ExamGecko
Search Search Login
Home Home / CWNP / CWNA-109
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When using a spectrum to look for non Wi-Fi interference sources, you notice significant interference across the entire 2.4 GHz band (not on a few select frequencies) within the desktop area of a users workspace, but the interference disappears quickly after just 2 meters. What is the most likely cause of this interference?
ABC Company is planning a point-to-multipoint outdoor bridge deployment with standalone (autonomous) 802.11 bridge units. 802.1X/EAP will be used for bridge authentication. A Linux-based RADIUS server will be used for authentication. What device in the bridge implementation acts as the 802.1X Authenticator?
Which one of the following channels can be used for VHT transmissions according to the 802.11 specification?
What statement describes the authorization component of a AAA implementation?
A WLAN is implemented using wireless controllers. The APs must locate the controllers when powered on and connected to the network. Which one of the following methods is commonly used to locate the controllers by the APs?
An IEEE 802.11 amendment is in the daft state. What impact does this draft amendment have on the 802.11 standard?
You must plan for POE in an office environment. Which one of these devices is least likely to be a POE PSE?
Which one of the following is not a factor considered when calculating the Link Budget for an outdoor point-to- point WLAN bridge link?
You have received a report of poor wireless connections on the third floor of a building under your administration. Three individuals have reported the problem. Apparently, the connections are reporting a strong signal, but the users cannot access the Internet. With the problem identified, what is the next logical step in the troubleshooting process?
A dual-band 802.11ac AP must be powered by PoE. As a class 4 device, what power level should be received at the AP?

Question 66 - CWNA-109 discussion

Report
Export

You are the network administrator for ABC Company. Your manager has recently attended a wireless security seminar. The seminar speaker taught that a wireless network could be hidden from potential intruders if you disabled the broadcasting of the SSID in Beacons and configured the access points not to respond to Probe Request frames that have a null SSID field.

Your manager suggests implementing these security practices. What response should you give to this suggestion?

A.
Any 802.11 protocol analyzer can see the SSID in clear text in frames other than Beacons frames. This negates any security benefit of trying to hide the SSID in Beacons and Probe Response frames.
Answers
A.
Any 802.11 protocol analyzer can see the SSID in clear text in frames other than Beacons frames. This negates any security benefit of trying to hide the SSID in Beacons and Probe Response frames.
B.
To improve security by hiding the SSID, the AP and client stations must both be configured to remove the SSID from association request and response frames. Most WLAN products support this.
Answers
B.
To improve security by hiding the SSID, the AP and client stations must both be configured to remove the SSID from association request and response frames. Most WLAN products support this.
C.
Any tenants in the same building using advanced penetration testing tools will be able to obtain the SSID by exploiting WPA EAPOL-Key exchanges. This poses an additional risk of exposing the WPA key.
Answers
C.
Any tenants in the same building using advanced penetration testing tools will be able to obtain the SSID by exploiting WPA EAPOL-Key exchanges. This poses an additional risk of exposing the WPA key.
D.
This security practice prevents manufacturers' client utilities from detecting the SSID. As a result, the SSID cannot be obtained by attackers, except through social engineering, guessing, or use of a WIPS.
Answers
D.
This security practice prevents manufacturers' client utilities from detecting the SSID. As a result, the SSID cannot be obtained by attackers, except through social engineering, guessing, or use of a WIPS.
Suggested answer: A

Explanation:

The response that you should give to your manager's suggestion of implementing the security practices of disabling the broadcasting of the SSID in Beacons and configuring the access points not to respond to Probe Request frames that have a null SSID field is that any 802.11 protocol analyzer can see the SSID in clear text in frames other than Beacons frames. This negates any security benefit of trying to hide the SSID in Beacons and Probe Response frames. The SSID (Service Set Identifier) is a human-readable name that identifies a WLAN and allows users to connect to it. The SSID is transmitted in clear text in several types of 802.11 frames, such as Beacon frames, Probe Request frames, Probe Response frames, Association Request frames, Association Response frames, Reassociation Request frames, and Reassociation Response frames. Some people may think that hiding the SSID can improve the security of the WLAN by making it invisible to potential intruders. However, this is not true, as hiding the SSID only removes it from Beacon frames and Probe Response frames that have a null SSID field. The SSID is still present in other types of frames that can be easily captured and analyzed by any 802.11 protocol analyzer or wireless scanner tool.Therefore, hiding the SSID does not provide any real security benefit and may even cause some compatibility and performance issues for legitimate users.Reference:1, Chapter 4, page 133;2, Section 4.1

Show Answer
asked 16/09/2024
Tshimangadzo Mbulawa
35 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms