CompTIA Security+ Question C-65

Emily, a security administrator, is noticing a slow down in the wireless network response. Emily launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?

A. IV attack
B. Interference
C. Blue jacking
D. Packet sniffing

Answer: A

Explanation:
In this question, it’s likely that someone it trying to crack the wireless network security. An initialization vector is a random number used in combination with a secret key as a means to encrypt data. This number is sometimes referred to as a nonce, or “number occurring once,” as an encryption program uses it only once per session. An initialization vector is used to avoid repetition during the data encryption process, making it impossible for hackers who use dictionary attack to decrypt the exchanged encrypted message by discovering a pattern. This is known as an IV attack. A particular binary sequence may be repeated more than once in a message, and the more it appears, the more the encryption method is discoverable. For example if a one-letter word exists in a message, it may be either “a” or “I” but it can’t be “e” because the word “e” is non-sensical in English, while “a” has a meaning and “I” has a meaning. Repeating the words and letters makes it possible for software to apply a dictionary and discover the binary sequence corresponding to each letter. Using an initialization vector changes the binary sequence corresponding to each letter, enabling the letter “a” to be represented by a particular sequence in the first instance, and then represented by a completely different binary sequence in the second instance.

WEP (Wireless Equivalent Privacy) is vulnerable to an IV attack. Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets.

CompTIA Security+ Question C-13

Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.

A. Public keys, one time
B. Shared keys, private keys
C. Private keys, session keys
D. Private keys, public keys

Answer: D

Explanation:
Symmetrical systems require the key to be private between the two parties. With asymmetric systems, each circuit has one key. In more detail:

*

Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isn’t disclosed to people who aren’t authorized to use the encryption system.

*

Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as the public key and the private key. The sender uses the public key to encrypt a message, and the receiver uses the private key to decrypt the message; what one key does, the other one undoes.

CompTIA Security+ Question B-58

Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key?

A. Session Key
B. Public Key
C. Private Key
D. Digital Signature

Answer: C

Explanation:
Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isn’t disclosed to people who aren’t authorized to use the encryption system.

CompTIA Network+ Question A-46

A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. Which of the following is the MOST likely reason for the problem?

A. Username is misspelled is the device configuration file
B. IDS is blocking RADIUS
C. Shared secret key is mismatched
D. Group policy has not propagated to the device

Correct Answer: C

Explanation:
AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems.
Authentication, authorization, and accounting (AAA) allows a network to have a single repository of user credentials. A network administrator can then, for example, supply the same credentials to log in to various network devices (for example, routers and switches). RADIUS and TACACS+ are protocols commonly used to communicate with an AAA server.