CWS WLAN Security Concepts Questions and Answers

Question 1

A network administrator is reviewing the security configuration of a corporate WLAN.
The goal is to provide strong authentication for corporate users by validating them against a central directory.
Each user should have unique credentials, and the system must support mutual authentication.
Which of the following security solutions is the MOST appropriate for this requirement?

Accepted Answer

WPA2-Enterprise with EAP-TLS

Answer

WPA3-Personal with a complex Pre-Shared Key (PSK)

Answer

MAC address filtering with a hidden SSID

Answer

Wi-Fi Protected Setup (WPS) in Push-Button mode

Question 2

During a security audit, a junior technician discovers a consumer-grade wireless access point connected to a corporate network switch port in the marketing department. This AP was not installed by the IT team. How is this type of unauthorized device BEST classified?

Accepted Answer

Rogue Access Point

Answer

Evil Twin AP

Answer

Ad-hoc network

Answer

Misconfigured AP

Question 3

Which security vulnerability, discovered in 2017, exposed a fundamental weakness in the WPA2 protocol's 4-way handshake, allowing an attacker to decrypt Wi-Fi traffic by forcing nonce reuse?

Accepted Answer

KRACK (Key Reinstallation Attack)

Answer

Heartbleed

Answer

Shellshock

Answer

WPS Brute-Force Attack

Question 4

A company wants to enhance its WLAN security by protecting against deauthentication and disassociation attacks, which can be used to disrupt wireless service. Which IEEE 802.11 amendment specifically addresses this by providing protection for management frames?

Accepted Answer

802.11w

Answer

802.11r

Answer

802.11k

Answer

802.11e

Question 5

An organization is migrating to WPA3-Personal security. What is the primary authentication method that replaces the Pre-Shared Key (PSK) handshake used in WPA2-Personal to provide stronger protection against offline dictionary attacks?

Accepted Answer

Simultaneous Authentication of Equals (SAE)

Answer

Temporal Key Integrity Protocol (TKIP)

Answer

Extensible Authentication Protocol (EAP)

Answer

Advanced Encryption Standard (AES)

Question 6

Which of the following is considered the LEAST secure method for protecting a wireless network and has been officially deprecated by the Wi-Fi Alliance due to significant, well-known vulnerabilities?

Accepted Answer

WEP (Wired Equivalent Privacy)

Answer

WPA2 with AES

Answer

WPA with TKIP

Answer

WPA3 with SAE