CWNP CWNA-109 Practice Test - Questions Answers, Page 7

A pre-design site visit in preparation for a predictive wireless LAN design is essential for gathering physical and environmental data about the site. The key tasks to be performed during such a visit include:

Evaluating Building Materials: Different materials (concrete, glass, wood, etc.) have varying effects on RF signal propagation. Understanding the materials present helps in accurately predicting how signals will behave within the environment.

Floor Plan Verification: Ensuring that the floor plan documents are an accurate representation of the actual building layout is crucial. Discrepancies between the floor plans and the physical layout can lead to inaccuracies in the predictive design.

The other options, while potentially valuable in other contexts, are not directly related to preparing for a predictive design:

Installing APs (option A) for testing co-channel interference is more aligned with an active site survey rather than a pre-design visit for a predictive design.

Collecting information about security requirements (option B) is important but is not directly related to the physical aspects of the site that would impact a predictive design.

Testing antenna types (option C) would typically be part of an active site survey or the actual deployment phase, not a pre-design visit for predictive modeling.

Therefore, option D is the correct answer, focusing on evaluating physical aspects crucial for accurate predictive modeling.

CWNA Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109, by David D. Coleman and David

A . Westcott.

Best practices for conducting pre-design site visits in wireless network planning.

In the 802.11ax (High Efficiency, HE) amendment, one of the key features introduced is BSS (Basic Service Set) Coloring. This feature is designed to mitigate issues arising from overlapping BSSs (OBSS), which can lead to contention and interference in dense wireless environments. BSS Coloring works by:

Assigning a 'color' (a small number) to each BSS: This helps devices differentiate between frames from their own BSS and those from neighboring BSSs.

Reducing Inter-BSS Interference: Devices can ignore frames from different BSSs (with a different 'color') under certain conditions, reducing the impact of OBSS interference.

Improving Spatial Reuse: By distinguishing between transmissions from different BSSs, devices can make more informed decisions about when to transmit, improving the efficiency of spatial reuse and reducing unnecessary contention.

This feature directly impacts design decisions related to AP placement and the spacing between same-channel BSS cells, as it allows for closer placement of APs on the same channel without significantly increasing interference, thus improving overall network capacity and efficiency.

The other options, while features of 802.11ax, do not directly pertain to reducing overlapping BSS contention in the same manner:

TWT (Target Wake Time) optimizes device sleep schedules to conserve power.

Uplink MU-MIMO enhances uplink data transmission capabilities but doesn't specifically address OBSS contention.

6 GHz Band Support introduces new spectrum for Wi-Fi use but is not a feature aimed at reducing OBSS contention within the 802.11ax framework.

Therefore, the correct answer is B, BSS Color.

IEEE 802.11ax-2021: Enhancements for High Efficiency WLAN.

CWNA Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109, by David D. Coleman and David A. Westcott.

The term used to describe the problem in this configuration is Co-Channel Interference (CCI)1.CCI occurs when multiple access points are on the same or overlapping channels, causing interference and degradation in network performance1.In this case, one AP is on channel 1 and the other is on channel 2, which are overlapping channels, leading to CCI1.

The center frequency of channel 4 in the 2.4 GHz band is 2.427 GHz (2427 MHz). The center frequency of a channel is the midpoint of its frequency range, where the signal strength is highest and most concentrated. The center frequency of channel 1 in the 2.4 GHz band is 2.412 GHz (2412 MHz), as given in the question. The center frequency of each subsequent channel is obtained by adding 5 MHz to the previous channel's center frequency, since the channels are spaced 5 MHz apart from each other in this band. Therefore, to find the center frequency of channel 4, we need to add 15 MHz (5 MHz x 3) to the center frequency of channel 1:

2.412 GHz + 0.015 GHz =2.427 GHz

Alternatively, we can use a formula to calculate the center frequency of any channel in the 2.4 GHz band:

Center frequency (GHz) =2.407 + (0.005 x Channel number)

Using this formula for channel 4, we get:

Center frequency (GHz) =2.407 + (0.005 x 4)

Center frequency (GHz) =2.407 + 0.02

Center frequency (GHz) =2.427Reference:1, Chapter 3, page 85;2, Section 3.2

The response that you should give to your manager's suggestion of implementing the security practices of disabling the broadcasting of the SSID in Beacons and configuring the access points not to respond to Probe Request frames that have a null SSID field is that any 802.11 protocol analyzer can see the SSID in clear text in frames other than Beacons frames. This negates any security benefit of trying to hide the SSID in Beacons and Probe Response frames. The SSID (Service Set Identifier) is a human-readable name that identifies a WLAN and allows users to connect to it. The SSID is transmitted in clear text in several types of 802.11 frames, such as Beacon frames, Probe Request frames, Probe Response frames, Association Request frames, Association Response frames, Reassociation Request frames, and Reassociation Response frames. Some people may think that hiding the SSID can improve the security of the WLAN by making it invisible to potential intruders. However, this is not true, as hiding the SSID only removes it from Beacon frames and Probe Response frames that have a null SSID field. The SSID is still present in other types of frames that can be easily captured and analyzed by any 802.11 protocol analyzer or wireless scanner tool.Therefore, hiding the SSID does not provide any real security benefit and may even cause some compatibility and performance issues for legitimate users.Reference:1, Chapter 4, page 133;2, Section 4.1

The cipher suite specified by the 802.11-2016 standard and is not deprecated isCounter Mode with CBC-MAC Protocol (CCMP). CCMP is an encryption protocol that usesAdvanced Encryption Standard (AES)as the underlying cipher and providesconfidentiality, integrity, and origin authenticationfor wireless data. CCMP is the mandatory encryption protocol forWPA2andWPA3.Reference:[CWNP Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 295; [IEEE Standard for Information technology--Telecommunications and information exchange between systems Local and metropolitan area networks--Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications], page 1560.

The WLAN feature that would allow the network administrator to control the network resources that can be accessed by each employee based on their department isRole-Based Access Control (RBAC). RBAC is a method of assigning different permissions and policies to users or groups based on their roles in the organization. RBAC can be implemented by usingVLANs,ACLs, orfirewallsto restrict access to certain network segments or resources. RBAC can also be integrated with802.1X/EAPauthentication to dynamically assign roles and VLANs to users based on their credentials.Reference:[CWNP Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 403; [Role-Based Access Control (RBAC) in Wireless Networks], page 1.

The device in the bridge implementation that acts as the 802.1X Authenticator is theroot bridge. The root bridge is the bridge that connects to the wired network and acts as the central point for all other bridges in the point-to-multipoint topology. The root bridge authenticates the non-root bridges using 802.1X/EAP and forwards their authentication requests to the RADIUS server. The non-root bridges act as the 802.1X Supplicants and use EAP methods such as EAP-TLS or EAP-PEAP to authenticate with the root bridge.Reference:[CWNP Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 459; [Cisco Aironet Wireless Bridges FAQ], question 29.

The error in administration that could be the cause of this security concern is thatHTTP is in use instead of HTTPS. HTTP is an unencrypted protocol that transfers data in plain text over the network. This means that anyone who captures the traffic can see the HTML code of the Web pages used for access point management, as well as any sensitive information such as passwords or configuration settings. HTTPS is an encrypted protocol that uses SSL/TLS to secure the data transmission between the Web browser and the Web server. HTTPS prevents anyone from snooping on or tampering with the Web traffic. Therefore, HTTPS should always be used for Web based management of wireless access points, especially in autonomous mode where there is no centralized controller to enforce security policies.Reference:[CWNP Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 431; [HTTP vs HTTPS: What's The Difference And Why Should You Care?].