You must implement 7 APs for a branch office location in your organizations. All APs will be autonomous and provide the same two SSIDs (CORP1879 and Guest).
Because each AP is managed directly through a web-based interface, what must be changed on every AP before enabling the WLANs to ensure proper staging procedures are followed?

1. A. Output power
2. B. Fragmentation threshold
3. C. Administrative password
4. D. Cell radius

Correct Answer: C

A WLAN consultant has just finished installing a WLAN controller with 15 controller-based APs. Two SSIDs with separate VLANs are configured for this network, and both VLANs are configured to use the same RADIUS server. The SSIDs are configured as follows:
* 1. SSID Blue – VLAN 10 – Lightweight EAP (LEAP) authentication – CCMP cipher suite
* 2. SSID Red – VLAN 20 – PEAPv0/EAP-TLS authentication – TKIP cipher suite
The consultant’s computer can successfully authenticate and browse the Internet when using the Blue SSID. The same computer cannot authenticate when using the Red SSID. What is a possible cause of the problem?

1. A. The consultant does not have a valid Kerberos ID on the Blue VLAN.
2. B. The client does not have a proper certificate installed for the tunneled authentication within the established TLS tunnel.
3. C. The TKIP cipher suite is not a valid option for PEAPv0 authentication.
4. D. The Red VLAN does not use server certificate, but the client requires one.

Correct Answer: B

In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce?

1. A. They are added together and used as the GMK, from which the GTK is derived.
2. B. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.
3. C. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).
4. D. They are input values used in the derivation of the Pairwise Transient Key.

Correct Answer: D

While seeking the source of interference on channel 11 in your 802.11n WLAN running within 2.4 GHz, you notice a signal in the spectrum analyzer real time FFT display. The signal is characterized with the greatest strength utilizing only 12 megahertz of bandwidth and it does not use significantly more bandwidth until it has weakened by roughly 20 dB. At approximately -70 dB, it spreads across as much as 35 megahertz of bandwidth. What kind of signal is described?

1. A. A high-power ultra wideband (UWB) Bluetooth transmission.
2. B. A 2.4 GHz WLAN transmission using transmit beam forming.
3. C. A high-power, narrowband signal.
4. D. A deauthentication flood from a WIPS blocking an AP.
5. E. An HT-OFDM access point.
6. F. A frequency hopping wireless device in discovery mode.

Correct Answer: C

ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hotspot include:
* Cannot access corporate network resources
* Network permissions are limited to Internet access
* All stations must be authenticated
What security controls would you suggest? (Choose the single best answer.)

1. A. Configure access control lists (ACLs) on the guest WLAN to control data types and destinations.
2. B. Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
3. C. Implement separate controllers for the corporate and guest WLANs.
4. D. Use a WIPS to deauthenticate guest users when their station tries to associate with the corporate WLAN.
5. E. Force all guest users to use a common VPN protocol to connect.

Correct Answer: B