7
WIRELESS LANS II
Last Name: _____________________________________
First Name: _____________________________________
Due Date: ___________________
Instructions
To receive credit, you must download these files and hand-write the answers. HWs must be turned into me prior to the associated chapter exam.
Child’s Play
1. a) Do public hot spots protect your transmissions?
>>>
d) How can a drive-by hacker defeat a site’s border firewall?
>>>
802.11i WLAN Security
2. a) What cryptographic protections does 802.11i provide?
>>>
b) How is this protection limited?
>>>
c) Distinguish between link security and end-to-end security.
>>>
d) What does the Wi-Fi Alliance call 802.11i?
>>>
e) When offered the choice when you are configuring a wireless access point, which WLAN security standard should you choose?
>>>
b) For what use scenario was 802.11i’s 802.1X initial authentication mode created?
>>>
c) Does the choice of initial authentication mode change how later phases of 802.11i work?
>>>
4. a) For what use scenario was 802.11i PSK initial authentication mode created?
>>>
b) What must a user know to authenticate his or her device to the access point?
>>>
c) In what ways is the pairwise session key the user receives after authentication different from the PSK?
>>>
d) What three operational security threats must PSK users consider?
>>>
e) Why is this risk probably acceptable for the PSK use scenario? (The answer is not in the text.)
>>>
f) How long must passphrases be to generate strong pre-shared keys?
>>>
5. a) Contrast the use scenarios for initial authentication in PSK mode and 802.1X mode.
>>>
b) Which initial authentication mode or modes of 802.11i authentication use(s) a central authentication server?
>>>
c) What does the Wi-Fi Alliance call this 802.11i initial authentication mode?
>>>
d) In 802.1X operation, what device acts as the authenticator in Wi-Fi? In 802.1X mode, which is the verifier?
>>>
Beyond 802.11i Security
7. a) Who creates a rogue access point?
>>>
b) Why can they defeat 802.11i security?
>>>
8. a) What kind of physical device is an evil twin access point?
>>>
b) What does the evil twin do after initial association when the victim client transmits?
>>>
c) Distinguish between evil twin access points and rogue access points. (The answer is not explicitly in the text.)
>>>
d) How are VPNs able to defeat evil twin attacks? Explain in detail.
>>>
e) How can you tell if your client computer has succumbed to an evil twin attack?
>>>
802.11 Wi-Fi Wireless LAN Management
9. a) Describe the process by which access point locations are determined.
>>>
b) When must firms do site surveys to give users good service?
>>>
10. a) How might a security administrator use SNMP Get commands to access points?
>>>
b) How does centralized management provide for the detection of rogue access points?
>>>
Peer-to-Peer Protocols for The Internet of Things (IoT)
13. a) Why is low speed and short distance usually good in the Internet of Things?
>>>
b) Is there a single dominant IoT communication standard?
>>>
Security in the Internet of Things
21. a) Why is a short transmission range not a protection against eavesdroppers?
>>>
b) Describe the state of cryptographic security for new transmission standards.
>>>
c) Why is device theft or loss a serious risk?
>>>