal coverage area is increased. See Chapter 4 for more information.

9. F. 802.11a (OFDM) radios transmit in the 5 GHz U-NII bands and are not compatible with 802.11 legacy (FHSS) radios, 802.11 legacy (DSSS) radios, 802.11b (HR-DSSS) radios, or 802.11g (ERP) radios, which transmit in the 2.4 GHz ISM frequency band.

802.11a (OFDM) radios are forward compatible but not backward compatible with 802.11n (HT) radios. 802.11n radios, which can transmit on either frequency band, are backward compatible with 802.11a radios as well as 802.11g (ERP), 802.11b (HR- DSSS), and 802.11 legacy (DSSS) radios. None of these radio technologies are backward compatible with 802.11 legacy (FHSS) radios. For more information, see Chapter 5.

10. C. The 802.11ac-2013 amendment defines the use of 256-QAM modulation, up to eight spatial streams, multiuser MIMO, 80 MHz channels, and 160 MHz channels.

802.11 MIMO technology and 40 MHz channels debuted with the ratification of the 802.11n-2009 amendment. For more information, see Chapter 5.

11. C and F. In January 2013, the FCC announced that 195 MHz of additional spectrum space would be made available for unlicensed use. A new 120 MHz wide band called U-NII-2B, which occupies the frequency space of 5.35 GHz–5.47 GHz, and another new 75 MHz wide band called U-NII-4 occupies the 5.85 GHz–5.925 GHz frequency space. See Chapter 6 for more information.

12. B and D. A spread spectrum signal utilizes bandwidth that is wider than what is required to carry the data and has low transmission power requirements. See Chapter 6 for more information.

13. B. The logical network name of a wireless LAN is often called an ESSID (extended service set identifier) and is essentially synonymous with SSID (service set identifier), which is another term for a logical network name in the most common deployments of a WLAN. For more information, see Chapter 7.

14. E. The scenarios described in options A, B, C, and D are all examples of how an extended service set may be deployed. The IEEE 802.11-2012 standard defines an extended service set (ESS) as “a set of one or more interconnected basic service sets.” However, the IEEE 802.11-2012 standard does not mandate any of the examples given in the options. For more information, see Chapter 7.

15. A, B, C and D. Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) is a medium access method that utilizes multiple checks and balances to try to minimize collisions. These checks and balances can also be thought of as several lines of defense.

The various lines of defense are put in place to hopefully ensure that only one radio is transmitting while all other radios are listening. The four lines of defense include the network allocation vector, the random backoff timer, the clear channel assessment, and interframe spacing. For more information, see Chapter 8.

16. A, C, D, E, F and G. The only information not contained in the beacon management frame is the destination IP address. The body of all 802.11 management frames contain only layer 2 information; therefore, IP information is not included in the frame.

Other information that is included in a beacon includes security and QoS parameters.

For more information, see Chapter 9.

17. B and D. AP radios can be manually configured to use RTS/CTS for all transmissions.

This is usually done to diagnose hidden node problems. This network could also be a mixed-mode 802.11b (HR-DSSS) and 802.11g (ERP) network. The 802.11g nodes have enabled RTS/CTS as their protection mechanism. For more information, see Chapter 9.

18. C. The technical name for an 802.11 data frame is MAC Protocol Data Unit (MPDU).

lxx Assessment Test

fl ast.indd 08/21/2014 Page lxx

19. D. WLAN mesh access points create a self-forming WLAN mesh network that auto- matically connects access points at installation and dynamically updates routes as more clients are added. Most WLAN mesh networks use dynamic layer 2 routing protocols with metrics such as RSSI, SNR, and client load. For more information, see Chapter 10.

20. E. Over the years, most of the data generated on the Internet has been created by human beings. The theory of Internet of Things (IoT) is that in the future, the bulk of the data generated on the Internet might be created by sensors, monitors, and machines. 802.11 radio NICs used as client devices have begun to show up in many types of machines and devices. For more information, see Chapter 10.

21. A and B. Warehouse, manufacturing, and retail environments often deploy wireless handheld devices, such as bar code scanners, which are used for inventory control. For more information, see Chapter 11.

22. C. To further support and understand customers and their behaviors, retail analytic products are being installed to monitor customer movement and behavior. Strategi- cally placed access points or sensor devices listen for probe frames from Wi-Fi-enabled smartphones. MAC addresses are used to identify each unique device, and signal strength is used to monitor and track the location of the shopper. Retail analytics can identify the path the shopper took while walking through the store, along with the time spent in different areas of the store. This information can be used to identify shopping patterns and to analyze the effectiveness of in-store displays and advertise- ments. For more information, see Chapter 11.

23. A, C and E. The stations that cannot hear the hidden node will transmit at the same time that the hidden node is transmitting. This will result in continuous transmission collisions in a half-duplex medium. Collisions will corrupt the frames and they will need to be retransmitted. Any time retransmissions are necessary, more overhead is added to the medium, resulting in decreased throughput. Intersymbol interference is a result of multipath and not the hidden node problem. For more information, see Chapter 12.

24. A and B. Layer 2 retransmissions can be caused by many different variables in a WLAN environment. Multipath, RF interference, hidden nodes, adjacent cell interference, and low signal-to-noise ratio (SNR) are all possible causes of layer 2 retransmissions. For more information, see Chapter 12.

25. E. Although you can hide your SSID to cloak the identity of your wireless network from script kiddies and nonhackers, it should be clearly understood that SSID cloaking is by no means an end-all wireless security solution. Because of spoofing and because of all the administrative work that is involved, MAC filtering is not considered a reli- able means of security for wireless enterprise networks. WEP and Shared Key authen- tication are legacy 802.11 security solutions. CCMP/AES is defined as the default encryption type by the IEEE 802.11i security amendment. Cracking the AES cipher would take the lifetime of the sun using the tools that are available today. For more information, see Chapter 13.

26. D. The IEEE 802.1X standard is not specifically a wireless standard and often is mis- takenly referred to as IEEE 802.11x. The IEEE 802.1X standard is a port-based access control standard. IEEE 802.1X provides an authorization framework that allows or disallows traffic to pass through a port and thereby access network resources. For more information, see Chapter 13.

27. C and D. Although the layer 2 wireless intrusion detection and prevention products might be able to detect some RF jamming attacks, the only tool that will absolutely identify an interfering signal is a spectrum analyzer. A spectrum analyzer is a frequency domain tool that can detect any RF signal in the frequency range that is being scanned. Layer 1 distributed spectrum analysis is now available in some WIPS enterprise solutions. For more information, see Chapter 14.

28. A, B, C, D and E. 802.11 wireless intrusion detection systems may be able to monitor for as many as 100 or more attacks. Any layer 2 DoS attack and spoofing attack and most rogue devices can be detected. For more information, see Chapter 14.

29. A, B and E. In the United States, if any tower exceeds a height of 200 feet above ground level (AGL), you must contact both the FCC and FAA, which are communi- cations and aviation regulatory authorities. Other countries will have similar height restrictions, and the proper RF regulatory authority and aviation authority must be contacted to find out the details. Local municipalities may have construction regula- tions and a permit may be required. For more information, see Chapter 15.

30. B and C. The final site survey report, known as the deliverable, will contain spectrum analysis information identifying potential sources of interference. Coverage analysis will also define RF cell boundaries. The final report also contains recommended access point placement, configuration settings, and antenna orientation. Capacity planning is considered to be mandatory when designing a WLAN; however, application throughput testing is often an optional analysis report included in the final survey report. Secu- rity, switching, and routing analysis are not included in a site survey report. For more information, see Chapter 15.

31. A, B and F. Nearby 802.11a (OFDM) WLAN and perimeter sensors both transmit in the 5 GHz U-NII bands. 802.11n (HT) WLAN radios can transmit at either 2.4 or 5 GHz. A nearby 802.11n WLAN operating at 5 GHz can potentially be a source of interference. DSSS access points and Bluetooth devices transmit in the 2.4 GHz frequency space. FM radios transmit in licensed frequencies. For more information, see Chapter 16.

32. A, B, C and E. RF coverage cell measurements that are taken during an indoor passive site survey include received signal strength, noise levels, signal-to-noise ratio (SNR), and data rates. Packet loss can be an additional measurement recorded during an active manual site survey. Packet loss is a calculation needed for an outdoor wireless bridging survey. For more information, see Chapter 16.

lxxii Assessment Test

fl ast.indd 08/21/2014 Page lxxii

transmitter capability might use only one or two transmitters when using 802.3af PoE and therefore conserve power. The downside is that not all of the MIMO transmitter capabilities are being used by the APs. Other vendors have chosen to disable processor- intensive 802.11ac functions such as 80 MHz channel capability and the use of more complex modulation. In other words, the 802.11ac 3×3:3 MIMO radio can still use all three transmitters but effectively the radio functions as an 802.11n radio when using the lower 802.3af power. Newer generation 802.11ac 3×3:3 MIMO radios can be fully powered by 802.3af PoE without any downgrade of functionality. For more information, see Chapter 19.

34. A and D. For a powered device (PD) such as an access point to be considered compliant with the IEEE 802.3-2005 Clause 33 PoE standard, the device must be able to receive power through the data lines or the unused twisted pairs of an Ethernet cable. The PD must also reply to the power-sourcing equipment (PSE) with a 25 ohm detection signature. The PD may reply with a classification signature, but it is optional. The current PoE standard allows for a maximum draw of 12.95 watts by the PD from the power- sourcing equipment. For more information, see Chapter 17.

35. B, C and D. High Throughput (HT) technology is defined by the IEEE 802.11n-2009 amendment and is not frequency dependent. 802.11n (HT) can operate in the 2.4 GHz ISM band as well as all of the 5 GHz U-NII frequency bands. For more information, see Chapter 18.

36. A and B. The 802.11n-2009 amendment introduced two new methods of frame aggregation to help reduce the overhead. Frame aggregation is a method of combining multiple frames into a single frame transmission. The first method of frame aggregation is known as an Aggregate MAC Service Data Unit (A-MSDU). The second method of frame aggregation is known as an Aggregate MAC Protocol Data Unit (A-MPDU). For more information, see Chapter 18.

37. A. The 802.11n-2009 amendment defined over 70 modulation and coding schemes (MCSs). The 802.11ac-2013 amendment lowers the number to 10. The 802.11ac data rates are determined by the number of spatial streams, guard interval, and which one of the 10 MCS is used. For more information, see Chapter 19.

38. B and C. Reduced interframe spacing (RIFS), unequal modulation, Greenfield mode, and implicit beamforming are 802.11n capabilities that are no longer defined with the advent of the 802.11ac amendment. For more information, see Chapter 19.

39. E. Mobile device management (MDM) solutions can be used for both a company- issued device (CID) and a bring your own device (BYOD), which is owned by an employee. MDM solutions offer the capability of over-the-air installation and distri- bution of security certificates, web clips, applications, and configuration settings. For more information, see Chapter 20.

40. D. The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service and is often used for social login for Wi-Fi guest networks. For more information, see Chapter 20.

1 Wireless Standards,

Dalam dokumen CWNA - Certified Wireless Network Administrator (Halaman 69-75)