CompTIA Security+ Question L-48

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security?

A. WPA2-AES
B. 802.11ac
C. WPA-TKIP
D. WEP

Answer: C

Explanation:
WPA-TKIP uses the RC4 cipher.

TKIP and the related WPA standard implement three new security features to address security problems encountered in WEP protected networks. First, TKIP implements a key mixing function that combines the secret root key with the initialization vector before passing it to the RC4 initialization. WEP, in comparison, merely concatenated the initialization vector to the root key, and passed this value to the RC4 routine. This permitted the vast majority of the RC4 based WEP related key attacks. Second, WPA implements a sequence counter to protect against replay attacks. Packets received out of order will be rejected by the access point. Finally, TKIP implements a 64-bit Message Integrity Check (MIC) To be able to run on legacy WEP hardware with minor upgrades, TKIP uses RC4 as its cipher. TKIP also provides a rekeying mechanism. TKIP ensures that every data packet is sent with a unique encryption key.

CompTIA Security+ Question J-68

A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption.
Which of the following should be implemented?

A. WPA2-CCMP with 802.1X
B. WPA2-PSK
C. WPA2-CCMP
D. WPA2-Enterprise

Answer: D

Explanation:
D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security

(e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts.

CompTIA Security+ Question E-98

A security administrator must implement a wireless encryption system to secure mobile devices’ communication. Some users have mobile devices which only support 56-bit encryption. Which of the following wireless encryption methods should be implemented?

A. RC4
B. AES
C. MD5
D. TKIP

Answer: A

Explanation:
RC4 is popular with wireless and WEP/WPA encryption. It is a streaming cipher that works with key sizes between 40 and 2048 bits, and it is used in SSL and TLS.

CompTIA A+ 220-902 Question J-26

A company recently had a security breach and is now required to increase the security on their workstations. A technician has been tasked to harden all the workstations on the network. Which of the following should the technician do?

A. Enable Windows automatic updates
B. Enable screensaver required passwords
C. Enable MAC filtering
D. Enable wireless encryption

CompTIA A+ 220-902 Question F-83

A technician is tasked with improving the security of a SOHO network. The office is comprised of a single wireless router located under the front desk where the office manager sits. All desktop computers are wired into the router which is configured with strong device credentials. Additionally, wireless is disabled on the router. Which of the following should the technician perform NEXT to improve the security of the SOHO network?

A. Disable the routers remote management feature.
B. Enable WPA2 wireless encryption.
C. Change the routers default admin name and password.
D. Place the router in a locked room.

CompTIA A+ 220-902 Question C-15

A wireless network is experiencing intermittent connectivity. Which of the following would BEST resolve this issue?

A. Enable MAC filtering
B. Change broadcast channel
C. Enable wireless encryption
D. Disable SSID broadcasting

CompTIA A+ Question G-58

An administrator wants to prevent people outside of the building from accessing a new wireless router. Which of the following is the LEAST labor intensive method to use while setting up new workstations?

A. Turn SSID broadcast off
B. Use wireless encryption
C. Institute MAC filtering
D. Setup static IP addresses

Correct Answer: A

Explanation:
http://www.speedguide.net/faq_in_q.php?qid=81