|
Question 1.
Given: ITCertKeys.com wants to implement a secure VoWLAN system that is compliant with the 802.11i standard and has the fastest roaming capability available.
What WLAN system type is best suited for ITCertKeys.com?
A. Wireless VoIP routers
B. WLAN mesh routers
C. WLAN switches with lightweight access points
D. Autonomous (thick) access points
Answer: C
Question 2.
When using a Wireless Network Management System (WNMS), how are rogue access points discovered?
A. Access points report all BSSID values they can hear to the WNMS via SNMP.
The BSSID values are compared against an authorized access point list.
B. Authorized access points detect unauthorized RF fluctuations on channels where rogue
access points are deployed. These fluctuations are reported via SNMP to the WNMS.
C. An open source finder tool is deployed by all WNMS vendors. This tool probes the RF
channels for rogue access points and reports to the WNMS.
D. Dedicated sensor access points are deployed throughout the coverage area.
E. Proprietary detection protocols run on the 802.11a/g access points and report all discovered
access points to the WNMS analytics engine.
Answer: A
Question 3.
RFC 3748 specifies that the EAP-response/identity frame must comply with what criteria?
A. The EAP-response/identity frame must contain the user identity.
B. When TLS-tunneling mode is active, the EAP-response frame must have a blank user identity.
C. The EAP-response/identity frame must not contain a null identity value.
D. The user identity value must be hashed prior to insertion into the EAP-response identity frame.
Answer: C
Question 4.
Given: A small company is implementing a single WLAN switch/controller with 6 lightweight (thin) access points that can authenticate users directly against a Kerberos-based authentication database. The company does not have a RADIUS server.
What device generates new encryption keys as wireless client devices roam between access points?
A. Client device
B. WLAN switch/controller
C. Kerberos server
D. Ethernet switch
E. Lightweight access points
Answer: B
Question 5.
Given: The illustration shows the 802.11i amendment's STAKey handshake.
When is this handshake used?
A. When a supplicant wishes to receive WMM information from an authenticator
B. When two wireless client stations wish to establish a WDS
C. When a wireless client station wants to roam to a peer station
D. When two client stations want to communicate directly while associated to an AP
E. When a wireless client station wants to establish a VPN tunnel to a peer station
Answer: D
Question 6.
Given: ITCertKeys.com is an Internet Service Provider with thousands of customers. It uses an LDAP server as the central user credential database.
How can ITCertKeys.com use their existing user database for wireless user authentication as they implement a large-scale WPA2-Enterprise WLAN security solution?
A. Import all users from the LDAP server into the RADIUS server with an LDAP-to-RADIUS
conversion tool.
B. Implement an x.509 compliant Certificate Authority and enable SSL queries on the LDAP
server.
C. Install a TACACS+ server, configure an ODBC connection between the TACACS+ and LDAP
servers, and have the TACACS+ server query the LDAP server.
D. Implement a RADIUS server and proxy user authentication requests to the LDAP server.
Answer: D
Question 7.
Given: A wireless network has recently been subjected to numerous Layer 1 and Layer 2 Denial of Service (DoS) attacks.
What security solution can detect and report when and where a DoS attack is occurring?
A. Wireless IPS
B. WLAN positioning system
C. Distributed spectrum analyzers
D. WPA2-Enterprise
E. Wireless LAN discovery tools with GPS
Answer: A
Question 8.
When using a VPN-enabled router as a WLAN segmentation device, what are the performance-limiting factors?
A. Each VPN tunnel must have one x.509 certificate
B. Encrypted throughput of the VPN router
C. 802.11e QoS frame tagging support
D. The maximum number of tunnel terminations supported by the VPN router
E. No support for private (non-routable) IP addresses inside VPN tunnels
Answer: B, D
Question 9.
Given: The ITCertKeys.com 802.11g WLAN has worked perfectly for the last 6 months. One morning, none of the company's 10 users can connect to the company's only access point. When the administrator logs into the access point, there are hundreds of users associated using Open System authentication.
What is the problem?
A. The AP has been the victim of an RF DoS attack.
B. The AP has experienced an AP spoofing attack from a rogue AP.
C. The AP firmware has been corrupted and is erroneously reporting the number of users.
D. The AP has experienced an association flood attack.
Answer: D
Question 10.
Given: You have a laptop computer and a Wi-Fi compliant PC card. What statements describe the limited effectiveness of locating rogue access points using WLAN discovery software such as Nets tumbler or Kismet?
A. Discovery tools like Nets tumbler and Kismet cannot determine the authorization status of an
access point.
B. A laptop computer can only be in one location at a time, even in large enterprise environments.
C. When WEP, WPA, or WPA2 are in use, access points cannot be detected using discovery
tools like Nets tumbler and Kismet.
D. Rogue access points using non-Wi-Fi frequency bands or unpopular modulations are not
detected.
E. Discovery tools like Nets tumbler and Kismet cannot determine if an access point is attached
to a wired network.
Answer: A, B, D, E
Question 11.
How does a wireless network management system (WNMS) discover WLAN usernames?
A. The WNMS finds the MAC address of the wireless client device in the authentication database
and parses the username from the entry.
B. The WNMS polls access points using SNMP.
C. The client device sends the username to the WNMS on port 113 (ident service) after
successful authentication.
D. The RADIUS server sends the username to the WNMS after the wireless device successfully
authenticates.
E. The WNMS captures the username by sniffing the wireless network during the authentication
process.
Answer: B
Question 12.
In a WLAN environment, what is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism?
A. EAP-TTLS sends client credentials through an encrypted TLS tunnel to the server.
B. EAP-TTLS supports smart card clients.
C. EAP-TTLS is integrated into Microsoft Active Directory and Novell eDirectory.
D. EAP-TTLS allows clients to authenticate to the server using passwords.
E. EAP-TTLS uses proven standards-based technology, but EAP-TLS is still in draft format.
F. EAP-TTLS supports mutual authentication between supplicants and authentication servers.
Answer: D
Question 13.
Given: ITCertKeys has just completed the installation of a WLAN switch/controller with 10 lightweight (thin) access points. All VLANs use one RADIUS server. The VLANs are configured as follows:
VLAN red (5 access points) - SSID red - Lightweight EAP (LEAP) authentication -
CCMP cipher suite
VLAN blue (5 access points) - SSID blue - EAP-TTLS authentication - CCMP cipher suite
Jack's computer can successfully authenticate and browse the Internet when using the red
VLAN. Jack's computer cannot authenticate when using the blue VLAN.
What is the most likely cause of the problem?
A. The blue VLAN does not support certificate-based authentication traffic.
B. The CCMP cipher suite is not a valid option for EAP-TTLS authentication.
C. The clock on Jack's computer pre-dates the RADIUS server's certificate creation date/time.
D. Jack does not have a valid Kerberos ID on the blue VLAN.
E. The WIPS has been configured to perform a DoS attack on blue VLAN RADIUS packets.
F. The Lightweight Access Point Protocol (LWAPP) does not support EAP-TTLS authentication
over lightweight access points.
Answer: C
Question 14.
Given: ABC University has an Information Technology (IT) building where the Active Directory server is located. They are installing a small WLAN switch and a small RADIUS server in each of 20 campus buildings. WLAN encryption keys are generated by the RADIUS servers. Each RADIUS server will proxy user authentication to the Active Directory server in the IT building.
What AAA model is described?
A. Single site deployment
B. Distributed autonomous sites
C. Distributed sites, centralized authentication and security
D. Distributed sites and security, centralized authentication
Answer: D
Question 15.
Role-Based Access Control (RBAC) allows a WLAN administrator to perform what network function?
A. Provide wireless network access to users through specific access points, based on their
802.11e priority level.
B. Allow access to specific files and applications based on the user's IP subnet.
C. Allow specific user groups more bandwidth than others.
D. Allow simultaneous support of multiple EAP types on a single access point.
Answer: C
Question 16.
What security hole results from a lack of staging and installation procedures for WLAN infrastructure equipment?
A. MAC address filters with mismatched OUIs on access points
B. Default QoS priority settings
C. Incorrect RADIUS IP address configuration on WLAN switches
D. Default usernames and passwords on access points
Answer: D
Question 17.
Given: ITCertKeys.com is deploying an 802.11i-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection.
What security solution feature meets this policy requirement?
A. Mutual Authentication
B. Encrypted Pass phrase
C. Message Integrity Check (MIC)
D. 4-Way Handshake
E. Integrity Check Value (ICV)
Answer: D
Question 18.
Given: ITCertKeys.com currently utilizes a Public Key Infrastructure (PKI) to allow employees to securely access network resources using smart cards. The wireless segment of the network uses WPA-Enterprise as its primary security solution. You have been hired to recommend a Wi-Fi Alliance-approved EAP method.
What solutions will require the least change in how users are currently authenticated and still integrate with their existing PKI?
A. EAP-FAST
B. EAP-TLS
C. PEAPv1/EAP-GTC
D. LEAP
E. PEAPv0/EAP-MSCHAPv2
Answer: B, C
Question 19.
Given: ITCertKeys.com has recently installed a WLAN switch and RADIUS server and needs to move authenticated wireless users from various departments onto their designated network segments.
How should this be accomplished?
A. The RADIUS server coordinates with an authenticated DHCP server.
B. Manually map each wireless user's MAC address to a VLAN number in the Ethernet switch.
C. Implement multiple 802.1Q VLANs in both the WLAN and Ethernet switches.
D. RADIUS will send a return list attribute with the GRE tunnel number to the WLAN switch.
E. The WLAN user must contact the network administrator at step 4 of the 802.1X/EAP
authentication process to receive a network number.
Answer: C
Question 20.
Given: ITCertKeys.com has recently installed a WLAN switch/controller solution that uses WPA2-Enterprise security. They have configured a security profile on the WLAN switch for each group within the company (Marketing, Sales, and Engineering).
How are authenticated users assigned to groups to receive the correct security profile?
A. The WLAN switch retrieves a complete list of authenticated users and groups from a
RADIUS server during each user authentication.
B. The RADIUS server sends a group name return list attribute to the WLAN switch
during every user authentication.
C. The RADIUS server forwards the request for a group attribute to an LDAP database
service, and LDAP sends the group attribute to the WLAN switch.
D. The RADIUS server sends the list of authenticated users and groups to the WLAN
switch prior to any user authentication.
Answer: B
Question 21.
For WIPS to describe the location of a rogue WLAN device, what requirement must be part of the WIPS installation?
A. The predictive site survey results must be imported into the WIPS.
B. A GPS system must be installed including the coordinates of the building's corners.
C. All authorized AP radios must be placed in RF monitor mode so that the WIPS knows where
the authorized APs are in relation to the WIPS sensors.
D. A graphical floor plan diagram must be imported into the WIPS.
Answer: D
Question 22.
Given: You manage a wireless network that services 100 wireless users. Your facility requires 7 access points, and you have installed an 802.11i-compliant implementation of 802.1X/LEAP (CKIP) as an authentication and encryption solution.
In this configuration, the wireless network is susceptible to what type of attack?
A. Man-in-the-middle
B. Password dictionary
C. Layer 3 peer-to-peer
D. WEP cracking
E. Session hijacking
F. Eavesdropping
Answer: B
Question 23.
Given: A strong security policy is the first step in securing an 802.11 WLAN. What are the appropriate sections for a WLAN security policy?
A. Off-site data backups
B. Acceptable use and abuse of the network
C. Periodic security audits
D. Attack classification
E. Application performance standards
Answer: B, C
Question 24.
Given: ITCertKeys.com employs 20 data entry clerks that use an unencrypted wireless LAN to access the main network. An intruder is using a laptop running a software access point in an attempt to hijack the wireless users.
How can the intruder cause all of these clients to establish Layer 2 connectivity with the software access point?
A. WLAN clients can be forced to re-associate if the intruder laptop uses a WLAN card capable of
emitting at least 5 times more power than the authorized access point.
B. A higher SSID value programmed into the intruder software access point will take priority over
the SSID in the authorized access point, causing the clients to re-associate.
C. When the signal between the clients and the authorized access point is temporarily disrupted
and the intruder software access point is using the same SSID on a different channel than the
authorized access point, the clients will re-associate to the software access point.
D. When the signal between the clients and the authorized access point is permanently disrupted
and the intruder software access point is using the same SSID and the same channel as the
authorized access point, the clients will re-associate to the software access point.
Answer: C
Question 25.
Given: A network security auditor is assessing a wireless network's exposure to security holes.
What task would save the most time if performed before the audit?
A. Identify the IP subnet information for each network segment.
B. Identify the wireless security solutions currently in use.
C. Identify the skill level of the wireless network security administrator(s).
D. Identify the manufacturer of the wireless infrastructure hardware.
E. Identify security holes in the wireless security policy.
Answer: B
Question 26.
What elements should be addressed by a WLAN security policy?
A. Enabling encryption to prevent SSIDs from being sent in clear text
B. Use of rotating encryption key mechanisms as defined in the 802.11 standard
C. End user training on security solutions
D. Verification that all wireless infrastructure devices are attached to the network core
E. Social engineering mitigation techniques
F. Security policy details should only be known by IT staff to prevent abuse
Answer: C, E
Question 27.
Given: ITCertKeys uses a coffee shop's Internet hotspot to transfer funds between his checking and savings accounts at his bank's website. The bank website uses the HTTPS protocol to protect sensitive account information. A hacker was able to obtain Jack bank account user ID and password and transfer all of Jack money to another account.
How did the hacker obtain Jack bank account user ID and password?
A. Jack's bank is using an expired x.509 certificate on their web server. The certificate is on
Jack's Certificate Revocation List (CRL), causing the user ID and password to be sent
unencrypted.
B. Jack uses the same username and password for banking that he does for email. Jack used a
POP3 email client at the wireless hotspot to check his email, and the user ID and password
were not encrypted.
C. Jack uses the same username and password for banking that he does for his IPSec VPN
software. Jack accessed her corporate network with his IPSec VPN software at the wireless
hotspot. An IPSec VPN only encrypts data. The user ID and password are sent in clear text.
D. The bank web server is using an x.509 certificate that is not signed by a root CA and is also
using an expired public key, causing the user ID and password to be sent unencrypted.
Answer: B
Question 28.
Given: ITCertKeys.com is designing a security solution for their new wireless network. Some client device applications use Layer 3 protocols other than IP. A consultant has recommended VPN technology as part of the wireless solution, but ABC does not know which VPN protocol should be used.
What VPN protocol is appropriate?
A. IPSec
B. EAP-TTLS
C. Kerberos
D. PPTP
E. SSH2
F. WPA
Answer: D
Question 29.
Exhibit:
What type of WLAN system is illustrated?
A. Wireless Intrusion Prevention System
B. Wireless Network Management System
C. Wireless Switch Configuration GUI
D. Enterprise Encryption Gateway
E. EAP-enabled RADIUS Server
Answer: B
Question 30.
When a rogue access point is discovered on a network, what should be the immediate response of the network administrative staff?
A. Immediately dispose of the rogue access point and notify management.
B. Shut down the entire network until an investigation can be completed and the logs reviewed.
C. Call the police and lock everyone inside the facility.
D. Make a list of everyone who was near the access point at the time of its discovery.
E. Detach the access point from the wired network and follow the organization response policy.
F. Inform the security guard staff to begin parking lot patrols immediately.
Answer: E
|
Question 1. Which files should be acquired from a Windows 2003 Server system crash with a Dr. Watson error? A. drwtsn32.log B. vmcore.log C. core.log D. memory.log E. info.log Answer: A Question 2. VPN debugging information is written to which of the following files? A. FWDIR/log/ahttpd.elg B. FWDIR/log/fw.elg C. $FWDIR/log/ike.elg D. FWDIR/log/authd.elg E. FWDIR/log/vpn.elg Answer: C Question 3. fw monitor packets are collected from the kernel in a buffer. What happens if the buffer becomes full? A. The information in the buffer is saved and packet capture continues, with new data stored in the buffer. B. Older packet information is dropped as new packet information is added. C. Packet capture stops. D. All packets in it are deleted, and the buffer begins filling from the beginning. Answer: D Question 4. Which file provides the data for the host_table output, and is responsible for keeping a record of all internal IPs passing through the internal interfaces of a restricted hosts licensed Security Gateway? A. hosts.h B. external.if C. hosts D. fwd.h E. fwconn.h Answer: D Question 5. You modified the *def file on your Security Gateway, but the changes were not applied. Why? A. There is more than one *.def file on the Gateway. B. You did not have the proper authority. C. *.def files must be modified on the SmartCenter Server. D. The *.def file on the Gateway is read-only. Answer: C Question 6. Assume you have a rule allowing HTTP traffic, on port 80, to a specific Web server in a Demilitarized Zone (DMZ). If an external host port scans the Web server's IP address, what information will be revealed? A. Nothing; the NGX Security Server automatically block all port scans. B. All ports are open on the Security Server. C. All ports are open on the Web server. D. The Web server's file structure is revealed. E. Port 80 is open on the Web server. Answer: E Question 7. Which of the following types of information should an Administrator use tcpdump to view? A. DECnet traffic analysis B. VLAN trunking analysis C. NAT traffic analysis D. Packet-header analysis E. AppleTalk traffic analysis Answer: D Question 8. Which statement is true for route based VPNs? A. IP Pool NAT must be configured on each gateway B. Route-based VPNs replace domain-based VPNs C. Route-based VPNs are a form of partial overlap VPN Domain D. Packets are encrypted or decrypted automatically E. Dynamic-routing protocols are not required Answer: E Question 9. The list below provides all the actions Check Point recommends to troubleshoot a problem with an NGX product. A. List Possible Causes B. Identify the Problem C. Collect Related Information D. Consult Various Reference Sources E. Test Causes Individually and Logically Select the answer that shows the order of the recommended actions that make up Check Point's troubleshooting guidelines? A. B, C, A, E, D B. A, E, B, D, C C. A, B, C, D, E D. B, A, D, E, C E. D, B, A, C, E Answer: A Question 10. NGX Wire Mode allows: A. Peer gateways to establish a VPN connection automatically from predefined preshared secrets. B. Administrators to verify that each VPN-1 SecureClient is properly configured, before allowing it access to the protected domain. C. Peer gateways to fail over existing VPN traffic, by avoiding Stateful Inspection. D. Administrators to monitor VPN traffic for troubleshooting purposes. E. Administrators to limit the number of simultaneous VPN connections, to reduce the traffic load passing through a Security Gateway. Answer: C
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.