CCNA3 Exploration Chapter 7. Study questions. Answers
7.1
What are the advantages of wireless networks over cabled networks?
People can stay in contact with their work while they are travelling. People can
move within a building without cables having to be moved. A business can
move into a new building that does not have network cabling, and it is not
necessary to run cables to each workstation, which saves on cost, though
some cabling will still be needed.
Over what range of distance would Bluetooth technology be used?
Short range, for example between a peripheral device and a PC.
Over what range of distance would the 802.11 standard be used?
Medium, in LANs (on one site) and MANs (on sites within the same town/city).
At which OSI layers is the difference between cabled and wireless networks
important?
Layers 1 and 2 (physical and data link).
What potential problems of a wireless LAN are not significant on a cabled
LAN?
Interference, and the ability of anyone to receive a transmission if they have a
receiver within range. Wireless is also subject to regulation which may vary
from country to country,
Does the 802.11 standard use CSMA/CD?
No. It uses collision avoidance rather than collision detection and recovery.
How could a wireless-enabled laptop make a connection to a wired Ethernet
network?
It can connect through a wireless access point (AP) that is attached to the
network by a cable.
What were the advantages and disadvantages of using the 802.11b standard
rather than the 802.11a standard?
802.11b was cheaper, it was less easily obstructed by walls etc, and it could
have a longer range. On the other hand, it was slower, maximum rate 11
Mbps as opposed to 54 Mbps. It used the 2.4 GHz band rather then the 5
GHz band, which led to more interference as many appliances use the 2.4
GHz band.
SW
3/7/2016
106745997
1
How does the current 802.11g standard compare with 802.11a and 802.11b?
It uses the 2.4 GHz band like 802.11b. It is compatible with either of the earlier
standards because it can use DSSS modulation like 802.11b with speeds up
to 11 Mbps, or it can use OFDM modulation like 802.11a with speeds up to 54
Mbps. It has a similar range to the earlier standards.
How is the planned 802.11n standard expected to provide higher data rates?
It will use MIMO (multiple input/multiple output) technology. A high rate data
stream will be split into two or more lower data rate streams. These streams
will be sent at the same time using multiple antennae.
Why is WiFi certification important?
The IEEE standards cover modulation methods but not manufacture.
Manufacturers could interpret the standards differently so that devices would
not be compatible. The WiFi alliance is an association of vendors. They certify
that vendors are keeping to industry norms and standards so that their
devices should work with devices from other vendors.
How can a desktop PC be enabled to connect to a wireless access point?
It can have a wireless NIC installed as an expansion card, or it can have a
removable USB device.
How can RTS/CTS help with the hidden node problem?
Wireless is a shared medium and therefore subject to collisions. Stations
sense transmissions and wait until the medium is clear before sending. The
hidden node problem occurs when stations are unable to sense each other
and so may transmit at the same time. RTS/CTS is a system where stations
request the use of the medium, and the access point allocates time to them.
Other stations have to wait before sending their own requests.
What three roles are commonly combined in a wireless router?
Router, Ethernet switch and wireless access point
What is the purpose of the shared service set identifier (SSID)?
It identifies the wireless network.
The 2.4 GHz band is split into 13 channels for Europe. How far apart are the
central points of these channels, and how wide are the channels?
The channels have a centre frequency separation of 5 MHz. Each channel
occupies 22 MHz of bandwidth so that they overlap.
SW
3/7/2016
106745997
2
How can you ensure that adjacent access points use channels that do not
overlap?
Choose channels that are 5 channels apart, e.g. channels 1 and 6.
What is an ad-hoc topology?
Wireless enabled devices do not have an access point. They connect directly
to each other and negotiate the wireless parameters with each other. An ad
hoc network is also known as an independent basic service set (IBSS).
What is a basic service area (BSA)?
The area covered by a basic service set (BSS).
What is an Extended service set topology?
A topology with more than one access point.
When planning a wireless LAN, you will need to draw coverage circles on a
floor plan, but what other factors should you take into account when locating
access points?
Place the access point above obstructions and not near to metal obstructions.
Place the access point vertically and high up, perhaps near the ceiling.
Place access points in locations where users will be making use of them.
7.2
What are the three major categories of security threat to a wireless LAN?
War drivers who look for an unsecured network that will provide Internet
access.
Hackers (Crackers) who enter systems to steal data or cause harm. They can
often get past weak security.
Employees may install rogue access points without permission and without
implementing the necessary security.
What is the problem of having wireless devices with default settings ready to
be used?
The default settings are known. If the defaults are not changed then anyone
can break into the system.
A NIC on a shared medium will receive all transmissions but discard those
that are not addressed to it. What would a “man in the middle” attacker do to
make a wireless laptop accept transmissions addressed to another client?
Use special software to adapt the NIC of the laptop so that it accepts all
transmissions. The NIC then acts like an access point.
SW
3/7/2016
106745997
3
How can denial of service attacks be carried out on a wireless network?
Use common devices to create interference. (cordless phone, microwave,
baby monitor)
Flood the network with clear-to-send (CTS) messages. Clients then send
simultaneously and cause a constant stream of collisions.
Send a series of disassociate commands so that clients repeatedly disconnect
then try to reassociate.
What authentication was included with the original 802.11 standard and why
was this unsatisfactory?
Open authentication provided no security at all. The client requested
authentication and the access point provided it without making any checks.
WEP authentication was designed to provide some privacy by using shared
key encryption. This method was too weak because the encryption algorithm
could be cracked. Also, the 32 bit keys had to be entered by hand and this led
to errors.
What authentication standard should be used now?
802.11i should be used. The Wi-Fi Alliance WPA2 standard is an
implementation of 802.11i.
What is 802.1x ?
A standard specifying authentication protocols such as EAP (extensible
authentication protocol.)
Interim security measures included MAC filtering and turning off SSID
broadcasts. Why are these not considered to be adequate security measures/
It is easy for attackers to get round MAC address filtering by using software to
modify MAC addresses attached to adapters. SSIDs can be discovered by
using a packet sniffer to monitor traffic.
What is an AAA server and what protocol does it run?
An Authentication, Authorization, and Accounting server. It stores
authentication information. It runs a RADIUS protocol. (Remote Authentication
Dial In User Service)
What two enterprise-level encryption mechanisms specified by 802.11i are
certified by the WiFi Alliance, and which of them is preferred?
Temporal Key Integrity Protocol (TKIP) is the method certified as WPA and
Advanced Encryption Standard (AES)is certified as WPA2. AES is preferred.
TKIP can be used on legacy equipment.
SW
3/7/2016
106745997
4
While configuring a wireless access point, you see a reference to PSK2.
Which encryption method does this refer to?
If neither TKIP nor AES is mentioned then WPA2 is used (AES). If PSK2 with
TKIP is specified then WPA is used.
How can you add depth to your security system on a wireless network?
You should configure WLAN security, preferably WPA2.
Then add extra safeguards that are not sufficient in themselves:
Disable SSID broadcasts from access points. (SSID cloaking).
Set up a manual table of allowed client MAC addresses on the access point.
(MAC address filtering)
Try to restrict access to the network to within or near a building if possible, by
giving access points near the outer walls a lower power setting than access
points in the middle of the building.
7.3
What should you do before starting to install a wireless access point?
Check the wired portion of the network, including Internet access and DHCP
operation.
What should you do before configuring security on a wireless access point?
Check that at least one wireless host is able to make contact with the access
point without security, that it can obtain an IP address and that it can ping the
local router.
What type of interface do wireless access points commonly offer for
configuration?
Web based interface.
When configuring the access point, which mode should you choose if you
have both wireless-G and wireless-N devices?
Mixed.
What should you remember when choosing the SSID?
It is case sensitive. It can have up to 32 characters. All the devices in the
wireless network must use the same SSID. It should be changed from the
default for security.
What radio band should you choose if your have only Wireless-G and
Wireless-B clients?
Standard - 20MHz Channel.
SW
3/7/2016
106745997
5
What radio band should you choose if your have only Wireless-N clients?
Wide - 40MHz Channel.
What radio band should you choose if your have Wireless-G, Wireless-B and
Wireless-N clients?
Keep the default Auto.
Which is the preferred security option?
PSK2 (Same as WPA2 or IEEE 802.11i).
Why are other, less good, security modes offered?
Older client devices may not have the best security option available. All
devices must use the same security option.
Which is the stronger encryption algorithm – TKIP or AES?
AES.
What parameters might you need to set on the wireless host?
The SSID, the authentication method, the encryption method and the network
key.
Which OSI layer is the recommended starting point for troubleshooting?
Layer 1, the physical layer.
If a client is having problems connecting to a wireless network, which device
should be investigated first?
The client itself.
SW
3/7/2016
106745997
6