Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security?
A. WPA2-AES B. 802.11ac C. WPA-TKIP D. WEP
Explanation: WPA-TKIP uses the RC4 cipher.
TKIP and the related WPA standard implement three new security features to address security problems encountered in WEP protected networks. First, TKIP implements a key mixing function that combines the secret root key with the initialization vector before passing it to the RC4 initialization. WEP, in comparison, merely concatenated the initialization vector to the root key, and passed this value to the RC4 routine. This permitted the vast majority of the RC4 based WEP related key attacks. Second, WPA implements a sequence counter to protect against replay attacks. Packets received out of order will be rejected by the access point. Finally, TKIP implements a 64-bit Message Integrity Check (MIC) To be able to run on legacy WEP hardware with minor upgrades, TKIP uses RC4 as its cipher. TKIP also provides a rekeying mechanism. TKIP ensures that every data packet is sent with a unique encryption key.
A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption. Which of the following should be implemented?
A. WPA2-CCMP with 802.1X B. WPA2-PSK C. WPA2-CCMP D. WPA2-Enterprise
Explanation: D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security
(e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts.
A security administrator must implement a wireless encryption system to secure mobile devices’ communication. Some users have mobile devices which only support 56-bit encryption. Which of the following wireless encryption methods should be implemented?
A. RC4 B. AES C. MD5 D. TKIP
Explanation: RC4 is popular with wireless and WEP/WPA encryption. It is a streaming cipher that works with key sizes between 40 and 2048 bits, and it is used in SSL and TLS.
A company recently had a security breach and is now required to increase the security on their workstations. A technician has been tasked to harden all the workstations on the network. Which of the following should the technician do?
A. Enable Windows automatic updates B. Enable screensaver required passwords C. Enable MAC filtering D. Enable wireless encryption
A technician is tasked with improving the security of a SOHO network. The office is comprised of a single wireless router located under the front desk where the office manager sits. All desktop computers are wired into the router which is configured with strong device credentials. Additionally, wireless is disabled on the router. Which of the following should the technician perform NEXT to improve the security of the SOHO network?
A. Disable the routers remote management feature. B. Enable WPA2 wireless encryption. C. Change the routers default admin name and password. D. Place the router in a locked room.
A client wants a wireless SOHO installed in the building that already has other wireless networks in it. The client wants the network to not be easily seen. Which of the following can the technician disable to help the network from being seen?
A. SSID broadcast B. DHCP C. MAC filtering D. Wireless encryption
An administrator wants to prevent people outside of the building from accessing a new wireless router. Which of the following is the LEAST labor intensive method to use while setting up new workstations?
A. Turn SSID broadcast off B. Use wireless encryption C. Institute MAC filtering D. Setup static IP addresses