1. Which three options correctly associate a layer of the hierarchical design model with its function? (Choose three.)
a) Core - interface for end devices
b) Distribution - traffic control and security policies
c) Access - interface for end devices
d) Distribution - high-speed backbone
e) Core - high speed backbone
f) Access - implementation of security policies
2. With respect to network design, what is convergence?
a) Implementation of standard equipment sets for LAN design
b) Implementation of a core-distribution-access design model for all sites in an enterprise
c) A point in the network where all traffic "converges" before transmission to the destination, normally the core switch
d) Combining conventional data with voice and video on a common network
3. Which three options are potential benefits of a converged network? (Choose three.)
a) Simplified data network configuration
b) Combines voice and data network staffs
c) Combines voice, video and applications in one computer
d) Simpler maintenance than hierarchical networks
e) Simplified network changes
f) Lower quality of service configuration requirements
4. What factor may complicate user community analysis?
a) Application changes may radically affect predicted data growth.
b) Server-to-server traffic may skew user port usage data.
c) Application usage is not always bound by department or physical location
d) Different organizations may share data stores
5. Which two of the following pairings are accurate? (Choose two.)
a) Port density - capability to use multiple switch ports concurrently for higher throughput data communication
b) Forwarding rates - processing capabilities of a switch by quantifying performance of the switch by how much data it can process per second
c) Link aggregation - number of ports available on a single switch
d) Wire speed - data rate that each port on the switch is capable of attaining
6. What would be the port capacity of a single port on a 48-port Gigabit Ethernet switch?
a) 48 Gbps
b) 10 Mbps
c) 1000 Mbps
d) 100 Mbps
7) A switch that use MAC addresses to forward frames operates at which layer of the OSI model?
a) Layer 1
b) Layer 2
c) Layer 3
d) Layer 4
8) Which three features are associated with the core layer of the hierarchical network model? (Choose three.)
a) Port security
b) Layer 3 support
c) Redundant components
d) VLANs
e) 10 Gigabit Ethernet
f) PoE
9) List and describe the three layers of the hierarchical network model.
Core - High-speed backbone to interconnect distribution layer devices & inter network
Distribution - Aggregates the data received from the access layer switches before it is transmitted to the core layer for routing to final destination. Flow control, VLANs, Sub-netting and security are implemented in this layer.
Access - Interface with the end devices, such as PCs, Printers and IP phone, to provide access to the rest of the network.
10. What are the considerations for choosing switches for a network?
- Carry out Traffic Flow analysis using software to monitor amount & source of traffic. Allow for Growth
- Carry out User communities Analysis. Group by job function. How many ports? how much bandwidth? allow for growth.
- Carry out Data Stores & Data Servers analysis. Traffic to from between.
11.
Refer to the diagram above. What action does SW1 take on a frame sent from PC_A to PC_C if the MAC address table of SW1 is empty?
a) SW1 drop the frame.
b) SW1 floods the frame on all ports on SW1, except port Fa0/1.
c) SW1 floods the frame on all ports on the switch , except Fa0/23 and Fa0/1.
d) SW1 uses another protocol to synchronize the MAC tables on both switches and then forwards the frame to all ports on SW2.
12. When a switch receives a frame and the source MAC address is not found in the switching table, what action will be taken by the switch to process the incoming frame?
a) The switch will request that the sending node resend the frame.
b) The switch will issue an ARP request to confirm that the source exists.
c) The switch will map the source MAC address to the port on which it was received.
d) The switch sends an acknowledgement frame to the source MAC of this incoming frame.
13. Which term describe the time delay between a frame being sent from a source device and received on a destination device?
a) Bandwidth
b) Latency
c) Attenuation
d) Time-to-live
e) Frame check sequence
14.
Refer to the diagram above. The switch and workstation are administratively configured for full- duplex operation. Which statement accurately reflects the operation of this link?
a) No collisions will occur on this link.
b) Only one of the devices can transmit at a time.
c) The switch will have priority for transmitting data.
d) The devices will default back to half duplex if excessive collisions occur.
15. What is the name of the table that a switch will refer to when forwarding frames to PCs connected to its ports?
a) Routing Table
b) Switching Table
c) MAC address table
d) PC table
16. Destination MAC address for broadcast is :
a) 00:00:00:00:00:00
b) 11:11:11:11:11:11
c) FF:FF:FF:FF:FF:FF
d) 255.255.255.255
17. Which is the device that can separate broadcast domain?
a) hub
b) Bridge
c) Switch
d) Router
18. "Segmenting a LAN will create more collision domains." This statement is:
a) True
b) False
19. Briefly describe two methods that a switch can use to forward frames
Store and forward
- Read whole frame into buffer
- Discard any frames that are too short/long
- Perform cyclic redundancy check (CRC) and discard any frames with errors
- Find correct port and forward frame.
- Allow Qos checks
- Allows entry and exit at different bandwidth
- Read start of frame as it comes in, as far as end of destination MAC address (first 6 bytes after start delimiter)
- Look up port and start forwarding while remainder of frame is still coming in.
- No checks or discarding of bad frames
- Entry and exit must be same bandwidth
- lowest latency
Cut Through - Fragment Free
- Read start of frame as it comes in, as far as end of byte 64
- Look up Port and start forwarding while remainder of frame (if any) is still coming in.
- Discards collision fragments (too short) but other bad frames are forwarded
- Entry and exit must be same bandwidth
- Compromise between low latency and check
20. What is the difference between symmetric and asymmetric switching?
Symmetric - all ports operate at same bandwidth .
Asymmetric - consist of ports of different bandwidths used , e.g. server or up link has greater bandwidth.
21. Write the instructions that can configure a switch with IP address 200.1.2.3
S1(config)# int vlan 1 (or another VLAN)
S1(config)# ip address 200.1.2.3 255.255.255.0
S1(config)# no shutdown
S1(config)# exit
Port Security
Tutorial 2 VLAN Design and inter-VLAN Routing
1.How far is a broadcast frame that is sent by computer A propagated in the LAN domain?
a) none of the computer will receive the domain?
b) computer A, computer B, computer C
c) computer A, computer D, computer G
d) computer B, computer C
e) computer D, computer G
f) computer A, computer B, computer C, computer D, computer E, computer F, computer G, computer H, computer I
2. What are two characteristics of VLAN 1 in a default switch configuration? (Choose two.)
a) VLAN1 should renamed.
b) VLAN 1 is the management VLAN
c) all switch ports are members of VLAN1.
d) Only switch port 0/1 is assigned to VLAN1.
e) Links between switches must be members of VLAN 1
3. Which two statements describe the benefits of VLANs? (Choose two.)
a) VLANs improve network performance by regulating flow control and window size.
b) VLANs enable switches to route packets to remote networks via VLAN ID filtering.
c) VLANs reduce network cost by reducing the number of physical ports required on switches.
d) VLANs improve network security by isolating users that have access to sensitive data and applications.
e) VLANs divide a network into smaller logical networks, resulting in lower susceptibility to broadcast storms
4. What statements describe how hosts on VLANs communicate?
a) Host on Different VLANs use VTP to negotiate a trunk.
b) Host on Different VLANs communicate through routers
c) Host on Different VLANs should be in the same IP network.
d) Host on Different VLANs examine VLAN ID in the frame tagging to determine if the frame for their network.
5. What mechanism is used to achieve the separation between different VLANs as they cross a trunk link?
a) VLAN tagging using 802.1Q protocol
b) VLAN tagging using 802.1P protocol
c) VLAN multiplexing
d) VLAN set as a native LAN
6. Which two statements are true regarding the use of sub-interfaces for inter-VLAN routing? (Choose two.)
a) sub-interfaces have no contention for bandwidth
b) more switch ports required than in traditional inter-VLAN routing
c) fewer router ports required than in traditional inter-VLAN routing
d) simpler Layer 3 troubleshooting than with traditional inter-VLAN routing
e) less complex physical connection than in traditional inter-VLAN routing
7. What is important to consider while configuring the subinterfaces of a router when implementing inter-VLAN routhing?
a) The physical interface must have an IP address configured.
b) The sub-interface numbers must match the VLAN ID number.
c) The no shutdown command must be given on each sub-interface.
d) The IP address of each sub-interface must be the default gateway address for each VLAN subnet.
8. Which two statements are true about the interface fa0/0.10 command? (Choose two.)
a) The command applies VLAN 10 to router interface fa0/0
b) The command is used in the configuration of router-on-a-stick inter-VLAN routing.
c) The command configures a subinterface.
d) The command configures interface fa0/0 as a trunk link.
e) Because the Ip address is applied to the physical interface, the command does not include an IP address.
9. Briefly describe the different types of VLANs.
Data Vlan
SW1(config)#int range fa0/1-4
SW1(config)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config)#int range fa0/5-8
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 20
SW1(config-if)#end
11. Write the instructions that will configure port 12 of a switch as a trunk port and
also a trunk for native VLAN 99.
SW1(config)#int fa0/12
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk native vlan 99
SW1(config-if)# end
12. Write the instructions that will configure a router interface as a trunk for VLAN 10 and VLAN 20. The subnet address for the VLANs are:
VLAN 10: 172.18.10.0
VLAN 20: 172.18.20.
Subnet mask : 255.255.255.0
R1(config-if)# interface f0/0
R1(config-if)# no shutdown
R1(config-if)# interface fa0/0.10
R1(config-subif)# encapsulation dot1q 10
R1(config-subif)# ip address 172.18.10.1 255.255.255.0
R1(config)# interface f0/0.20
R1(config-subif)# encapsulation dot1q 20
R1(config-subif)# ip address 172.18.20.1 255.255.255.0
Tutorial 3 VTP and STP
1. Which statement is true when VTP is configured on a switched network that incorporates VLANs?
a) VTP is only compatible with the 802.1Q standard.
b) VTP adds to complexity of managing a switched network.
c) VTP allows a switch to be configured to belong to more than one VTP domain
d) VTP dynamically communicates VLAN changes to all switches in the same VTP domain.
2. Which two statement describe VTP transparent mode operation? (Choose two.)
a) Transparent mode switches can create VLAN management information.
b) Transparent mode switches can add VLANs of local significance only.
c) Transparent mode switches pass any VLAN management information that they receive to other switches.
d) Transparent mode switches can adopt VLAN management changes that are received from other switches.
e) Transparent mode switches originate updates about the status of their VLANS and inform other switches about that status.
3. Which two statement are true about the implementation of VTP? (Choose two.)
a) Switches must be connected via trunks.
b) The VTP domain same is case sensitive.
c) Transparent mode switches cannot be configured with new VLANs.
d) The VTP password is mandatory and case sensitive.
e) Switches that use VTP must have the same switch name.
4. A network administrator is replacing a failed switch with a switch that was previously on the network. What precautionary step should the administrator take on the replacement switch to avoid incorrect VLAN information from propagating through the network?
a) Enable VTP pruning.
b) Change the VTP domain name.
c) Change the VTP mode to client.
d) Change all the interfaces on the switch to access ports.
5.
Refer to the exhibit. Switch1 is not participating in the VTP management process with the other switches that are shown in the exhibit. What are two possible explanations for this? (Choose two.)
a) Switch1 is in client mode.
b) Switch2 is in server mode.
c) Switch2 is in transparent mode.
d) Switch1 is in a different management domain.
e) Switch1 has end devices that are connected to the ports.
6. Which two statements are true about VTP pruning? (Choose two.)
a) Pruning is enabled by default.
b) Pruning can only be configured on VTP servers.
c) Pruning must be configured on all VTP servers in the domain.
d) VLANs on VTP client-mode switches will not be pruned.
e) Pruning will prevent unnecessary flooding of broadcasts across trunks.
7. What dose a client mode switch in a VTP management domain do when it receives a summary advertisement with a revision number higher than its current revision number?
a) It suspends forwarding until a subset advertisement update arrives.
b) It issues an advertisement request for new VLAN information.
c) It increments the revision number and forwards it to other switches.
d) It deletes the VLANs not included in the summary advertisement.
e) It issues summary advertisements to advise other switches of status changes.
8. What causes a VTP configured switch to issue a summary advertisement?
a) A five-minute update timer has elapsed.
b) A port on the switch has been shutdown.
c) The switch is changed to the transparent mode.
d) A new host has been attached to a switch in the management domain.
9. The spanning-tree protocol allows which of the following ?
a) Routers to communicate with other routers
b) Switches to communicate with other switches
c) More switches to be connected for expanding the network
d) Redundant network paths without suffering the effects of loops in the network
10.
Refer to the exhibit. Server sends an ARP request for MAC address of its default gateway. If STP is not enable, what will be the result of this ARP request?
a) Router_1 will drop the broadcast and reply with the MAC address of the next hop router.
b) Switch_A will reply with the MAC address of the Router_1 E0 interface.
c) Switch_A and Switch_B will continuously flood the message onto the network.
d) The message will cycle around the network until its TTL is exceeded.
11. What is the first step in the process of convergence in a spanning tree topology?
a) election of the root bridge
b) blocking of the non-designated ports
c) selection of the designated trunk port
d) determination of the designated port for each segment
12. What two elements will exist in a converged network with one spanning tree? (Choose two.)
a) one root bridge per network
b) all non-designated ports forwarding
c) one root port per non-root bridge
d) multiple designated ports per segment
e) one designated port per network
13. Which two statements describe the BIDs used in a spanning tree topology? (Choose two.)
a) They are sent out by the root bridge only after the inferior BPDUs are sent.
b) They consist of a bridge priority and MAC address.
c) Only the root bridge will send out a BID
d) They are used by the switches in a spanning tree topology to elect the root bridge.
e) The switch with the fastest processor will have the lowest BID.
14. Which two statements are true about about the default operation of STP in a Layer 2 switched environment that has a redundant connections between switches? (Choose two.)
a) The root switch is the switch with the highest speed ports.
b) Decisions on which port to block when two ports have equal cost depend on the port priority and identity.
c) All trunking ports are designated and not blocked.
d) Root switches have all ports set as root ports.
e) Non-root switches each have only one root port.
15. Which two criteria does a switch use to select the root bridge? (Choose two.)
a) Bridge priority
b) switching speed
c) number of ports
d) base MAC address
e) switch location
16. How can a network administrator influence which STP switch becomes the root bridge?
a) Configure all the interfaces on the switch as the static root ports.
b) Change the BPDU to a lower value than that of the other switches in the network.
c) Assign a lower IP address to the switch than that of the other switches in the network
d) Set the switch priority to a smaller value than that of the other switches in the network.
Tutorial 4 - Introduction to WLAN and WLAN Devices
1. Which of the following statements best describe the phrase "last mile"?
a) The distance between two buildings in a point-to-point connection.
b) It refers to the communication infrastructure that exists between the central office of a telecommunication or cable company and the end users.
c) It refers to the term "line of sight:.
d) It is a terminology not used in wired network technology.
2. Which one of the following does a wireless LAN provide that a wired network does not?
a) Mobility
b) Centralized security
c) Reliability
d) VPN security
3. Which one of the following would not be an appropriate use of a wireless LAN?
a) Connecting two buildings together that are on opposite side of the street
b) Connecting two computers together in a small office so they can share a printer
c) Connecting a remote home to a WISP for internet access
d) Connecting two rack-mounted computers together
4. Why is a wireless LAN a good choice for extending a network? Choose all that apply.
a) Reduces the cost of cables required for installation
b) Can be installed faster than a wired network
c) Hardware is considerably less expensive than wired LAN hardware
d) Eliminates a significant portion of the labor charges for installation
5. Wireless ISPs Provide which one of the following services?
a) Small office/home office services
b) Connectivity for large enterprises
c) Last mile data delivery
d) Building-to-building connectivity
6. Wireless LANs are primarily deployed in which one of the following roles?
a) Backbone
b) Access
c) Application
d) Core
7. You need to connect two wired network together that currently share no network connectivity between them. Using only access points to connect the networks, what mode would the access points need to be placed in?
a) Root mode
b) Repeater mode
c) Bridging mode
8. When an access point connects to another access point wirelessly for the purpose of extending the wireless segments to client out of range of the access point connected to the wired segment, the access point not connected to the wired LAN segment is in ____ mode.
a) Root
b) Repeater
c) Bridge
9. Wireless bridges are used for which of the following functions? Choose all that apply.
a) Connecting mobile users to wired LAN
b) Point-to-multipoint configurations
c) Building-to-building connectivity
d) Wireless security
10. Why an access point is considered a portal?
a) An access point allows client connectivity form an 802.11 network to either 802.3 or 802.5 networks
b) An access point always connect users to the internet
c) An access point connects clients to one another
d) An access point is a gateway to another collision domain
11. Your friend owns a small business, and asks you what he could buy to provide low cost wireless internet access for his 5 salespeople in the office. Which one of the following devices would be an appropriate solution?
a) Access point
b) Wireless workgroup bridge
c) Enterprise wireless gateway
d) Wireless residential gateway
12. Which of the followings is not a WLAN client device?
a) Wireless access point
b) USB wireless adaptor
c) Wireless bridge
d) Wireless workgroup bridge
13. The enterprise wireless gateway is the most cost effective way to the provide connectivity to the internet in a SOHO environment.
a) True
b) False
14. Discuss briefly the uses of a wireless bridge.
A Wireless bridge is used to connect remote sites wirelessly to the main network. It is typically used in building-to-building connectivity (Diagram can be found on side #10 of chapter 8 Lecture)
15. What are the functions of a wireless workgroup bridge in a wireless network?
The workgroup bridge is a client device.
It is capable of aggregating multiple wired LAN users into one collective wireless LAN client.
In the AP association table, a WGB appears as a single device. (Diagram can be found on side #48 of chapter 8 Lecture)
16. List the three modes that an access point can communicate with other access points. Briefly discuss, with the aid of diagrams, the situations in which the three modes are used.
The three modes are root mode repeater mode and bridge mode.
-In root mode APs connect wireless client to the wired segment of the network
- In repeater mode, an AP is responsible for handing the requests from mobile units and repeating that data to another AP that is connected to the wired network
- In Bridge mode, AP serves as a bridge between two or more wired segment of a network
Tutorial 5 - WLAN Standards
1. The Federal Communications Commission (FCC) in the US sets the standards for wireless LANs.
a) True
b) False
2. Choose all that apply to the 802.11i draft.
a) It will provide an alternative to Wired Equivalent Privacy (WEP) with new encryption methods and authentication procedures.
b) It forms a key part of the IEEE 802.1x standard.
c) It specifies Advanced Encryption Standard (AES) and Temporal Key integrity Protocol (TKIP).
d) WIFI(TM) and WIFI5 (TM) certifications will support 802.11i.
3. The FCC specifies rules for wireless LANs regarding which of the following? Choose all that apply.
a) Power output
b) Frequencies
c) Modulation
d) Data rates
4. Which of the following is NOT one of the ISM bands used with wireless LANs? Choose all that apply.
a) 902 MHz
b) 2.4 MHz
c) 4.5 GHz
d) 5.8 GHz
5. What dose the Wi-Fi(TM) seal of approval indicate?
a) A vendor's hardware has a WECA chipset
b) A vendor's hardware has been proven inter-operable hardware
c) A wireless LAN meets the IEEE 802.11 standard
d) A wireless LAN meets FCC regulations
6. What does ISM stand for?
Industrial, Scientific, and Medical
7. What does UNII stand for?
Unlicensed National Information Infrastructure
8. Define the term EIRP.
Equivalent Isotropic-ally Radiated Power (EIRP) Measurement of Power radiated by the antenna
9. Which organisation defines the standards use in wireless computer networks?
IEEE
10. What are the data rates and frequency bands used by the following IEEE standards?
802.11a – 54Mbps 5GHz
802.11b – 11Mbps 2.4GHz
802.11g – 54 Mbps 2.4 GHz
11. What does the term MIMO stands for? Which wireless standard uses MIMO?
multiple input multiple output. IEEE 802.11n
12. Which IEEE standard supports wireless roaming and which standard defines QoS for multimedia applications?
Roaming - 802.11f ; multimedia - 802.11e
13. There are several technologies that compete with the 802.11 family of standards.
Bluetooth, Infra-red (IrDA), ESTI (HiperLAN)
Tutorial 6 - 802.11 Network Operation
1. Which of the following are functions of the beacon frame?
A. Load balancing all clients across multiple access points
B. Broadcasting the SSID so that clients can connect to the access point
C. Synchronizing the time between the access point and client
D. Allowing client authentication with the access point when using Shared key Authentication
2. What is Passive scanning used for in a wireless LAN?
A. Allows clients to authenticate with an access point
B. Allows clients to actively search for any access points within range
C. Reduces the time it takes clients to locate and associate to access points when Roaming
D. Helps determine which bridge the client will connect to
3. What does the acronym "SSID" stand for?
A. Security Set Identifier
B. Service Set information Directory
C. Service Set Identifier
D. Security Service Information Dependency
4. The process of authentication and association has how many distinct states?
A. 1
B. 2
C. 3
D. 4
E. 5
5. Why is Shared Key authentication considered a security risk?
A. The access point transmits the challenge text in the clear and receives the same challenge text encrypted with the WEP key
B. The keys are shared via broadcast with all network nodes
C. A hacker could see the keys with a sniffer
D. The WEP keys used on all computers are the same
6. In a basic service set, or BSS, the access point must operate in which mode?
A. Repeater
B. Infrastructure /Root
C. Ad-hoc
D. Router
7. An IBSS can also be called which of the following? Choose all that apply.
A. Peer-to-peer
B. Indifferent Basic Service Set
C. Ad hoc network
D. Internet Bindery Set Solution
11. An independent basic service set is also commonly referred to as which one of the following?
A. Ad hoc mode
B. Infrastructure mode
C. Network mode
D. Power save polling mode
15. Outline the steps how Power Save Polling works in the infrastructure mode and in the adhoc
mode.
Infrastructure mode power management
- Ad-hoc traffic indication messages (ATIM) are unicast frames used by stations to notify other stations that there is data destined to them
- ATIMs and beacons are both sent during the ATIM window
- All clients alternate the duty to send beacon frame
Beacons are short frame that are sent from the AP to stations (infrastructure mode) or station-to-station (ad hoc mode) in order to organize and synchronize wireless communication on the wireless LAN
-Time synchronization between the clients and the AP
- informing clients of supported transmission rates
- informing client of DSSS or FHSS parameter sets
- informing client of capacity info
- sending traffic indication map (TIM)
- SSID
17. Explain the terms of BSS, ESS and IBSS
Basic Service Set (BSS)
- A set of 802.11-compliant stations and an AP that operate as a fully connected wireless network to a wired network
- Referred to as infrastructure mode
- Uses a single cell and a single SSID
- AP acts as the gateway between wireless LAN and wired LAN segment
Extended Service Set (ESS)
- A collection of basic service sets tied together via a common distribution system
- The distribution system can be either wired, wireless, LAN, WAN, or any other method of network connectivity
Independent Basic Service Set (IBSS)
- Also called ad hoc network
- No access point or any other access to a distribution system
- Covers one single cell and has one SSID
- The clients in an IBSS alternate the responsibility of sending beacons
- Peer-to-Peer network
- One of the clients acts as a gateway or router in order to transmit data outside an IBSS
18. Why shared key authentication process is considered not secure?
During the shared key authentication process; The AP transmits the chaenge text in the clear and receives the same challenge text encrypted with the WEP key. This scenario allows a hacker using a sniffer to see both the plain text challenge and the encrypted challenge text. The WEP key may be cracked.
Tutorial 7 - RF Fundamental and Spread Spectrum Technologies
1. When quantifying the gain of an antenna, dBi is used. Choose all that apply.
a) dBi refers only to the gain of an antenna.
b) The "i" in dBi refers to the intentional radiator.
c) RF signal is sent in all directions with equal intensity, in three dimensional space, by the intentional radiator.
d) The antenna has a gain of 0 dBi
2. Which of the followings is/are advantages of spread spectrum?
a) Frequency is kept as narrow as possible to save the resource.
b) License free frequency band
c) Low power spectral density
d) Secure communication
3. DSSS combines a data signal at the sending station with a higher data rate bit sequence which is referred to as a chipping code or processing gain. IEEE has set its minimum processing gain requirement at ________.
a) 8
b) 11
c) 16
d) 20
4. Voltage Standing Wave Ratio (VSWR) is a measure of impedance mismatch between transmission line and its load. Choose all that apply.
a) The higher the VSWR, the better it is.
b) VSWR results in return loss.
c) Always ensure connections between cables and connectors are tight.
d) Never use 75 ohm cable with 50 ohm devices.
5. An access point with a power output of 100mW is connected to a 20 dBi directional antenna through a 8-foot length of coaxial cable with a loss of 0.5 dB/foot.
a) What is the Equivalent Isotropic Radiated Power (EIRP) in dBm?
b) What is the power output at the intentional radiator (IR) in dBm?
Pdbm = 10 x Log (Pmw)
Pdbm = 10 x Log 100mw = 20 dbm
100mw = 20 dbm
0.5dB/foot x 8-foot length = 4 dbm
EIPP = 20 - 4 - 3 + 20 = 33 dbm
IR = 33 - 20 = 13 dbm
6. An access point with a power of 23 dBm is connected to an omni-directional antenna with a gain of 6 dBi through an 8-foot length of coaxial cable with a loss of 0.5 dB/foot. Connector losses at the access point and antenna amount to 3 dB.
a) What is the Equivalent Isotropic Radiated Power (EIRP) in mW?
b) What is the power output at the intentional radiator (IR) in mW?
EIRP = 23+6 - 4 - 3 = 22 dBm
Pmw = 10 ^ (Pdbm/10)
pmw = 10 ^ (22/10) = 158mw
b) IR = 22 - 6 = 16 dBm
10^ (16/10) = 39.8 mw
7. Define the term of Fresnel Zone and explain how it affects the WLAN performance.
Fresnel Zone - The area around the visual line-of-sight that radio waves spread out into after they leave the antenna. This area must be clear or else signal strength will weaken. Object in the Fresnel zone, e.g. tree, hill tops and buildings can change RF LOS.
Effects:
- introduce RF signal interference if blocked
- Absorb or scatter the main RF signal, causing degradation or complete signal loss if blocked.
The Fresnel zone should not be blocked > 20% , otherwise RF LOS will be affected.
8. Describe how FHSS works with the help of a diagram.
- When the list of code sequence is exhausted, the transmitter will repeat until the information is transmitted completely .
- The receiver is synchronized to the transmitter in order to receive properly (i.e. receiver & transmitter must hop in the same way)
2.4000 GHz to 2.4835 GHz
1) A basic element of devices that makes wireless network devices such as access points and bridges communicate is the _______. It is most often used to increase the _____ of the wireless LAN systems.
a) RF amplifier, range
2) The dipole antennas used with wireless LANs performs an equivalent function to the "rabbit ears" antennas on television sets. However, they are much smaller than the "rabbit ears" because of one of the following reasons. Choose the correct answer.
a) As frequency gets higher, the wavelength and antennas become larger.
3) __________ directs the energy from the transmitter significantly more in one particular direction than the other uniform, circular pattern.
a) An omni-directional antenna
b) A dipole
c) A semi-directional antenna
d) A highly-directional antenna
4) __________ are ideal for long distance, point-to-point wireless link.
a) High gain semi0directional antennas
b) Highly-directional antennas
c) Omni-directional antennas
d) Dipoles
5) The following figure shows the coverage area of one type of antenna.
b) Yagi antenna
Symmetric - all ports operate at same bandwidth .
Asymmetric - consist of ports of different bandwidths used , e.g. server or up link has greater bandwidth.
21. Write the instructions that can configure a switch with IP address 200.1.2.3
S1(config)# int vlan 1 (or another VLAN)
S1(config)# ip address 200.1.2.3 255.255.255.0
S1(config)# no shutdown
S1(config)# exit
22. Describe switch port security. Write the instruction that will set a limit of 2 MAC address for port 12.
Port Security
- Configure each port to accept
One Mac address only
A small group of MAC addresses - Frames from other MAC addresses are not forwarded.
- By default, the port will shut down if the wrong device connects. It has to be bought up again manually.
SW1(config)#int fa0/12
SW1(config-if)#switchport mode access
SW1(config-if)#switchport mode access
SW1(config-if)#switchport port-security
SW1(config-if)#switchport port-security maximum 2
SW1(config-if)#siwtchport port-security mac-address sticky
SW1(config-if)#switchport port-security maximum 2
SW1(config-if)#siwtchport port-security mac-address sticky
Tutorial 2 VLAN Design and inter-VLAN Routing
1.How far is a broadcast frame that is sent by computer A propagated in the LAN domain?
a) none of the computer will receive the domain?
b) computer A, computer B, computer C
c) computer A, computer D, computer G
d) computer B, computer C
e) computer D, computer G
f) computer A, computer B, computer C, computer D, computer E, computer F, computer G, computer H, computer I
2. What are two characteristics of VLAN 1 in a default switch configuration? (Choose two.)
a) VLAN1 should renamed.
b) VLAN 1 is the management VLAN
c) all switch ports are members of VLAN1.
d) Only switch port 0/1 is assigned to VLAN1.
e) Links between switches must be members of VLAN 1
3. Which two statements describe the benefits of VLANs? (Choose two.)
a) VLANs improve network performance by regulating flow control and window size.
b) VLANs enable switches to route packets to remote networks via VLAN ID filtering.
c) VLANs reduce network cost by reducing the number of physical ports required on switches.
d) VLANs improve network security by isolating users that have access to sensitive data and applications.
e) VLANs divide a network into smaller logical networks, resulting in lower susceptibility to broadcast storms
4. What statements describe how hosts on VLANs communicate?
a) Host on Different VLANs use VTP to negotiate a trunk.
b) Host on Different VLANs communicate through routers
c) Host on Different VLANs should be in the same IP network.
d) Host on Different VLANs examine VLAN ID in the frame tagging to determine if the frame for their network.
5. What mechanism is used to achieve the separation between different VLANs as they cross a trunk link?
a) VLAN tagging using 802.1Q protocol
b) VLAN tagging using 802.1P protocol
c) VLAN multiplexing
d) VLAN set as a native LAN
6. Which two statements are true regarding the use of sub-interfaces for inter-VLAN routing? (Choose two.)
a) sub-interfaces have no contention for bandwidth
b) more switch ports required than in traditional inter-VLAN routing
c) fewer router ports required than in traditional inter-VLAN routing
d) simpler Layer 3 troubleshooting than with traditional inter-VLAN routing
e) less complex physical connection than in traditional inter-VLAN routing
7. What is important to consider while configuring the subinterfaces of a router when implementing inter-VLAN routhing?
a) The physical interface must have an IP address configured.
b) The sub-interface numbers must match the VLAN ID number.
c) The no shutdown command must be given on each sub-interface.
d) The IP address of each sub-interface must be the default gateway address for each VLAN subnet.
8. Which two statements are true about the interface fa0/0.10 command? (Choose two.)
a) The command applies VLAN 10 to router interface fa0/0
b) The command is used in the configuration of router-on-a-stick inter-VLAN routing.
c) The command configures a subinterface.
d) The command configures interface fa0/0 as a trunk link.
e) Because the Ip address is applied to the physical interface, the command does not include an IP address.
9. Briefly describe the different types of VLANs.
Data Vlan
- Carry files, e-mails, shared application traffic, most user traffic.
- Separate VLAN for each group of users, example, Stuent and Guest.
Voice Vlan
- Use with IP phone.
- Phone acts as a switch too.
- Voice traffic is tagged, given priority.
- Data not tagged, no priority.
- Has the switch IP address.
- Used for telnet/SSH or web access for management purposes.
- Better not to use VLAN 1 for security reasons.
- For backward compatibility with older systems.
- Relevant to trunk ports.
- Trunk ports carry traffic from multiple VLANs.
- VLAN is identified by a “tag” in the frame.
- Native VLAN does not have a tag.
- VLAN 1 on Cisco switches.
- Carries CDP and STP (spanning tree protocol) traffic.
- Initially all ports are in this VLAN.
- Do not use it for data, voice or management traffic for
- security reasons.
10. Write the instructions that will configure port 1 to port 4 of a switch as VLAN 10 and port 5 to port 8 as VLAN 20.
SW1(config)#int range fa0/1-4
SW1(config)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config)#int range fa0/5-8
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 20
SW1(config-if)#end
11. Write the instructions that will configure port 12 of a switch as a trunk port and
also a trunk for native VLAN 99.
SW1(config)#int fa0/12
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk native vlan 99
SW1(config-if)# end
12. Write the instructions that will configure a router interface as a trunk for VLAN 10 and VLAN 20. The subnet address for the VLANs are:
VLAN 10: 172.18.10.0
VLAN 20: 172.18.20.
Subnet mask : 255.255.255.0
R1(config-if)# interface f0/0
R1(config-if)# no shutdown
R1(config-if)# interface fa0/0.10
R1(config-subif)# encapsulation dot1q 10
R1(config-subif)# ip address 172.18.10.1 255.255.255.0
R1(config)# interface f0/0.20
R1(config-subif)# encapsulation dot1q 20
R1(config-subif)# ip address 172.18.20.1 255.255.255.0
Tutorial 3 VTP and STP
1. Which statement is true when VTP is configured on a switched network that incorporates VLANs?
a) VTP is only compatible with the 802.1Q standard.
b) VTP adds to complexity of managing a switched network.
c) VTP allows a switch to be configured to belong to more than one VTP domain
d) VTP dynamically communicates VLAN changes to all switches in the same VTP domain.
2. Which two statement describe VTP transparent mode operation? (Choose two.)
a) Transparent mode switches can create VLAN management information.
b) Transparent mode switches can add VLANs of local significance only.
c) Transparent mode switches pass any VLAN management information that they receive to other switches.
d) Transparent mode switches can adopt VLAN management changes that are received from other switches.
e) Transparent mode switches originate updates about the status of their VLANS and inform other switches about that status.
3. Which two statement are true about the implementation of VTP? (Choose two.)
a) Switches must be connected via trunks.
b) The VTP domain same is case sensitive.
c) Transparent mode switches cannot be configured with new VLANs.
d) The VTP password is mandatory and case sensitive.
e) Switches that use VTP must have the same switch name.
4. A network administrator is replacing a failed switch with a switch that was previously on the network. What precautionary step should the administrator take on the replacement switch to avoid incorrect VLAN information from propagating through the network?
a) Enable VTP pruning.
b) Change the VTP domain name.
c) Change the VTP mode to client.
d) Change all the interfaces on the switch to access ports.
5.
Refer to the exhibit. Switch1 is not participating in the VTP management process with the other switches that are shown in the exhibit. What are two possible explanations for this? (Choose two.)
a) Switch1 is in client mode.
b) Switch2 is in server mode.
c) Switch2 is in transparent mode.
d) Switch1 is in a different management domain.
e) Switch1 has end devices that are connected to the ports.
6. Which two statements are true about VTP pruning? (Choose two.)
a) Pruning is enabled by default.
b) Pruning can only be configured on VTP servers.
c) Pruning must be configured on all VTP servers in the domain.
d) VLANs on VTP client-mode switches will not be pruned.
e) Pruning will prevent unnecessary flooding of broadcasts across trunks.
7. What dose a client mode switch in a VTP management domain do when it receives a summary advertisement with a revision number higher than its current revision number?
a) It suspends forwarding until a subset advertisement update arrives.
b) It issues an advertisement request for new VLAN information.
c) It increments the revision number and forwards it to other switches.
d) It deletes the VLANs not included in the summary advertisement.
e) It issues summary advertisements to advise other switches of status changes.
8. What causes a VTP configured switch to issue a summary advertisement?
a) A five-minute update timer has elapsed.
b) A port on the switch has been shutdown.
c) The switch is changed to the transparent mode.
d) A new host has been attached to a switch in the management domain.
9. The spanning-tree protocol allows which of the following ?
a) Routers to communicate with other routers
b) Switches to communicate with other switches
c) More switches to be connected for expanding the network
d) Redundant network paths without suffering the effects of loops in the network
10.
Refer to the exhibit. Server sends an ARP request for MAC address of its default gateway. If STP is not enable, what will be the result of this ARP request?
a) Router_1 will drop the broadcast and reply with the MAC address of the next hop router.
b) Switch_A will reply with the MAC address of the Router_1 E0 interface.
c) Switch_A and Switch_B will continuously flood the message onto the network.
d) The message will cycle around the network until its TTL is exceeded.
11. What is the first step in the process of convergence in a spanning tree topology?
a) election of the root bridge
b) blocking of the non-designated ports
c) selection of the designated trunk port
d) determination of the designated port for each segment
12. What two elements will exist in a converged network with one spanning tree? (Choose two.)
a) one root bridge per network
b) all non-designated ports forwarding
c) one root port per non-root bridge
d) multiple designated ports per segment
e) one designated port per network
13. Which two statements describe the BIDs used in a spanning tree topology? (Choose two.)
a) They are sent out by the root bridge only after the inferior BPDUs are sent.
b) They consist of a bridge priority and MAC address.
c) Only the root bridge will send out a BID
d) They are used by the switches in a spanning tree topology to elect the root bridge.
e) The switch with the fastest processor will have the lowest BID.
14. Which two statements are true about about the default operation of STP in a Layer 2 switched environment that has a redundant connections between switches? (Choose two.)
a) The root switch is the switch with the highest speed ports.
b) Decisions on which port to block when two ports have equal cost depend on the port priority and identity.
c) All trunking ports are designated and not blocked.
d) Root switches have all ports set as root ports.
e) Non-root switches each have only one root port.
15. Which two criteria does a switch use to select the root bridge? (Choose two.)
a) Bridge priority
b) switching speed
c) number of ports
d) base MAC address
e) switch location
16. How can a network administrator influence which STP switch becomes the root bridge?
a) Configure all the interfaces on the switch as the static root ports.
b) Change the BPDU to a lower value than that of the other switches in the network.
c) Assign a lower IP address to the switch than that of the other switches in the network
d) Set the switch priority to a smaller value than that of the other switches in the network.
Tutorial 4 - Introduction to WLAN and WLAN Devices
1. Which of the following statements best describe the phrase "last mile"?
a) The distance between two buildings in a point-to-point connection.
b) It refers to the communication infrastructure that exists between the central office of a telecommunication or cable company and the end users.
c) It refers to the term "line of sight:.
d) It is a terminology not used in wired network technology.
2. Which one of the following does a wireless LAN provide that a wired network does not?
a) Mobility
b) Centralized security
c) Reliability
d) VPN security
3. Which one of the following would not be an appropriate use of a wireless LAN?
a) Connecting two buildings together that are on opposite side of the street
b) Connecting two computers together in a small office so they can share a printer
c) Connecting a remote home to a WISP for internet access
d) Connecting two rack-mounted computers together
4. Why is a wireless LAN a good choice for extending a network? Choose all that apply.
a) Reduces the cost of cables required for installation
b) Can be installed faster than a wired network
c) Hardware is considerably less expensive than wired LAN hardware
d) Eliminates a significant portion of the labor charges for installation
5. Wireless ISPs Provide which one of the following services?
a) Small office/home office services
b) Connectivity for large enterprises
c) Last mile data delivery
d) Building-to-building connectivity
6. Wireless LANs are primarily deployed in which one of the following roles?
a) Backbone
b) Access
c) Application
d) Core
7. You need to connect two wired network together that currently share no network connectivity between them. Using only access points to connect the networks, what mode would the access points need to be placed in?
a) Root mode
b) Repeater mode
c) Bridging mode
8. When an access point connects to another access point wirelessly for the purpose of extending the wireless segments to client out of range of the access point connected to the wired segment, the access point not connected to the wired LAN segment is in ____ mode.
a) Root
b) Repeater
c) Bridge
9. Wireless bridges are used for which of the following functions? Choose all that apply.
a) Connecting mobile users to wired LAN
b) Point-to-multipoint configurations
c) Building-to-building connectivity
d) Wireless security
10. Why an access point is considered a portal?
a) An access point allows client connectivity form an 802.11 network to either 802.3 or 802.5 networks
b) An access point always connect users to the internet
c) An access point connects clients to one another
d) An access point is a gateway to another collision domain
11. Your friend owns a small business, and asks you what he could buy to provide low cost wireless internet access for his 5 salespeople in the office. Which one of the following devices would be an appropriate solution?
a) Access point
b) Wireless workgroup bridge
c) Enterprise wireless gateway
d) Wireless residential gateway
12. Which of the followings is not a WLAN client device?
a) Wireless access point
b) USB wireless adaptor
c) Wireless bridge
d) Wireless workgroup bridge
13. The enterprise wireless gateway is the most cost effective way to the provide connectivity to the internet in a SOHO environment.
a) True
b) False
14. Discuss briefly the uses of a wireless bridge.
A Wireless bridge is used to connect remote sites wirelessly to the main network. It is typically used in building-to-building connectivity (Diagram can be found on side #10 of chapter 8 Lecture)
15. What are the functions of a wireless workgroup bridge in a wireless network?
The workgroup bridge is a client device.
It is capable of aggregating multiple wired LAN users into one collective wireless LAN client.
In the AP association table, a WGB appears as a single device. (Diagram can be found on side #48 of chapter 8 Lecture)
16. List the three modes that an access point can communicate with other access points. Briefly discuss, with the aid of diagrams, the situations in which the three modes are used.
The three modes are root mode repeater mode and bridge mode.
-In root mode APs connect wireless client to the wired segment of the network
- In repeater mode, an AP is responsible for handing the requests from mobile units and repeating that data to another AP that is connected to the wired network
- In Bridge mode, AP serves as a bridge between two or more wired segment of a network
Tutorial 5 - WLAN Standards
1. The Federal Communications Commission (FCC) in the US sets the standards for wireless LANs.
a) True
b) False
2. Choose all that apply to the 802.11i draft.
a) It will provide an alternative to Wired Equivalent Privacy (WEP) with new encryption methods and authentication procedures.
b) It forms a key part of the IEEE 802.1x standard.
c) It specifies Advanced Encryption Standard (AES) and Temporal Key integrity Protocol (TKIP).
d) WIFI(TM) and WIFI5 (TM) certifications will support 802.11i.
3. The FCC specifies rules for wireless LANs regarding which of the following? Choose all that apply.
a) Power output
b) Frequencies
c) Modulation
d) Data rates
4. Which of the following is NOT one of the ISM bands used with wireless LANs? Choose all that apply.
a) 902 MHz
b) 2.4 MHz
c) 4.5 GHz
d) 5.8 GHz
5. What dose the Wi-Fi(TM) seal of approval indicate?
a) A vendor's hardware has a WECA chipset
b) A vendor's hardware has been proven inter-operable hardware
c) A wireless LAN meets the IEEE 802.11 standard
d) A wireless LAN meets FCC regulations
6. What does ISM stand for?
Industrial, Scientific, and Medical
7. What does UNII stand for?
Unlicensed National Information Infrastructure
8. Define the term EIRP.
Equivalent Isotropic-ally Radiated Power (EIRP) Measurement of Power radiated by the antenna
9. Which organisation defines the standards use in wireless computer networks?
IEEE
10. What are the data rates and frequency bands used by the following IEEE standards?
802.11a – 54Mbps 5GHz
802.11b – 11Mbps 2.4GHz
802.11g – 54 Mbps 2.4 GHz
11. What does the term MIMO stands for? Which wireless standard uses MIMO?
multiple input multiple output. IEEE 802.11n
12. Which IEEE standard supports wireless roaming and which standard defines QoS for multimedia applications?
Roaming - 802.11f ; multimedia - 802.11e
13. There are several technologies that compete with the 802.11 family of standards.
Bluetooth, Infra-red (IrDA), ESTI (HiperLAN)
Tutorial 6 - 802.11 Network Operation
1. Which of the following are functions of the beacon frame?
A. Load balancing all clients across multiple access points
B. Broadcasting the SSID so that clients can connect to the access point
C. Synchronizing the time between the access point and client
D. Allowing client authentication with the access point when using Shared key Authentication
2. What is Passive scanning used for in a wireless LAN?
A. Allows clients to authenticate with an access point
B. Allows clients to actively search for any access points within range
C. Reduces the time it takes clients to locate and associate to access points when Roaming
D. Helps determine which bridge the client will connect to
3. What does the acronym "SSID" stand for?
A. Security Set Identifier
B. Service Set information Directory
C. Service Set Identifier
D. Security Service Information Dependency
4. The process of authentication and association has how many distinct states?
A. 1
B. 2
C. 3
D. 4
E. 5
5. Why is Shared Key authentication considered a security risk?
A. The access point transmits the challenge text in the clear and receives the same challenge text encrypted with the WEP key
B. The keys are shared via broadcast with all network nodes
C. A hacker could see the keys with a sniffer
D. The WEP keys used on all computers are the same
6. In a basic service set, or BSS, the access point must operate in which mode?
A. Repeater
B. Infrastructure /Root
C. Ad-hoc
D. Router
7. An IBSS can also be called which of the following? Choose all that apply.
A. Peer-to-peer
B. Indifferent Basic Service Set
C. Ad hoc network
D. Internet Bindery Set Solution
11. An independent basic service set is also commonly referred to as which one of the following?
A. Ad hoc mode
B. Infrastructure mode
C. Network mode
D. Power save polling mode
15. Outline the steps how Power Save Polling works in the infrastructure mode and in the adhoc
mode.
Infrastructure mode power management
- Each client informs the AP that it’s going to sleep by toggling the power management bit in the MAC frame
- The AP keeps a table of every sleeping client
- Traffic destined to a sleeping client will first be buffered by the AP
- Each sleeping client awakes at a predetermined time and sends a frame to notify the AP that it is awake
- The AP will update the table of the sleeping clients
- The AP sends a beacon, which contains TIM (traffic indication map), to indicate which clients have buffered data at the AP
- The awake client sees the TIM and sends a request frame for the data
- The AP sends the data to the client
- The client goes back to sleep after receiving the data
- Stations are synchronized and wake up before the ATIM window begins
- ATIM window begins- > one station sends beacons-> The stations send ATIM frames
- Ad-hoc traffic indication messages (ATIM) are unicast frames used by stations to notify other stations that there is data destined to them
- ATIMs and beacons are both sent during the ATIM window
- All clients alternate the duty to send beacon frame
- Stations receiving ATIM frames stay awake to receive data frames. If no ATIM frames are received, stations go back to sleep after the window
- After ATIM window closes, the awake stations begin tx/rx data frames. After receiving data frames, stations go back to sleep awaiting the next ATIM window
Beacons are short frame that are sent from the AP to stations (infrastructure mode) or station-to-station (ad hoc mode) in order to organize and synchronize wireless communication on the wireless LAN
-Time synchronization between the clients and the AP
- informing clients of supported transmission rates
- informing client of DSSS or FHSS parameter sets
- informing client of capacity info
- sending traffic indication map (TIM)
- SSID
17. Explain the terms of BSS, ESS and IBSS
Basic Service Set (BSS)
- A set of 802.11-compliant stations and an AP that operate as a fully connected wireless network to a wired network
- Referred to as infrastructure mode
- Uses a single cell and a single SSID
- AP acts as the gateway between wireless LAN and wired LAN segment
Extended Service Set (ESS)
- A collection of basic service sets tied together via a common distribution system
- The distribution system can be either wired, wireless, LAN, WAN, or any other method of network connectivity
Independent Basic Service Set (IBSS)
- Also called ad hoc network
- No access point or any other access to a distribution system
- Covers one single cell and has one SSID
- The clients in an IBSS alternate the responsibility of sending beacons
- Peer-to-Peer network
- One of the clients acts as a gateway or router in order to transmit data outside an IBSS
18. Why shared key authentication process is considered not secure?
During the shared key authentication process; The AP transmits the chaenge text in the clear and receives the same challenge text encrypted with the WEP key. This scenario allows a hacker using a sniffer to see both the plain text challenge and the encrypted challenge text. The WEP key may be cracked.
Tutorial 7 - RF Fundamental and Spread Spectrum Technologies
1. When quantifying the gain of an antenna, dBi is used. Choose all that apply.
a) dBi refers only to the gain of an antenna.
b) The "i" in dBi refers to the intentional radiator.
c) RF signal is sent in all directions with equal intensity, in three dimensional space, by the intentional radiator.
d) The antenna has a gain of 0 dBi
2. Which of the followings is/are advantages of spread spectrum?
a) Frequency is kept as narrow as possible to save the resource.
b) License free frequency band
c) Low power spectral density
d) Secure communication
3. DSSS combines a data signal at the sending station with a higher data rate bit sequence which is referred to as a chipping code or processing gain. IEEE has set its minimum processing gain requirement at ________.
a) 8
b) 11
c) 16
d) 20
4. Voltage Standing Wave Ratio (VSWR) is a measure of impedance mismatch between transmission line and its load. Choose all that apply.
a) The higher the VSWR, the better it is.
b) VSWR results in return loss.
c) Always ensure connections between cables and connectors are tight.
d) Never use 75 ohm cable with 50 ohm devices.
5. An access point with a power output of 100mW is connected to a 20 dBi directional antenna through a 8-foot length of coaxial cable with a loss of 0.5 dB/foot.
a) What is the Equivalent Isotropic Radiated Power (EIRP) in dBm?
b) What is the power output at the intentional radiator (IR) in dBm?
Pdbm = 10 x Log (Pmw)
Pdbm = 10 x Log 100mw = 20 dbm
100mw = 20 dbm
0.5dB/foot x 8-foot length = 4 dbm
EIPP = 20 - 4 - 3 + 20 = 33 dbm
IR = 33 - 20 = 13 dbm
6. An access point with a power of 23 dBm is connected to an omni-directional antenna with a gain of 6 dBi through an 8-foot length of coaxial cable with a loss of 0.5 dB/foot. Connector losses at the access point and antenna amount to 3 dB.
a) What is the Equivalent Isotropic Radiated Power (EIRP) in mW?
b) What is the power output at the intentional radiator (IR) in mW?
EIRP = 23+6 - 4 - 3 = 22 dBm
Pmw = 10 ^ (Pdbm/10)
pmw = 10 ^ (22/10) = 158mw
b) IR = 22 - 6 = 16 dBm
10^ (16/10) = 39.8 mw
7. Define the term of Fresnel Zone and explain how it affects the WLAN performance.
Fresnel Zone - The area around the visual line-of-sight that radio waves spread out into after they leave the antenna. This area must be clear or else signal strength will weaken. Object in the Fresnel zone, e.g. tree, hill tops and buildings can change RF LOS.
Effects:
- introduce RF signal interference if blocked
- Absorb or scatter the main RF signal, causing degradation or complete signal loss if blocked.
The Fresnel zone should not be blocked > 20% , otherwise RF LOS will be affected.
8. Describe how FHSS works with the help of a diagram.
The carrier signal change frequency , or hops , according to a pseudorandom code sequence.
- The pseudorandom sequence is a list of several frequencies to which the carrier will hop before repeating the pattern.
- The transmitter will remain at a certain freq for a specified time (known as dwell time), then take a small amount of time (hope time) to hop to the next freq.- When the list of code sequence is exhausted, the transmitter will repeat until the information is transmitted completely .
- The receiver is synchronized to the transmitter in order to receive properly (i.e. receiver & transmitter must hop in the same way)
9 a. What is the frequency range allocated for all DSSS channels in wireless applications?
2.4000 GHz to 2.4835 GHz
b. How many channels are there in DSSS for USA system? 11
c. What is the bandwidth of each channel? 22MHz
d. How far is each channel separated from the other? 5MHz
e. Which are the 3 non-overlapping channels? Channels 1,6,11
Tutorial 8 - Antennas and WLAN Accessories
1) A basic element of devices that makes wireless network devices such as access points and bridges communicate is the _______. It is most often used to increase the _____ of the wireless LAN systems.
a) RF amplifier, range
b) antenna, range
c) antenna, cell size
d) RF amplifier, cell size
2) The dipole antennas used with wireless LANs performs an equivalent function to the "rabbit ears" antennas on television sets. However, they are much smaller than the "rabbit ears" because of one of the following reasons. Choose the correct answer.
a) As frequency gets higher, the wavelength and antennas become larger.
b) As frequency gets higher, the wavelength and antennas become smaller.
c) As frequency gets lower, the wavelength and antennas become smaller.
d) None of above.3) __________ directs the energy from the transmitter significantly more in one particular direction than the other uniform, circular pattern.
a) An omni-directional antenna
b) A dipole
c) A semi-directional antenna
d) A highly-directional antenna
4) __________ are ideal for long distance, point-to-point wireless link.
a) High gain semi0directional antennas
b) Highly-directional antennas
c) Omni-directional antennas
d) Dipoles
5) The following figure shows the coverage area of one type of antenna.
What antenna could it be? Choose all that apply.
a) Omni ground plane antennab) Yagi antenna
c) Patch antenna
d) Omni pillar mount antenna6) List the three generic categories of RF antennas. Discuss briefly the RF characteristics of
an antenna with respect to its gain.
Omni-directional
Semi-directional
Highly-directional
Semi-directional
Highly-directional
Each category has multiple types of antennas, each having different RF characteristics and appropriate uses. As the gain of an antenna goes up, the coverage area narrows so that the high gain antennas offer longer coverage areas than low gain antennas at the same input power level
7) Define the polarization of an antenna and briefly explain how it affects the signal reception.
7) Define the polarization of an antenna and briefly explain how it affects the signal reception.
- A radio wave is made up of 2 fields, one electric and one magnetic that are on planes perpendicular to each other. Polarization of the antenna refers to the orientation of the electrical plane.
- The transmitting and receiving antennas must have the same aligned polarization otherwise the received signal will have a poor quality.
8) Explain terms of link budget and fade margin in WLAN design.
Link budget refers to the calculation of the amount of excess signal strength a station is receiving relative to its receive sensitivity .
Fade margin : when planning for WLAN installation, it's common to include a few extra db of signal strength to the link budget in order to compensate the variation in the received signal strength.
8) Explain terms of link budget and fade margin in WLAN design.
Link budget refers to the calculation of the amount of excess signal strength a station is receiving relative to its receive sensitivity .
Fade margin : when planning for WLAN installation, it's common to include a few extra db of signal strength to the link budget in order to compensate the variation in the received signal strength.
9) Describe the operation of a lightning arrester.
Lighting arrester is used to shut transient current into the ground that is caused by lighting to protect wireless LAN hardware such as APs , bridges.
Operation:
Lighting arrester is used to shut transient current into the ground that is caused by lighting to protect wireless LAN hardware such as APs , bridges.
Operation:
1. Lightning strikes a nearby object
2. Transient currents are induced into the antenna or the RF transmission line
3. The lightning arrestor senses these currents and immediately ionizes the gases held internally to cause a short directly to earth ground
10) Antennas have passive gain. Explain the phrase “passive gain”.
- Antennas do not actively increase the input power to them, but rather shape the radiation field to lengthen or shorten the distance of wave propagation (how far the wave travels)
- The higher the antenna gain, the farther the wave will travel.
- Antennas do not actively increase the input power to them, but rather shape the radiation field to lengthen or shorten the distance of wave propagation (how far the wave travels)
- The higher the antenna gain, the farther the wave will travel.
11) A company has carefully implemented a Point-to-Point Wireless LAN link across
two remote offices using Yagi directional antennas. But a later survey report shows
that it’s still possible to access the WLAN through the neighbouring company’s
offices. List and analyse all the possible causes to this scenario.
- yagi antenna is of semi-directional type. there are back & side lobes opposite the main bean which may expose a window of WLAN access to unauthorized users
- Additionally , the horizontal beam width of yagi antenna is about 30 degrees which may also expose leakage of RF signal to the neighboring offices
Tutorial 9 - Troubleshooting WLAN
1) When installing antennas in a WLAN, it is important to take into considerations certain factors. choose all that apply.
a) Safety of equipment
b) Safety of personnel
c) Performance of WLAN system
d) RF knowledge of users
2) Multi-path can have several different effects on the transmission of the RF signal. Choose all that apply.
a) Decreased signal amplitude
b) Corruption
c) Collision
d) Increase signal amplitude
3) The solutions listed below are used for solving one of the following problems.
- yagi antenna is of semi-directional type. there are back & side lobes opposite the main bean which may expose a window of WLAN access to unauthorized users
- Additionally , the horizontal beam width of yagi antenna is about 30 degrees which may also expose leakage of RF signal to the neighboring offices
Tutorial 9 - Troubleshooting WLAN
1) When installing antennas in a WLAN, it is important to take into considerations certain factors. choose all that apply.
a) Safety of equipment
b) Safety of personnel
c) Performance of WLAN system
d) RF knowledge of users
2) Multi-path can have several different effects on the transmission of the RF signal. Choose all that apply.
a) Decreased signal amplitude
b) Corruption
c) Collision
d) Increase signal amplitude
3) The solutions listed below are used for solving one of the following problems.
- Use of RTS/CTS
- increase power to the access point
- Remove obstacles
- Move the access point
a) Near/far
b) Multi-path
c) Hidden node
d) Low throughput
d) Low throughput
4) Wind can cause RF interference in a wireless LAN because it affects radio waves or an RF signal.
a) Ture
b) False
5) Which of the following systems has the largest range given that all the systems are operating at the same output power?
a) 5GHz system
a) Ture
b) False
5) Which of the following systems has the largest range given that all the systems are operating at the same output power?
a) 5GHz system
b) 2.4GHz system
c) 900MHz system
d) All the system have the same range
6) Define the term “multi-path”. Describe briefly some methods to solve multi-path problems.
Multi-path is defined as the composition of a primary signal plus duplicate or echoed wave fronts caused by reflection of wave off objects between the transmitter and receiver.
Multi-path is defined as the composition of a primary signal plus duplicate or echoed wave fronts caused by reflection of wave off objects between the transmitter and receiver.
methods:
a) Antenna diversity : Uses multiple antennas on multiple input to bring a signal to a single receiver.
b) Multiple-in/Multiple-out (MIMO) : two or more antennas are used simultaneously combined with sophisticated signal processing techniques, better signal quality can be achieved.
7) Describe the problems of “Hidden node” and “Near Far” and briefly explain the solutions to prevent such problems.
"Hidden Node" describes the situation in which at least one node is unable to hear (detect) another node connected to the same AP, but both nodes can see the AP. "Hidden node" will cause collision problem.
solutions:
a) Use RTS/CTS : The client send RTS to intended re intended recipient to prompt it to send back a packet (CTS) clearing the medium for data transmission.
b) Increase power to the nodes : To increase transmission radius to allow other stations to hear the transmissions of the hidden nodes
c) Remove the obstacles: to clear the RF LOS by removing obstacles.
d) Move the nodes
"Near Far" describes the scenario that :
a) Multiple client nodes that are very near to the AP and have high power settings
b) At least one client that is much further away from the AP than the aforementioned client nodes, and has small power setting.
c) The nearer station with higher power setting is overpowering the station further away and can’t be heard by the AP!
Solutions:
a) Increase power to remote node (the one that is being drowned out)
b) Decrease power of local nodes (the close, loud ones)
c) Move the remote node closer to the access point
d)Move the AP to a more central location
e)Add another AP closer to the far node
8) State the purpose of co-locating multiple access points. Discuss briefly how this can be
done theoretically. List the precautions that should be taken when collocating multiple access
points.
Co-location is used to provide more bandwidth and throughput to wireless users in a given area by installing multiple APs in the same location running at different non-overlapping channels.
802.11b (or g) APs can be co-located with 3 non-overlapping RF channels (1, 6, and 11)
to be used for co-location
802.11a APs can be co-located with 8 non-overlapping RF channels.
When co-locating multiple APs, it is highly recommended that you:
a) Use the same spread spectrum technology (either DSSS or FHSS, but not both) for all APs.
b) Use the same vendor for all APs
9) Draw a diagram to show how a large area can be covered with multiple access points to provide roaming features. Indicate the channels in the diagram.
10) Name types of interference that can affect wireless LAN.
a) Narrow band interference - High power narrow band RF noise motors and RF generator
b) All-band interference - spread over entire wireless band , can be from microwave oven and bluetooth
c) RF signal degradation - caused by weather e.g rain,fog
d) adjacent channel interference - APs using side-by-side channels installed close to each other
e) Co-channel interference - AP in close range have the same channel.
Tutorial 10 - WLAN Frames and Protocols
1) Scanning is the process by which clients determine whether a wireless network is present so that the client can join the network. Scanning occurs _______ authentication and association with an access point or ad hoc network.
a) during
b) before
c) after
d) between
2) Wireless LAN frames contain more information than common Ethernet frames do.
a) True
b) Flase
3) The IEEE 802.11 standard provides support for fragmentation. Choose all that apply to fragmentation of packets.
a) Larger packets have higher probability of collisions on the network.
b) Reduces the time spent on re-transmissions if errors occur.
c) Decreases protocol overhead and improves protocol efficiency
d) Decreases network throughput when there are no errors.
4) ______________ involves end stations broadcasting a probe frame.
a) Passive scanning
b) Active scanning
c) Fragmentation
d) None of the above.
5) Which one of the following is an advantage to using point coordination function (PCF) mode over distributed coordination mode (DCF)?
a) PCF has a lower overhead than using DCF
b) PCF can be used in and IBSS while DCF cannot
c) PCF uses CSMA/CA while DCF does not
d) PCF provides a given level of Qos
6) After a client station sends a packet to another client station, the receiving station replies with an acknowledgement after which interframe space?
a) IFS
b) SIFS
c) PIFS
d) DFS
7) The acronym CCA stands for which one of the following?
a) Close Client Association
b) Clear Current Authentication
c) Clear Channel Assessment
d) Clean Channel Assocation
8) The Network Allocation Vector (NAV) acts as:
a) A timer on the station
b) A navigational feature for RF signal propagation
c) A location discovery tool for wireless LANs
d) A tool for allocating the bandwidth of a wireless LAN
9) Using RTS/CTS allows wireless stations to do which of the following?
a) Broadcast their intent to send data across the network to the receiving station
b) Send their packets across the network at the maximum rated speed of the network
c) Eliminate hidden nodes on the network
d) Diagnose and reduce high overhead between stations
10) You have just finished installing your first wireless LAN with 802.11b equipment rated at 11 Mbps. After testing the throughput of the clients, you find your actual throughput is only 5.5 Mbps. What is likely cause of this throughput?
a) Wireless LANs use RTS/CTS by default
b) Wireless LANs use the CSMA/CA protocol
c) Use of PCF is reducing network throughput
d) DRS has caused all of the clients to decrease their data rates
11) Explain the definition of PCF (point coordination function). Give one advantage and one disadvantage of PCF.
PCF is an access mode specified in the 802.11 standard that enables contention-free frame transfer on a wireless LAN based on a polling mechanism
Advantage: QoS for time-bounded services (voice,video)
Disadvantage: The additional overhead will decrease throughput
12) Briefly describe the RTS/CTS process.
1. A wireless station broadcasts its request of sending data to another station or AP by sending RTS. All other stations set their Network Allocation Vector (NAV) to the number of time slots required for the transmission NAV counts down from a value set by RTS/ or CTS frame. The station joins the contention when it counts to zero
2. The receiving station responds with CTS and all other stations reset their NAV to the amount of time necessary for the transmitting station to receive ACK
3. Once CTS is received, the transmitting station starts to send DATA
4. The receiving station immediately return an ACK frame. At this moment, all other stations should have their NAV counting to zero. The contention will start after a DIFS.
13) Describe the features of CSMA/CA protocol implemented in Wireless LANs.
(a) Cannot detect collision , but designed to avoid collision instead using back off time.
(b) Uses positive acknowledgements (ACKs)
(c) If the sender doesn’t receive an ACK from the receiver, assumes a collision and resends the data
(d) More overhead (50%), than CSMA/CD (30%)
14) How does the CSMA/CA protocol detect an idle medium?
To detect an idle medium, both physical and virtual carrier senses must report idle.
a) Physical carrier sense: also called clear channel assessment (CCA) ; to detect ambient RF signal on that
channel ; not enough to address collision: hidden node.
b) Virtual carrier sense: uses a timer (NAV) : if a station’s NAV is not zero, its virtual carrier
sense will indicate as Busy!
Tutorial 11 - WLAN Security
1) Wired Equivalent Privacy (WEP) is intended to provide the following security goals. Choose all that apply.
a) confidentiality
b) a simple encryption algorithm
c) access control
d) data integrity
2) The Advanced Encryption Standard (AES) uses the Rijndael algorithm in the certain specified key lengths. Choose all that apply.
a) 64-bit
b) 128-bit
c) 192-bit
d) 256-bit
3) A corporate security policy for any type of network including wireless LANs is more important than the technology that is begin used.
a) True
b) False
4) A WEP key using a 40-bit secret key concatenated with the initialization vector to form the WEP key, creates what level of encryption?
a) 24-bit
b) 40-bit
c) 64-bit
d) 128-bit
5) SSID filtering is a basic form of access control, and is not considered secure for which of the following reasons? Choose all that apply.
a) It is very simple to find out the SSID of a network using sniffer
b) SSID encryption is easy to break with freeware utilities
c) The SSID is broadcasted in the clear in every access point beacon by default
d) The SSID of a wireless LAN client must match the SSID on the access point in order for the client to authenticate and associate to the access point
6) What are the three types of filtering that can be performed on a wireless LAN?
a) SSID filtering
b) MAC address filtering
c) Protocol filtering
d) 802.11 standard filtering
e) Manufacturer hardware filtering
7) Which of the following protocols are network security tools above and beyond what is specified by the 802.11? Choose all that apply.
a) 802.1x and EAP
b) 8011.g
c) VPNs
d) 802.11x and PAP
8) An enterprise wireless gateway is positioned at what point on the wired network segment?
a) Between the access point and wired network upstream
b) Between the access point and wireless network clients
c) Between the switch and router on the wireless network segment
d) Per-session
e) In place of a regular access point on the wireless LAN segment
9) For maximum security wireless LAN user authentication should be based on which of the following? Choose all that apply.
a) Device-independent schemes such as user names and passwords
b) Default authentication processes
c) MAC address only
d) SSID and MAC address
10) WEP was not secure. Alone, it cannot keep a hacker out of the wireless LAN for long. Explain briefly why it was chosen and implemented into the WLAN standard.
- WEP is a security protocol for WLANs defined in the 802.11b standard.
- WEP meets the requirements of 802.11
- WEP uses PRNG and RC4 as its stream cipher
- 802.11 leaves WEP implementation to vendors
11) One of the common mistakes that wireless users make in administering SSIDs is “unnecessary broadcasting of SSIDs”. Describe briefly the potential problem that may arise in committing this mistake and the way to work around this problem.
By broadcasting the SSIDs, it is easier for eavesdroppers to tinker with or use the WLAN
Solution:
APs have the ability to remove SSIDs broadcast in beacons and probe responses By closing the network, client waiting to associate with the AP will need to already know the correct SSID in order to authenticate & associate.
12) Describe the technical features that are implemented on TKIP in a WLAN to fix the
encryption weakness of 802.11.
TKIP uses
(i) 128-bit only WEP key
(ii) Per-packet key mixing
(iii) re-keying and (iv) message integrity check (MIC) features to improve security.
(Details can be found in slide # 26-29 of Lecture chapter 15)
13) List down available security solutions other than static WEP in 802.11and briefly
describe them.
Besides WEP,
a) Centralized Encryption Key Servers such as RADIUS : Centralized key generation and key distribution
b) AES: Uses the Rijndale algorithm and following specified key lengths: 128-bit,192-bit,256-bt
c) TKIP: TKIP uses 128-bit only WEP key, Per-pkt key mixing, Re-keying message integrity check features to improve security.
d) 802.1x/EAP : Typically works together with an authentication server , such as RADIUS to address authentication weakness of 802.11
e) WPA: Proposed by WiFi alliance, including use of 802.1x/EAP , AES , TKIP...
f) Filtering: including MAC, SSID and protocol filtering features.
g) Proprietary Layer 2 encryption : Not 802.11-compliant and using Enterprise Encryption Gateway.
h) Wireless VPN: To include VPN server into wireless router or APs so that communication can commenced through a secure VPN tunnel.
i) Application - layer encryption such as SSL & SSH : encrypted tunnel runs from application to application, and data is encrypted before handled down to the network
j) Captive Portals: All traffic coming through the AP is initially directed to an access control device such as an enterprise wireless gateway or wireless switch on the wired LAN. The access control device then performs authentication and allows users access to the wired LAN
k) Profile-based firewall: A firewall that applies filtering rules selectively, based on user name, group name or other identification. might be part of an EWG or wireless LAN switch.
14) Describe different attacks to WLANs and relevant solutions.
1) Eavesdropping
2) Encryption Cracking
3) RF jamming attacks
4) Wireless Hijack attacks
5) Rogue Access Points
6) Penetration Attacks
(Refer to slide #50 of Lecture Chapter 15 for the list Detailed description are found in slide #51-59)
"Hidden Node" describes the situation in which at least one node is unable to hear (detect) another node connected to the same AP, but both nodes can see the AP. "Hidden node" will cause collision problem.
solutions:
a) Use RTS/CTS : The client send RTS to intended re intended recipient to prompt it to send back a packet (CTS) clearing the medium for data transmission.
b) Increase power to the nodes : To increase transmission radius to allow other stations to hear the transmissions of the hidden nodes
c) Remove the obstacles: to clear the RF LOS by removing obstacles.
d) Move the nodes
"Near Far" describes the scenario that :
a) Multiple client nodes that are very near to the AP and have high power settings
b) At least one client that is much further away from the AP than the aforementioned client nodes, and has small power setting.
c) The nearer station with higher power setting is overpowering the station further away and can’t be heard by the AP!
Solutions:
a) Increase power to remote node (the one that is being drowned out)
b) Decrease power of local nodes (the close, loud ones)
c) Move the remote node closer to the access point
d)Move the AP to a more central location
e)Add another AP closer to the far node
8) State the purpose of co-locating multiple access points. Discuss briefly how this can be
done theoretically. List the precautions that should be taken when collocating multiple access
points.
Co-location is used to provide more bandwidth and throughput to wireless users in a given area by installing multiple APs in the same location running at different non-overlapping channels.
802.11b (or g) APs can be co-located with 3 non-overlapping RF channels (1, 6, and 11)
to be used for co-location
802.11a APs can be co-located with 8 non-overlapping RF channels.
When co-locating multiple APs, it is highly recommended that you:
a) Use the same spread spectrum technology (either DSSS or FHSS, but not both) for all APs.
b) Use the same vendor for all APs
9) Draw a diagram to show how a large area can be covered with multiple access points to provide roaming features. Indicate the channels in the diagram.
10) Name types of interference that can affect wireless LAN.
a) Narrow band interference - High power narrow band RF noise motors and RF generator
b) All-band interference - spread over entire wireless band , can be from microwave oven and bluetooth
c) RF signal degradation - caused by weather e.g rain,fog
d) adjacent channel interference - APs using side-by-side channels installed close to each other
e) Co-channel interference - AP in close range have the same channel.
Tutorial 10 - WLAN Frames and Protocols
1) Scanning is the process by which clients determine whether a wireless network is present so that the client can join the network. Scanning occurs _______ authentication and association with an access point or ad hoc network.
a) during
b) before
c) after
d) between
2) Wireless LAN frames contain more information than common Ethernet frames do.
a) True
b) Flase
3) The IEEE 802.11 standard provides support for fragmentation. Choose all that apply to fragmentation of packets.
a) Larger packets have higher probability of collisions on the network.
b) Reduces the time spent on re-transmissions if errors occur.
c) Decreases protocol overhead and improves protocol efficiency
d) Decreases network throughput when there are no errors.
4) ______________ involves end stations broadcasting a probe frame.
a) Passive scanning
b) Active scanning
c) Fragmentation
d) None of the above.
5) Which one of the following is an advantage to using point coordination function (PCF) mode over distributed coordination mode (DCF)?
a) PCF has a lower overhead than using DCF
b) PCF can be used in and IBSS while DCF cannot
c) PCF uses CSMA/CA while DCF does not
d) PCF provides a given level of Qos
6) After a client station sends a packet to another client station, the receiving station replies with an acknowledgement after which interframe space?
a) IFS
b) SIFS
c) PIFS
d) DFS
7) The acronym CCA stands for which one of the following?
a) Close Client Association
b) Clear Current Authentication
c) Clear Channel Assessment
d) Clean Channel Assocation
8) The Network Allocation Vector (NAV) acts as:
a) A timer on the station
b) A navigational feature for RF signal propagation
c) A location discovery tool for wireless LANs
d) A tool for allocating the bandwidth of a wireless LAN
9) Using RTS/CTS allows wireless stations to do which of the following?
a) Broadcast their intent to send data across the network to the receiving station
b) Send their packets across the network at the maximum rated speed of the network
c) Eliminate hidden nodes on the network
d) Diagnose and reduce high overhead between stations
10) You have just finished installing your first wireless LAN with 802.11b equipment rated at 11 Mbps. After testing the throughput of the clients, you find your actual throughput is only 5.5 Mbps. What is likely cause of this throughput?
a) Wireless LANs use RTS/CTS by default
b) Wireless LANs use the CSMA/CA protocol
c) Use of PCF is reducing network throughput
d) DRS has caused all of the clients to decrease their data rates
11) Explain the definition of PCF (point coordination function). Give one advantage and one disadvantage of PCF.
PCF is an access mode specified in the 802.11 standard that enables contention-free frame transfer on a wireless LAN based on a polling mechanism
Advantage: QoS for time-bounded services (voice,video)
Disadvantage: The additional overhead will decrease throughput
12) Briefly describe the RTS/CTS process.
1. A wireless station broadcasts its request of sending data to another station or AP by sending RTS. All other stations set their Network Allocation Vector (NAV) to the number of time slots required for the transmission NAV counts down from a value set by RTS/ or CTS frame. The station joins the contention when it counts to zero
2. The receiving station responds with CTS and all other stations reset their NAV to the amount of time necessary for the transmitting station to receive ACK
3. Once CTS is received, the transmitting station starts to send DATA
4. The receiving station immediately return an ACK frame. At this moment, all other stations should have their NAV counting to zero. The contention will start after a DIFS.
13) Describe the features of CSMA/CA protocol implemented in Wireless LANs.
(a) Cannot detect collision , but designed to avoid collision instead using back off time.
(b) Uses positive acknowledgements (ACKs)
(c) If the sender doesn’t receive an ACK from the receiver, assumes a collision and resends the data
(d) More overhead (50%), than CSMA/CD (30%)
14) How does the CSMA/CA protocol detect an idle medium?
To detect an idle medium, both physical and virtual carrier senses must report idle.
a) Physical carrier sense: also called clear channel assessment (CCA) ; to detect ambient RF signal on that
channel ; not enough to address collision: hidden node.
b) Virtual carrier sense: uses a timer (NAV) : if a station’s NAV is not zero, its virtual carrier
sense will indicate as Busy!
Tutorial 11 - WLAN Security
1) Wired Equivalent Privacy (WEP) is intended to provide the following security goals. Choose all that apply.
a) confidentiality
b) a simple encryption algorithm
c) access control
d) data integrity
2) The Advanced Encryption Standard (AES) uses the Rijndael algorithm in the certain specified key lengths. Choose all that apply.
a) 64-bit
b) 128-bit
c) 192-bit
d) 256-bit
3) A corporate security policy for any type of network including wireless LANs is more important than the technology that is begin used.
a) True
b) False
4) A WEP key using a 40-bit secret key concatenated with the initialization vector to form the WEP key, creates what level of encryption?
a) 24-bit
b) 40-bit
c) 64-bit
d) 128-bit
5) SSID filtering is a basic form of access control, and is not considered secure for which of the following reasons? Choose all that apply.
a) It is very simple to find out the SSID of a network using sniffer
b) SSID encryption is easy to break with freeware utilities
c) The SSID is broadcasted in the clear in every access point beacon by default
d) The SSID of a wireless LAN client must match the SSID on the access point in order for the client to authenticate and associate to the access point
6) What are the three types of filtering that can be performed on a wireless LAN?
a) SSID filtering
b) MAC address filtering
c) Protocol filtering
d) 802.11 standard filtering
e) Manufacturer hardware filtering
7) Which of the following protocols are network security tools above and beyond what is specified by the 802.11? Choose all that apply.
a) 802.1x and EAP
b) 8011.g
c) VPNs
d) 802.11x and PAP
8) An enterprise wireless gateway is positioned at what point on the wired network segment?
a) Between the access point and wired network upstream
b) Between the access point and wireless network clients
c) Between the switch and router on the wireless network segment
d) Per-session
e) In place of a regular access point on the wireless LAN segment
9) For maximum security wireless LAN user authentication should be based on which of the following? Choose all that apply.
a) Device-independent schemes such as user names and passwords
b) Default authentication processes
c) MAC address only
d) SSID and MAC address
10) WEP was not secure. Alone, it cannot keep a hacker out of the wireless LAN for long. Explain briefly why it was chosen and implemented into the WLAN standard.
- WEP is a security protocol for WLANs defined in the 802.11b standard.
- WEP meets the requirements of 802.11
- Exportable
- Reasonably strong, can’t be cracked by average noncryptographer
- Self-synchronizing
- Computationally efficient
- Optional
- WEP uses PRNG and RC4 as its stream cipher
- 802.11 leaves WEP implementation to vendors
11) One of the common mistakes that wireless users make in administering SSIDs is “unnecessary broadcasting of SSIDs”. Describe briefly the potential problem that may arise in committing this mistake and the way to work around this problem.
By broadcasting the SSIDs, it is easier for eavesdroppers to tinker with or use the WLAN
Solution:
APs have the ability to remove SSIDs broadcast in beacons and probe responses By closing the network, client waiting to associate with the AP will need to already know the correct SSID in order to authenticate & associate.
12) Describe the technical features that are implemented on TKIP in a WLAN to fix the
encryption weakness of 802.11.
TKIP uses
(i) 128-bit only WEP key
(ii) Per-packet key mixing
(iii) re-keying and (iv) message integrity check (MIC) features to improve security.
(Details can be found in slide # 26-29 of Lecture chapter 15)
13) List down available security solutions other than static WEP in 802.11and briefly
describe them.
Besides WEP,
a) Centralized Encryption Key Servers such as RADIUS : Centralized key generation and key distribution
b) AES: Uses the Rijndale algorithm and following specified key lengths: 128-bit,192-bit,256-bt
c) TKIP: TKIP uses 128-bit only WEP key, Per-pkt key mixing, Re-keying message integrity check features to improve security.
d) 802.1x/EAP : Typically works together with an authentication server , such as RADIUS to address authentication weakness of 802.11
e) WPA: Proposed by WiFi alliance, including use of 802.1x/EAP , AES , TKIP...
f) Filtering: including MAC, SSID and protocol filtering features.
g) Proprietary Layer 2 encryption : Not 802.11-compliant and using Enterprise Encryption Gateway.
h) Wireless VPN: To include VPN server into wireless router or APs so that communication can commenced through a secure VPN tunnel.
i) Application - layer encryption such as SSL & SSH : encrypted tunnel runs from application to application, and data is encrypted before handled down to the network
j) Captive Portals: All traffic coming through the AP is initially directed to an access control device such as an enterprise wireless gateway or wireless switch on the wired LAN. The access control device then performs authentication and allows users access to the wired LAN
k) Profile-based firewall: A firewall that applies filtering rules selectively, based on user name, group name or other identification. might be part of an EWG or wireless LAN switch.
14) Describe different attacks to WLANs and relevant solutions.
1) Eavesdropping
2) Encryption Cracking
3) RF jamming attacks
4) Wireless Hijack attacks
5) Rogue Access Points
6) Penetration Attacks
(Refer to slide #50 of Lecture Chapter 15 for the list Detailed description are found in slide #51-59)
Great post. Thanks for sharing.
ReplyDeleteWireless Switches