FREE CompTIA Network+ Wireless Security Protocols Questions and Answers

Question 1

A network administrator is setting up a wireless network for a large corporation. The security policy requires that each user authenticates with their unique network credentials rather than using a shared password. Which of the following wireless security configurations should be implemented?

Accepted Answer

WPA2-Enterprise

Answer

WPA2-Enterprise mode uses the IEEE 802.1X standard to authenticate each user individually, typically against a RADIUS server. This method allows for unique credentials for every user, which is a requirement for robust corporate security. WPA2-PSK and WPA3-Personal use a Pre-Shared Key, where all users share the same password. WEP is an obsolete and insecure protocol.

Question 2

Which wireless security protocol is considered deprecated and highly vulnerable due to its use of the RC4 stream cipher with a small, static 24-bit initialization vector (IV), making it susceptible to key recovery attacks?

Accepted Answer

WEP

Answer

Wired Equivalent Privacy (WEP) is an outdated security protocol that has significant vulnerabilities. Its use of the RC4 stream cipher combined with a short, 24-bit IV that is sent in plaintext leads to IV collision and allows attackers to easily recover the secret key.

Question 3

A network technician is upgrading a company's wireless security from WPA2 to WPA3. Which major enhancement does WPA3-Personal offer over WPA2-Personal to protect against offline dictionary attacks?

Accepted Answer

Simultaneous Authentication of Equals (SAE)

Answer

WPA3 replaces the Pre-Shared Key (PSK) four-way handshake of WPA2 with Simultaneous Authentication of Equals (SAE). SAE is a secure key establishment protocol that is resistant to offline dictionary attacks, which were a significant vulnerability in WPA2-PSK.

Question 4

WPA2 mandates the use of a specific AES-based protocol to provide strong data confidentiality and integrity. Which of the following protocols is required for WPA2?

Accepted Answer

CCMP

Answer

Wi-Fi Protected Access 2 (WPA2) mandates the use of CCMP (Counter Mode Cipher Block Chaining Message Authentication Code Protocol). CCMP is based on the strong AES (Advanced Encryption Standard) encryption algorithm and is a significant security improvement over the TKIP protocol used by WPA.

Question 5

A small business owner wants to set up a guest Wi-Fi network. They are using older access points that do not support WPA2 or WPA3. The only available security options are WEP and WPA with TKIP. Which of the following is the MOST secure option available in this scenario?

Accepted Answer

WPA with TKIP

Answer

While both are now considered insecure, WPA with TKIP (Temporal Key Integrity Protocol) is significantly more secure than WEP. WPA was designed as an interim replacement for WEP and fixed several of its critical flaws, such as implementing a message integrity check and dynamically changing keys. WEP is fundamentally broken and easily cracked, regardless of key length.

CompTIA Practice Test

CompTIA Practice Test

FREE CompTIA Network+ Wireless Security Protocols Questions and Answers