What is a primary criteria for a network to qualify as a Robust Security Network (RSN)?

A. Token cards must be used for authentication.

B. Dynamic WEP-104 encryption must be enabled.

C. WEP may not be used for encryption.

D. WPA-Personal must be supported for authentication and encryption.

E. WLAN controllers and APs must not support SSHv1.

As a part of a large organization's security policy, how should a wireless security professional address the problem of rogue access points?

A. Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.

B. Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.

C. Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.

D. A trained employee should install and configure a WIPS for rogue detection and response measures.

E. Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

Given: XYZ Company has recently installed a controller-based WLAN and is using a RADIUS server to query authentication requests to an LDAP server. XYZ maintains user-based access policies and would like to use the RADIUS server to facilitate network authorization.

What RADIUS features could be used by XYZ to assign the proper network permissions to users during authentication? (Choose 2)

A. The RADIUS server can communicate with the DHCP server to issue the appropriate IP address and VLAN assignment to users.

B. The RADIUS server can support vendor-specific attributes in the ACCESS-ACCEPT response, which can be used for user policy assignment.

C. RADIUS can reassign a client's 802.11 association to a new SSID by referencing a username- to-SSID mapping table in the LDAP user database.

D. RADIUS can send a DO-NOT-AUTHORIZE demand to the authenticator to prevent the STA from gaining access to specific files, but may only employ this in relation to Linux servers.

E. RADIUS attributes can be used to assign permission levels, such as read-only permission, to users of a particular network resource.

In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce? (Choose 2)

A. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.

B. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).

C. They are added together and used as the GMK, from which the GTK is derived.

D. They are input values used in the derivation of the Pairwise Transient Key.

E. They allow the participating STAs to create dynamic keys while avoiding sending unicast encryption keys across the wireless medium.

Wireless Intrusion Prevention Systems (WIPS) provide what network security services? (Choose 2)

A. Configuration distribution for autonomous APs

B. Wireless vulnerability assessment

C. Application-layer traffic inspection

D. Analysis and reporting of AP CPU utilization

E. Policy enforcement and compliance management