CCNA3 Exploration Chapter 7. Study questions. Answers

7.1

What are the advantages of wireless networks over cabled networks?

People can stay in contact with their work while they are travelling. People can move within a building without cables having to be moved. A business can move into a new building that does not have network cabling, and it is not necessary to run cables to each workstation, which saves on cost, though some cabling will still be needed.

Over what range of distance would Bluetooth technology be used?

Short range, for example between a peripheral device and a PC.

Over what range of distance would the 802.11 standard be used?

Medium, in LANs (on one site) and MANs (on sites within the same town/city).

At which OSI layers is the difference between cabled and wireless networks important?

Layers 1 and 2 (physical and data link).

What potential problems of a wireless LAN are not significant on a cabled LAN?

Interference, and the ability of anyone to receive a transmission if they have a receiver within range. Wireless is also subject to regulation which may vary from country to country,

Does the 802.11 standard use CSMA/CD?

No. It uses collision avoidance rather than collision detection and recovery.

How could a wireless-enabled laptop make a connection to a wired Ethernet network?

It can connect through a wireless access point (AP) that is attached to the network by a cable.

What were the advantages and disadvantages of using the 802.11b standard rather than the 802.11a standard?

802.11b was cheaper, it was less easily obstructed by walls etc, and it could have a longer range. On the other hand, it was slower, maximum rate 11 Mbps as opposed to 54 Mbps. It used the 2.4 GHz band rather then the 5 GHz band, which led to more interference as many appliances use the 2.4 GHz band.

How does the current 802.11g standard compare with 802.11a and 802.11b?

It uses the 2.4 GHz band like 802.11b. It is compatible with either of the earlier standards because it can use DSSS modulation like 802.11b with speeds up to 11 Mbps, or it can use OFDM modulation like 802.11a with speeds up to 54 Mbps. It has a similar range to the earlier standards.

How is the planned 802.11n standard expected to provide higher data rates?

It will use MIMO (multiple input/multiple output) technology. A high rate data stream will be split into two or more lower data rate streams. These streams will be sent at the same time using multiple antennae.

Why is WiFi certification important?

The IEEE standards cover modulation methods but not manufacture. Manufacturers could interpret the standards differently so that devices would not be compatible. The WiFi alliance is an association of vendors. They certify that vendors are keeping to industry norms and standards so that their devices should work with devices from other vendors.

How can a desktop PC be enabled to connect to a wireless access point?

It can have a wireless NIC installed as an expansion card, or it can have a removable USB device.

How can RTS/CTS help with the hidden node problem?

Wireless is a shared medium and therefore subject to collisions. Stations sense transmissions and wait until the medium is clear before sending. The hidden node problem occurs when stations are unable to sense each other and so may transmit at the same time. RTS/CTS is a system where stations request the use of the medium, and the access point allocates time to them. Other stations have to wait before sending their own requests.

What three roles are commonly combined in a wireless router?

Router, Ethernet switch and wireless access point

What is the purpose of the shared service set identifier (SSID)?

It identifies the wireless network.

The 2.4 GHz band is split into 13 channels for Europe. How far apart are the central points of these channels, and how wide are the channels?

The channels have a centre frequency separation of 5 MHz. Each channel occupies 22 MHz of bandwidth so that they overlap.

How can you ensure that adjacent access points use channels that do not overlap?

Choose channels that are 5 channels apart, e.g. channels 1 and 6.

What is an ad-hoc topology?

Wireless enabled devices do not have an access point. They connect directly to each other and negotiate the wireless parameters with each other. An ad hoc network is also known as an independent basic service set (IBSS).

What is a basic service area (BSA)?

The area covered by a basic service set (BSS).

What is an Extended service set topology?

A topology with more than one access point.

When planning a wireless LAN, you will need to draw coverage circles on a floor plan, but what other factors should you take into account when locating access points?

Place the access point above obstructions and not near to metal obstructions.

Place the access point vertically and high up, perhaps near the ceiling.

Place access points in locations where users will be making use of them.

7.2

What are the three major categories of security threat to a wireless LAN?

War drivers who look for an unsecured network that will provide Internet access.

Hackers (Crackers) who enter systems to steal data or cause harm. They can often get past weak security.

Employees may install rogue access points without permission and without implementing the necessary security.

What is the problem of having wireless devices with default settings ready to be used?

The default settings are known. If the defaults are not changed then anyone can break into the system.

A NIC on a shared medium will receive all transmissions but discard those that are not addressed to it. What would a “man in the middle” attacker do to make a wireless laptop accept transmissions addressed to another client?

Use special software to adapt the NIC of the laptop so that it accepts all transmissions. The NIC then acts like an access point.

How can denial of service attacks be carried out on a wireless network?

Use common devices to create interference. (cordless phone, microwave, baby monitor)

Flood the network with clear-to-send (CTS) messages. Clients then send simultaneously and cause a constant stream of collisions.

Send a series of disassociate commands so that clients repeatedly disconnect then try to reassociate.

What authentication was included with the original 802.11 standard and why was this unsatisfactory?

Open authentication provided no security at all. The client requested authentication and the access point provided it without making any checks. WEP authentication was designed to provide some privacy by using shared key encryption. This method was too weak because the encryption algorithm could be cracked. Also, the 32 bit keys had to be entered by hand and this led to errors.

What authentication standard should be used now?

802.11i should be used. The Wi-Fi Alliance WPA2 standard is an implementation of 802.11i.

What is 802.1x ?

A standard specifying authentication protocols such as EAP (extensible authentication protocol.)

Interim security measures included MAC filtering and turning off SSID broadcasts. Why are these not considered to be adequate security measures/

It is easy for attackers to get round MAC address filtering by using software to modify MAC addresses attached to adapters. SSIDs can be discovered by using a packet sniffer to monitor traffic.

What is an AAA server and what protocol does it run?

An Authentication, Authorization, and Accounting server. It stores authentication information. It runs a RADIUS protocol. (Remote Authentication Dial In User Service)

What two enterprise-level encryption mechanisms specified by 802.11i are certified by the WiFi Alliance, and which of them is preferred?

Temporal Key Integrity Protocol (TKIP) is the method certified as WPA and Advanced Encryption Standard (AES)is certified as WPA2. AES is preferred. TKIP can be used on legacy equipment.

While configuring a wireless access point, you see a reference to PSK2. Which encryption method does this refer to?

If neither TKIP nor AES is mentioned then WPA2 is used (AES). If PSK2 with TKIP is specified then WPA is used.

How can you add depth to your security system on a wireless network?

You should configure WLAN security, preferably WPA2.

Then add extra safeguards that are not sufficient in themselves:

Disable SSID broadcasts from access points. (SSID cloaking).

Set up a manual table of allowed client MAC addresses on the access point. (MAC address filtering)

Try to restrict access to the network to within or near a building if possible, by giving access points near the outer walls a lower power setting than access points in the middle of the building.

7.3

What should you do before starting to install a wireless access point?

Check the wired portion of the network, including Internet access and DHCP operation.

What should you do before configuring security on a wireless access point?

Check that at least one wireless host is able to make contact with the access point without security, that it can obtain an IP address and that it can ping the local router.

What type of interface do wireless access points commonly offer for configuration?

Web based interface.

When configuring the access point, which mode should you choose if you have both wireless-G and wireless-N devices?

Mixed.

What should you remember when choosing the SSID?

It is case sensitive. It can have up to 32 characters. All the devices in the wireless network must use the same SSID. It should be changed from the default for security.

What radio band should you choose if your have only Wireless-G and Wireless-B clients?

Standard - 20MHz Channel.

What radio band should you choose if your have only Wireless-N clients?

Wide - 40MHz Channel.

What radio band should you choose if your have Wireless-G, Wireless-B and Wireless-N clients?

Keep the default Auto.

Which is the preferred security option?

PSK2 (Same as WPA2 or IEEE 802.11i).

Why are other, less good, security modes offered?

Older client devices may not have the best security option available. All devices must use the same security option.

Which is the stronger encryption algorithm – TKIP or AES?

AES.

What parameters might you need to set on the wireless host?

The SSID, the authentication method, the encryption method and the network key.

Which OSI layer is the recommended starting point for troubleshooting?

Layer 1, the physical layer.

If a client is having problems connecting to a wireless network, which device should be investigated first?

The client itself.

SW 5/9/2008 Chap 5 Network Layer Study AnswersUNF.doc 6