Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

A. The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

B. The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

C. 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

D. The username can be looked up in a dictionary file that lists common username/password combinations.

Given: ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations.

As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication? (Choose 2)

A. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.

B. MS-CHAPv2 is subject to offline dictionary attacks.

C. LEAP's use of MS-CHAPv2 is only secure when combined with WEP.

D. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.

E. MS-CHAPv2 uses AES authentication, and is therefore secure.

F. When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.

Given: Your network includes a controller-based WLAN architecture with centralized data forwarding. The AP builds an encrypted tunnel to the WLAN controller. The WLAN controller is uplinked to the network via a trunked 1 Gbps Ethernet port supporting all necessary VLANs for management, control, and client traffic.

What processes can be used to force an authenticated WLAN client's data traffic into a specific VLAN as it exits the WLAN controller interface onto the wired uplink? (Choose 3)

A. On the Ethernet switch that connects to the AP, configure the switch port as an access port (not trunking) in the VLAN of supported clients.

B. During 802.1X authentication, RADIUS sends a return list attribute to the WLAN controller assigning the user and all traffic to a specific VLAN.

C. In the WLAN controller's local user database, create a static username-to-VLAN mapping on the WLAN controller to direct data traffic from a specific user to a designated VLAN.

D. Configure the WLAN controller with static SSID-to-VLAN mappings; the user will be assigned to a VLAN according to the SSID being used.

In an effort to optimize WLAN performance, ABC Company has upgraded their WLAN infrastructure from 802.11a/g to 802.11n. 802.11a/g clients are still supported and are used throughout ABC's facility. ABC has always been highly security conscious, but due to budget limitations, they have not yet updated their overlay WIPS solution to 802.11n or 802.11ac.

Given ABC's deployment strategy, what security risks would not be detected by the 802.11a/g WIPS?

A. Hijacking attack performed by using a rogue 802.11n AP against an 802.11a client

B. Rogue AP operating in Greenfield 40 MHz-only mode

C. 802.11a STA performing a deauthentication attack against 802.11n APs

D. 802.11n client spoofing the MAC address of an authorized 802.11n client

Select the answer option that arranges the numbered events in the correct time sequence (first to last) for a client associating to a BSS using EAP-PEAPv0/MSCHAPv2.

1.

Installation of PTK

2.

Initiation of 4-way handshake

3.

Open system authentication

4.

802.11 association

5.

802.1X controlled port is opened for data traffic

6.

Client validates server certificate

7.

AS validates client credentials

A. 3--4--6--7--2--1--5

B. 4--3--5--2--7--6--1

C. 5--3--4--2--6--7--1

D. 6--1--3--4--2--7--5

E. 4--3--2--7--6--1--5

F. 3--4--7--6--5--2--1