Author Archive

Share your ENWLSI Experience

February 4th, 2020 wirelesstut 387 comments

The new ENWLSI 300-430 is going to come to replace the old CCNP exams (the last day to take CCNP exams is February 23, 2020) so we create the “Share your ENWLSI Experience” for everyone to share their experience to prepare for this new exam.

Please share with us your experience to prepare for the new ENWLSI 300-430 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Note: To get the new CCNP Enterprise certificate, you need to pass the ENCOR 350-401 exam (core exam) and one of the concentration exam.

Your posts are warmly welcome! Hope you will find useful information here!

Share your ENWLSD Experience

February 4th, 2020 wirelesstut 403 comments

The new ENWLSD 300-425 is going to come to replace the old CCNP exams (the last day to take CCNP exams is February 23, 2020) so we create the “Share your ENWLSD Experience” for everyone to share their experience to prepare for this new exam.

Please share with us your experience to prepare for the new ENWLSD 300-425 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome! Hope you will find useful information here!

Share your WIDEPLOY Experience

July 8th, 2017 wirelesstut 428 comments

Please share with us your experience after taking the WIDEPLOY 300-365 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your WIDESIGN Experience

July 8th, 2017 wirelesstut 1,403 comments

Please share with us your experience after taking the WIDESIGN 300-360 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your WITSHOOT Experience

July 8th, 2017 wirelesstut 331 comments

Please share with us your experience after taking the WITSHOOT300-370 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your WISECURE Experience

July 8th, 2017 wirelesstut 330 comments

Please share with us your experience after taking the WISECURE 300-375 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your WIFUND Experience

July 8th, 2017 wirelesstut 1,701 comments

Please share with us your experience after taking the WIFUND 200-355 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Privacy Policy

October 20th, 2013 wirelesstut 6 comments

Get bolded

Share your IAUWS Experience

October 20th, 2013 wirelesstut 362 comments

Please share with us your experience after taking the IAUWS 642-737 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your IUWMS Experience

October 20th, 2013 wirelesstut 358 comments

Please share with us your experience after taking the IUWMS 642-747 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your IUWVN Experience

October 20th, 2013 wirelesstut 452 comments

Please share with us your experience after taking the IUWVN 642-742 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your CUWSS Experience

October 20th, 2013 wirelesstut 665 comments

Please share with us your experience after taking the CUWSS 642-732 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your CCNA Wireless Experience

February 1st, 2013 wirelesstut 3,939 comments

Please share with us your experience after taking the CCNA Wireless 640-722 exam, your materials, the way you learned, your recommendations…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Basic Terminologies

November 6th, 2011 wirelesstut 158 comments

Antenna

An antenna is a device to transmit and/or receive electromagnetic waves. Electromagnetic waves are often referred to as radio waves. Most antennas are resonant devices, which operate efficiently over a relatively narrow frequency band. An antenna must be tuned (matched) to the same frequency band as the radio system to which it is connected otherwise reception and/or transmission will be impaired.

Types of antenna

There are 3 types of antennas used with mobile wireless, omnidirectional, dish and panel antennas.
+ Omnidirectional radiate equally in all directions
+ Dishes are very directional
+ Panels are not as directional as Dishes.

Decibels

Decibels (dB) are the accepted method of describing a gain or loss relationship in a communication system. If a level is stated in decibels, then it is comparing a current signal level to a previous level or preset standard level. The beauty of dB is they may be added and subtracted. A decibel relationship (for power) is calculated using the following formula:

dB_formula.jpg

“A” might be the power applied to the connector on an antenna, the input terminal of an amplifier or one end of a transmission line. “B” might be the power arriving at the opposite end of the transmission line, the amplifier output or the peak power in the main lobe of radiated energy from an antenna. If “A” is larger than “B”, the result will be a positive number or gain. If “A” is smaller than “B”, the result will be a negative number or loss.

You will notice that the “B” is capitalized in dB. This is because it refers to the last name of Alexander Graham Bell.

Note:

+ dBi is a measure of the increase in signal (gain) by your antenna compared to the hypothetical isotropic antenna (which uniformly distributes energy in all directions) -> It is a ratio. The greater the dBi value, the higher the gain and the more acute the angle of coverage.

+ dBm is a measure of signal power. It is the the power ratio in decibel (dB) of the measured power referenced to one milliwatt (mW). The “m” stands for “milliwatt”.

Read more…

Share your IAUWS Experience

November 6th, 2011 wirelesstut 13 comments

Please share with us your experience after taking the IAUWS 642-736 exam, your materials, the way you learned, your recommendations…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your IUWMS Experience

November 6th, 2011 wirelesstut 8 comments

Please share with us your experience after taking the IUWMS 642-746 exam, your materials, the way you learned, your recommendations…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your IUWVN Experience

November 6th, 2011 wirelesstut 24 comments

Please share with us your experience after taking the IUWVN 642-741 exam, your materials, the way you learned, your recommendations…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Share your CUWSS Experience

November 6th, 2011 wirelesstut 19 comments

Please share with us your experience after taking the CUWSS 642-731 exam, your materials, the way you learned, your recommendations…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…

Wireless Fundamentals

February 28th, 2011 wirelesstut 40 comments

Here you will find answers to Wireless Fundamentals Questions – Part 1

If you are not sure about Wireless, please read my Wireless tutorial and Basic Wireless Terminologies

Question 1

What is fading?

A. Another signal source is producing energy on the channel in which you are trying to operate.
B. The desired signal reaches the receiving antenna via multiple paths, each of which has a different propagation delay and path loss.
C. A time-varying change in the path loss of a link with the time variance governed by the movement of objects in the environment, including the transmitter and receiver themselves.
D. A function of the frequency and should be provided in the cable specification by the vendor.
E. The minimum signal level for the receiver to be able to acceptably decode the information.
F. The time delay from the reception of the first instance of the signal until the last instance.

 

Answer: C

Explanation

Fading is a time-varying change in the path loss of a link with the time variance governed by the movement of objects in the environment, including the transmitter and receiver themselves. For example, you might be sitting in a conference room with a wireless laptop and be connected to an AP in the hallway. If someone closes the door to the conference room, the path loss drops, resulting in a lower received signal level because the signal has to go through different paths to reach the destination. This scenario is a fade.

The different signal paths between a transmitter and a receiver correspond to different transmission times. For an identical signal pulse from the transmitter, multiple copies of signals are received at the receiver at different moments. The signals on shorter paths reach the receiver earlier than those on longer paths.

In wireless communications, signal fading is caused by multi-path effect. Multi-path effect means that a signal transmitted from a transmitter may have multiple copies traversing different paths to reach a receiver. Thus, at the receiver, the received signal should be the sum of all these multi-path signals.

multi_path_signal.jpg

multipath_sum.jpg

(Notice that the resulting received signal has similar form of direct signal)

Question 2

In what frequency band does 802.11n operate in?

A. 5.0Ghz
B. 2.4Ghz
C. 3.7Ghz
D. 2.4Ghz and 5.0Ghz

 

Answer: D

Explanation

802.11n operates in the 2.4-GHz and 5-GHz bandwidths and is backward-compatible with 802.11a and 802.11b/g.

Question 3

Which three elements define the 802.11n implementation of MIMO? (Choose three)

A. Channel Bonding
B. Dynamic Frequency Selection
C. Maximal Ratio Combining
D. Packet Aggregation
E. Spatial Multiplexing
F. Transmit Beam Forming

 

Answer: C E F

Explanation

Multiple-Input Multiple-Output (MIMO) is a technology that is used in the new 802.11n specification. A device that uses MIMO technology uses multiple antennas to receive signals (usually two or three) as well as multiple antennas to send signals. Three elements that are implemented in MIMO are:

+ Maximal Ratio Combining (MRC): used by the receiver with multiple antennas to optimally combine energies from multiple receive chains. An algorithm eliminates out-of-phase signal degradation.

In this example, the radio receiver uses 3 antennae to take advantage of the multiple signals that each carry an identical copy of the data, by combining the received signals and performing algorithms that increase the sensitivity to the received signal.

MIMO_Maximal_Ratio_Combining.jpg

+ Spatial Multiplexing: Multiple antennas are used on the transmitting or receiving end. Since the same channel is used, each antenna receives the direct component intended for it as well as the indirect components for the other antennas. However it requires the client to have multiple antennae and be 802.11n compliant.

MIMO_Spatial_Multiplexing.jpg

We can also use Spatial Multiplexing to transmit multiple data streams at the same time. They are transmitted on the same channel, but by different antenna. This technique can double, triple, or quadruple the data rate depending on the number of transmit antennas.

+ Transmit Beam Forming: The transmitter on a MIMO AP is able to adjust the transmitted signal by modifying the transmitted beam from each of its antenna according to the reflective environment in order to improve the signal to noise ratio (SNR) at the receiver, thereby improving network performance and predictability.

MIMO_Transmit_Beam_Forming.jpg

Question 4

Effective Isotropic Radiated Power is calculated by using which three values? (Choose three)

A. antenna bandwidth
B. antenna gain
C. cable loss
D. receiver sensitivity
E. SSID
F. transmission power

 

Answer: B C F

Explanation

Effective Isotropic Radiated Power (EIRP) is a way to measure the amount of energy radiated from an antenna. EIRP is calculated using the following formula:

EIRP = transmitter output power – cable loss + antenna gain

in which:

+ Transmitter output power: the total power radiated by the antenna.
+ Cable loss: when an access point sends energy to an antenna to be radiated, a cable might exist between the two. A certain degree of loss in energy is expected to occur in the cable.
+ Antenna gain: To counteract cable loss, an antenna adds gain, thus increasing the energy level.

Example 1:

Transmitter power = 35 dBm
Antenna gain = 10 dBi
Line loss = 8 dB

EIRP (dBm or dBW) = P (dBm or dBW) + G (dBi) – L (dB)

EIRP = 35 + 10 – 8
EIRP = 37 dB

Example 2:

Transmitter with 100 mW output power (+20 dBm)
Yagi antenna with a 13.5 dBi gain rating
50 foot of cable with a loss of 2.2 dB

EIRP = 20 + 13.5  – 2.2  = 31.3 dBm

Question 5

What increases bandwidth and resists multipath problems by carrying data in subcarriers?

A. Direct Sequence Spread Spectrum
B. Frequency Hopping Spread Spectrum
C. Narrow Band Frequency
D. Orthogonal Frequency Division Multiplexing

 

Answer: D

Explanation

Orthogonal Frequency Division Multiplexing (OFDM) defines a number of channels in a frequency range. It transmits several high speed communication channels through a single communication channel using separate sub-carriers ( frequencies) for each radio channel.

(“Orthogonal” here means the peak of each signal coincides with the trough of other signals)

With OFDM (Orthogonal Frequency Division Multiplexing), sub-carriers in the signal wave can be overlapping without causing any interference. This is accomplished by making the sub-carriers in an OFDM exactly orthogonal to each other, meaning that while one is at its peak the others are all zero. As a result, OFDM systems are able to maximize spectral efficiency without causing adjacent channel interference. The frequency domain of an OFDM system is represented in the diagram below.

OFDM.gif

Comparing to traditional FDM, each channel is spaced by about 25% of the channel width. This is done to ensure that adjacent channels do not interfere.

FDM.gif

Because of the overlapping ability without interfering, OFDM systems are able to maximize spectral efficiency and this allows for a greater data throughput for a given bandwidth.

OFDM helps resisting multipath

The great advantage of OFDM is that if there are 48 channels carrying data, each of them can transmit slower than a CCK channel and the group of 48 will still achieve a higher throughput. For example, if each subcarrier sends at 1 Mb/s, the total speed achieved will be 48 Mb/s. The result is that not only is OFDM faster but, as each channel transmits slower, it becomes more resistant to multipath. Because there are many channels, some of them can be affected by interferences but the others can still offer normal communications. The control channels allow the receiver to detect which channels are unusable and provide feedback to the sender.

Question 6

What is derived from measuring the RF duty cycle?

A. dynamic channel selection
B. LWAPP header length
C. RF utilization
D. transmit power control

 

Answer: C

Explanation

Duty cycle is a percentage, and is directly related to RF utilization. If something other than a Wi-Fi radio is transmitting on a channel, then a Wi-Fi radio can’t use the channel until it’s free. So duty cycle tells us how often (what percentage of time) the channel is in use by something that is seen as noise by the Wi-Fi network.

Question 7

In 802.1X, which is the supplicant?

A. the point of access
B. the machine in the network that keeps a list of conditions
C. the machine that attempts to access the network
D. the device that performs the authentication

 

Answer: C

Explanation

The IEEE 802.1X protocol defines port-based access control. It defines three roles:
+ Supplicant: The machine that wishes to access the network.
+ Authenticator: The point of access, typically a switch. It is the point of entrance to the network. The supplicant, typically a PC, would connect to the authenticator.
+ Authentication server: A machine somewhere in the network that keeps a list of conditions by which access should be granted or refused.

Question 9

What three roles are defined by 802.1X? (Choose three)

A. AAA Server
B. Authenticatee
C. Authenticator
D. Authentication Server
E. Supplicant

 

Answer: C D E

Question 10

Which modulation technique allows you to achieve a data rate of 54Mb/s in the 2.4GHz-band?

A. Complimentary Code Keying
B. Differential Binary Phase Shift Keying
C. Differential Quadrature Phase Shift Keying
D. Quadrature Amplitude Modulation

 

Answer: D

Explanation

Quadrature Amplitude Modulation (QAM) is a method of combining two amplitude-modulated (AM) signals into a single channel, thereby doubling the effective bandwidth. In a QAM signal, there are two carriers, each having the same frequency but differing in phase by 90 degrees (so they are called quadrature carriers). Mathematically, one of the signals can be represented by a sine wave, and the other by a cosine wave. The two modulated carriers are combined at the source for transmission. At the destination, the carriers are separated, the data is extracted from each, and then the data is combined into the original modulating information.

With QAM method, 802.11g standard delivers the same 54 Mb/s maximum data rate as 802.11a, but operates in the
same 2.4-GHz band as 802.11b.

Wireless Fundamentals 2

February 27th, 2011 wirelesstut 15 comments

Here you will find answers to Wireless Fundamentals – Part 2

Question 1

How are omni antennas in a wireless network most commonly polarized?

A. circularly
B. horizontally
C. vertically
D. both horizontally and vertically

 

Answer: C

Explanation

Omni antennas send a signal of the same strength in all directions. Antennae in wireless networks are often vertically polarized, which makes the electric field vertical.

Note: A VERTICALLY POLARIZED antenna transmits an electromagnetic wave with the E field perpendicular to the Earth’s surface.

vertical_antenna.jpg

Vertical antenna: Electronic field perpendicular to the Earth’s surface

A HORIZONTALLY POLARIZED antenna transmits a radio wave with the E field parallel to the Earth’s surface.

horizontal_antenna.jpg

Horizontal antenna: E field parallel to the Earth’s surface

 

Vertical polarization means that the wave moves up and down in a linear way. Horizontal polarization means that the wave moves left and right in a linear way.

-> We also notice that the E field is in the same direction with the antenna.

Question 2

Which governing body analyzes the applications and environments in which wireless networks are used?

A. EIRP
B. ETSI
C. FCC
D. IEEE
E. WiFi Alliance

 

Answer: D

Question 3

What does the current European Telecommunications Standards Institute rule state is the 2.4-GHz maximum transmitter output power for point-to-point installations?

A. 16dBm
B. 17dBm
C. 20dBm
D. 30dBm
E. 36dBm

Answer: B

Explanation

Currently ETSI stipulates a maximum of 20 dBm EIRP on point-to-multipoint and point-to-point installations; it also stipulates 17 dBm maximum transmitter power with 3 dBi in gain attributed to antenna and cable combination.

Question 4

What are two attributes used to characterize antenna performance? (Choose two)

A. attenuation
B. beamwidth
C. gain
D. harmony
E. interference

 

Answer: B C

Explanation

The fundamental characteristics of an antenna are its gain and half power beamwidth.

Some antennas are highly directional; that is, more energy is propagated in certain directions than in others. The ratio between the amount of energy propagated in these directions compared to the energy that would be propagated if the antenna were not directional (Isotropic Radiation) is known as its gain.

(An isotropic radiator will distribute its power equally in all directions)

Beamwidth is another of the important criteria since it specifies boundaries within the antenna radiation pattern, which are considered to be the limit of useful radiation (or reception).

Question 5

Bluetooth RF characteristics can be best described as which of the following?

A. continuous transmitting 5-GHz range
B. continuous transmitting 2.4-GHz range
C. frequency hopping 5-GHz range
D. frequency hopping 2.4-GHz range

 

Answer: D

Question 6

Which best describes an Ad Hoc Network?

A. Basic Service Set
B. Extended Service Set
C. Independent Basic Service Set
D. Mesh Network
E. WiMAX Network

 

Answer: C

Question 7

When would rate shifting down by a client occur?

A. when the distance to the AP has increased and the missed-symbol rate has increased
B. when the distance to the AP has increased and the signal level has increased
C. when multipath has decreased and the missed-symbol rate has decreased
D. when the noise level has decreased and the signal level has increased

 

Answer: A

Explanation

When a client moves away from the AP, the WLAN adapter software determines a threshold from where the client will not be able to achieve the maximum speed. This threshold is product-dependant and relies on values such as the Received Signal Strength Indicator (RSSI), packet error rate, and so on. To avoid losing too many packets or even the connection, the client reverts to a simpler modulation, thus slowing the speed of its communication with the AP.

Question 8

Which physical layer encoding technology is common to both the IEEE 802.11g and the IEEE 802.11a standards?

A. BPSK
B. CCK
C. DSSS
D. OFDM

 

Answer: D

Explanation

802.11a operates in the 5-GHz frequency range and is based on Orthogonal Frequency Division Multiplexing (OFDM). Like 802.11a, 802.11g uses OFDM for transmitting data. OFDM is a more efficient means of transmission than Direct Sequence Spread Spectrum (DSSS) transmission, which is used by 802.11b.

Question 9

Why are wireless analog video signals that are operating in the 2.4-GHz band particularly harmful to Wi-Fi service?

A. Analog video is a strong signal and increases the SN
B. Analog video is a constant signal with 100% duty cycle.
C. Analog video signals are slow frequency hopping and tend to affect the entire band.
D. Analog Video modulation is the same as Wi-Fi and causes interference.

 

Answer: B

Explanation

RF video cameras operate by exchanging information (the image stream) between a transmitter (the camera) and the receiver (linking to a video display). They usually use 100 mW and a channel narrower than Wi-Fi. But the stream of information is continuous, and will severely impact any wireless network in the neighboring channels. They are not compatible; an access point (AP) cannot receive a camera video stream and understand it.

The figure below illustrates the narrowband continuous transmitting nature of an analog video camera. The transmit power is concentrated on a very small portion of the spectrum (channels 4-8). Notice that the duty cycle of the analog video camera reaches 100% indicating that no Wi-Fi device in the vicinity will be able to operate on channels 4-8. Because of its continuous transmission nature, this device can cause prolonged periods of service disruption.

wireless_analog_video_duty_cycle.jpg

For your information, below lists popular sources of wireless interferer:

wireless_interferers.jpg

Question 10

Which two statements are true about WiMAX technology? (Choose two)

A. WiMAX is defined by 802.11i.
B. Typically, fixed WiMAX networks have a higher gain direction antenna installed near the client.
C. WiMAX is capable of working as a long-range system over several miles.
D. WiMAX works only for licensed frequencies.

 

Answer: B C

Explanation

WiMAX is defined by 802.16, that is intended for wireless “metropolitan area networks”. WiMAX can provide broadband wireless access (BWA) up to 30 miles (50 km) for fixed stations, and 3 – 10 miles (5 – 15 km) for mobile stations. In contrast, the WiFi/802.11 wireless local area network standard is limited in most cases to only 100 – 300 feet (30 – 100m).

Fixed WiMAX networks typically have a higher-gain directional antenna installed near the client (customer) which results in greatly increased range and throughput. Using 802.11 with high-gain antenna can bridge last-mile gaps, but they require more power.

WiMAX operates on both licensed and non-licensed frequencies, providing a regulated environment and viable economic model for wireless carriers. In particular, WiMax operates on the 10- to 66-GHz frequency band, so it doesn’t interfere with 802.11 LANs.

Wireless Fundamentals 3

February 27th, 2011 wirelesstut 5 comments

Here you will answers to Wireless Fundamentals – Part 3

Question 1

What unit of measurement is used to represent the strength of an antenna’s radiation pattern?

A. dBi
B. dBm
C. mW
D. GHz

 

Answer: A

Explanation

+ dBi is a unit of sound that measures acoustical and electrical power. In particular, dBi is a measure of the increase in signal (gain) by your antenna compared to the hypothetical isotropic antenna (which uniformly distributes energy in all directions) -> It is a ratio. The greater the dBi value, the higher the gain and the more acute the angle of coverage.

+ dBm is a measure of signal power. It is the the power ratio in decibel (dB) of the measured power referenced to one milliwatt (mW). The “m” stands for “milliwatt”.

Question 2

What are the four types of wireless networks? (Choose four)

A. Wireless PAN
B. LAN
C. MAN
D. VLAN
E. WAN

 

Answer: A B C E

Question 3

What is the typical maximum range of a wireless PAN?

A. 45 feet
B. 50 feet
C. 55 feet
D. 60 feet

 

Answer: B

Explanation

A wireless personal area network (WPAN) is a network that exists within a relatively small area, connecting electronic devices such as desktop computers, printers, scanners, fax machines, personal digital assistants (PDAs) and notebook computers.

I am not sure about the maximum range of a wireless PAN but typically a wireless personal area network can communicate within a range of about 30 feet (10 meters). I can’t find any information saying that it can operate up to 50 feet but in the exam you should choose “50 feet”.

The main WPAN technology is Bluetooth. Some technologies are IrDA, UWB, Z-Wave and ZigBee…

Question 4

What is the general maximum coverage area of a wireless PAN?

A. within 30 feet
B. within 35 feet
C. within 40 feet
D. within 45 feet

 

Answer: A

Explanation

It is weird that Cisco thinks “maximum coverage area” is different from “maximum range”!  But this question has correct answer of 30 feet.

Question 5

What relatively new standard applies to wireless MANs?

A. IEEE 802.11
B. IEEE802.3Z
C. Wi-Fi
D. IEEE 802.16

 

Answer: D

Question 6

True or false: A computer device stores data in analog form.

A. true
B. false

 

Answer: B

Question 7

On what layers of the OSI reference model do wireless networks operate? (Choose two)

A. Physical layer
B. Network layer
C. data link layer
D. session layer

 

Answer: A C

Question 8

RF signals offer relatively short range as compared to light signals. True or false?

A. True
B. False

 

Answer: B

Explanation

First we need to explain about Line-of-sight & non-line-of-sight:

Line-of-sight (LOS) is a condition where a signal travels over the air directly from a wireless transmitter to a wireless receiver without passing an obstruction.

Conversely, non-line-of-sight (NLOS) is a condition where a signal from a wireless transmitter passes several obstructions before arriving at a wireless receiver. The signal may be reflected, refracted, diffracted, absorbed or scattered.

In most case RF signals are line-of-sight signal and “light” is a non-line-of-sight signal so FR signals offer longer range than light signals.

Question 9

Spread spectrum generally requires user licenses. True or false?

A. True
B. False

 

Answer: B

Explanation

Spread spectrum is a form of wireless communications in which the frequency of the transmitted signal is deliberately varied. This results in a much greater bandwidth than the signal would have if its frequency were not varied. For example, if you listen to an FM radio at 100 MHz, the signal stays at 100 MH and does not vary. But when you are talking to your friends via a cell phone then you are using spread spectrum technology as the mobile frequency varies from time to time (but within a specific range). This technology is called frequency hopping.

Spread-spectrum systems offer the flexibility of license-free operation in four distinct frequency bands (902-928 MHZ, 2400-2483.5 MHZ, 5150-5350 MHZ, and 5725-5825 GHz), and there are many other unlicensed ISM frequency bands, the two frequencies most commonly used for environmental monitoring and SCADA applications are 902 MHz-928 MHz and 2400 MHz-2483.5 MHz. Wireless LANs are common in the 2.4GHz band where a high data rate over short distance is required. Bluetooth and WiFi communications use the 2.4GHz band.

Question 10

Approximately up to what range do direct infrared systems operate?

A. 0.5 mile
B. 1 mile
C. 1.5 mile
D. 2.0 mile

 

Answer: B

Explanation

The range of an infrared light system can vary from a few feet with PDA applications to 1 mile with direct infrared systems. This is significantly less range than with RF systems.

Wireless Fundamentals 4

February 27th, 2011 wirelesstut 5 comments

Here you will find answers to Wireless Fundamentals – Part 4

Question 1

True or false: A wireless PAN consumes little power from small handheld computer devices.

A. True
B. False

 

Answer: A

Explanation

An example of the Wireless PAN technology is Bluetooth. It is also known as IEEE 802.15.1, has the advantage of being very energy-efficient, which makes it particularly well-suited to use in small devices.

Question 2

Which IEEE standards group uses Bluetooth as the basis for the standard?

A. IEEE 802.15
B. IEEE 802.11
C. IEEE 802.13
D. IEEE 802.16

 

Answer: A

Question 3

In what frequency band does Bluetooth operate?

A. 2.2 GHz
B. 2.4 GHz
C. 2.6 GHz
D. 3.0 GHz

 

Answer: B

Question 4

A Bluetooth-enabled device is always transmitting. True or false?

A. True
B. False

 

Answer: B

Explanation

bluetooth_duty_cycle.jpg

The Bluetooth device hops across all the channels. Although the energy emitted by the Bluetooth device may appear high, its duty cycle values are much lower (maximum is about 3.5%, which may not affect WiFi devices seriously). If a bluetooth-enabled device is always transmitting, its duty cycle should be 100%.

Question 5

What is the highest possible data rate of an IrDA device?

A. 2 Mbps
B. 4 Mbps
C. 6 Mbps
D. 8 Mbps

 

Answer: B

Explanation

IrDA is an acronym for the Infrared Data Association, an organization which sets communications standards for infrared over small distances. Some kinds of IrDA devices include printers, cameras, handheld portables, smart remotes with display screens, cell phones…

IrDA devices provide a point-to-point method of data transfer that is adaptable to a broad range of computing and communicating devices. The first version of the IrDA specification (version 1.0) provides communication at data rates up to 115.2 Kbps. Later versions (version 1.1) extended the data rate to 4 Mbps, while maintaining backward compatibility with version 1.0 interfaces.

Question 6

In what frequency band does 802.11a operate in?

A. 2.2 GHz
B. 2.4 GHz
C. 2.6 GHz
D. 5 GHz

 

Answer: D

Question 7

How many non-overlapping channels are available with 802.11b wireless LANs?

A. One
B. Two
C. Three
D. Four

 

Answer: C

Explanation

Fourteen channels are defined in the IEEE 802.11b channel set. Each channel is 22MHz wide but there is only 5MHz channel separation so, as can be seen in the illustration, the channels overlap.

802_11b_overlap.jpg

There are only 3 non-overlapping channels available in the 802.11b standard, they are channels 1, 6 and 11. For WiFi access points that are located near each other it is recommended that they each use one of the above non-overlapping channels to minimize the effects of interference.

Question 8

True of false: 802.11g operates at up to 54 Mbps and interoperates with 802.11b.

A. True
B. False

 

Answer: A

Question 9

A learning bridge forwards all packets. True or false?

A. True
B. False

 

Answer: B

Explanation

A learning bridge monitors MAC  (OSI layer 2) addresses  on both positions of its connection and  attempts to learn which addresses are on which  side. When a packet arrives, it examines the destination address of the frame. If it does not find the destination address in its forwarding table so it floods it to all other ports. If the bridge already has that destination address in its forwarding table so it will forward that packet to the corresponding port.

In this question, maybe the author wants to mention about a “real” bridge (not switch, because these 2 terms are sometimes used interchangeable). A bridge, in some circumstances, must determine when it receives a packet whether it should let the packet cross the bridge or continue local (some packets may not want to cross the bridge because the source and  destination addresses are both on one side).

Question 10

True or false: FDMA requires users to take turns transmitting signals.

A. True
B. False

 

Answer: B

Explanation

When using Frequency Division Multiple Access (FDMA), the available bandwidth is subdivided into a number of narrower band channels. Each user is allocated a unique frequency band in which to transmit and receive on. During a call, no other user can use the same frequency band.

FDMA.gif

FDMA

“TDMA requires users to take turns transmitting signals” is a true statement. Time Division Multiple Access (TDMA) divides the available spectrum into multiple time slots, by giving each user a time slot in which they can transmit or receive.

tdma.jpg

TDMA

Question 11

A company has a wireless network. In this network, collisions occur when more than one device sends data at the same time. Which physical layer function can a network administrator perform to determine whether or not any device is sending data to the channel?

A. CSMA/CD
B. CCA
C. CSMA/CA
D. CCX

 

Answer: B

Explanation

Wireless devices cannot send and receive at the same time. It means that if more than one device were to send at the same time, a collision would result. If a collision occurs, the data from both senders would be unreadable and would need to be resent.

When a station is ready to send, it listens to the media to verify that nothing else is sending. If the media is free, the station sends its wave. This method is called Clear Channel Assessment (CCA).

CSMA/CCA copies the contention window (CW) size piggybacked in the MAC header of an overheard data frame within its basic service set (BSS) and updates its backoff counter according to the new CW size.

CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) is a layer 2 technique, not layer 1 (physical). In CSMA/CA, as soon as a device receives a packet that is to be sent, it checks to be sure the channel is clear (no other node is transmitting at the time). If the channel is clear, then the packet is sent. If the channel is not clear, the node waits for a randomly chosen period of time, and then checks again to see if the channel is clear. This period of time is called the backoff factor, and is counted down by a backoff counter. If the channel is clear when the backoff counter reaches zero, the node transmits the packet. If the channel is not clear when the backoff counter reaches zero, the backoff factor is set again, and the process is repeated.

Note:

CSMA/CD deals with transmissions after a collision has occurred, CSMA/CA acts to prevent collisions before they happen.

Question 11

A business customer uses Non-LOS WiMAX wireless network technology. Which of the following data rates is provided to the customer?

A. 30 Mbps
B. 70 Mbps
C. 40 Mbps
D. 15 Mbps

 

Answer: A

Explanation

The signal range of Non-LOS WiMAX is about 3 to 4 miles, and data rates are advertised at around 30 Mbps, but you can expect less, closer to 15 Mbps.

Question 12

A network administrator needs to determine what LAN devices to install on his network. What are two advantages of using Layer 2 Ethernet switches over hubs? (Choose two)

A. Allowing simultaneous frame transmissions
B. Increasing the size of broadcast domains
C. Increasing the maximum length of UTP cabling between devices
D. Filtering frames based on MAC addresses
E. Decreasing the number of collision domains

 

Answer: A D

Traffic Flow and AP

February 26th, 2011 wirelesstut 27 comments

Here you will find answers to Traffic Flow and AP QuestionsAccording to the IEEE 802.11 standard

Question 1

What two statements about beacon frames used by access points are true? (Choose two)

A. contains SSIDs if this feature is enabled
B. provides vendor proprietary information
C. is another name for an associated request
D. sent in response to a probe frame
E. includes ATIM window information for power save operations

 

Answer: A B

Explanation

Prior to authentication/association, devices must identify any access-points that are within range. Two methods of scanning are available; namely, passive and active. In passive scanning mode, a device monitors each channel for beacon frames that are broadcast by the access-points in the vicinity.

A beacon frame is a management frame in IEEE 802.11-based wireless LANs. It contains all the information about the network. Beacon frames are transmitted periodically to announce the presence of a wireless LAN network and are transmitted by the Access Point (AP). A beacon frame includes timestamp, beacon interval, its capabilities, SSIDs, supported rates,  TIM (Traffic Indication Map) and some configuration and security information to the client devices. Some of them are standard; other are vendor proprietary. Below shows a beacon frame with “Cisco Proprietary” parameters from the Cisco AP:

Cisco_Beacon_Frame.jpg

(Note: beacon interval is the time interval between two consecutive beacon frames)

Question 2

In general, what is the difference in transmit power between an AP operating at Tx Power Level 1 and the same AP operating at Tx Power Level 3?

A. 2 dB
B. 3 dB
C. 6 dB
D. 11 dB
E. 17 dB

 

Answer: C

Explanation

In Tx Power Level term, a level of “1” represents the highest power level available in the country for which this AP is configured. A level of “2” is 50 percent of this maximum, a level of “3” is 25 percent of this maximum, a level of “4” is 12.5 percent, and so on. Each level is half the power strength of the previous level.

Therefore, the difference between Tx Power Level 1 and Level 3 is calculated (in dB) as follows:

Difference (dB) = 10* log(25%) = -6 dB but we just need its amplitude-> C is correct.

Question 3

Which interface is considered a dynamic interface?

A. the virtual interface
B. the AP manager interface
C. the LAG interface
D. the management interface
E. the service port interface
F. a WLAN client data interface

 

Answer: F

Explanation

Each interface performs specific roles within the unified wireless environment. The static interfaces perform system roles, while the dynamic interfaces are user-defined, and provide client connectivity. Therefore a WLAN client data interface is considered a dynamic interface.

Question 4

An indoor 1240 AP is booting and has obtained an IP address using DHCP. The AP has confirmed prior controller IP addresses from a previously joined mobility group stored in NVRAM. What is the next step the AP performs?

A. DHCP option 43.
B. DNS resolution of CISCO-LWAPP-CONTROLLER.localdomain.
C. Layer 2 LWAPP discovery broadcast.
D. Layer 3 LWAPP discovery broadcast.
E. Ping each Cisco WLC to verify its current status.
F. Select a Cisco WLC based on its position in the configured join selection sequence.

 

Answer: A

Explanation

In a controller-based architecture, access points are dependent on a wireless controller to provide the software image, configuration, and centralized control and optionally data forwarding functions. Therefore, it is necessary for the access point to find a list of available controllers with which it can associate. Below is the process of finding as many controllers as possible in order to choose the best candidate to join after the AP has an IP address:

1 – LWAPP discovery broadcast on local subnet. This is a broadcast that is sent at Layer 2.
2 – OTAP
3 – Locally stored WLC IPs
4 – DHCP Option 43
5 – DNS Discovery.

DHCP protocol has become more and more popular over the time, hard and software vendors have started using the DHCP protocol to distribute all kinds of configuration options for their network devices or for their software. Now the problem is that the number of official options is limited and the process to get a new option recognized is difficult. For this reason, a new mechanism was introduced to make it easier for vendors to distribute their own proprietary information without clashing with other vendors and without having to register new options each time they decide the need them. This is achieved through the DHCP option 43 (Vendor Specific Information). Now the DHCP server has a private table of DHCP options which is kept separately for each vendor. Each vendor is identified by a vendor string. Now when a DHCP client asks for vendor specific options it makes a request with option 43 using the vendor string and a list of requested vendor specific options.

The information provided by DHCP option 43 is presumably interpreted by vendor-specific code on the clients and servers. The definition of this information is vendor specific. The vendor is indicated in the vendor class identifier option. Servers not equipped to interpret the vendor-specific information sent by a client MUST ignore it (although it may be reported). Clients which do not receive desired vendor-specific information SHOULD make an attempt to operate without it, although they may do so (and announce they are doing so) in a degraded mode.

Question 5

Which AP to Wireless LAN Controller discovery process requires a previous association of the AP with a Cisco WLC?

A. AP priming
B. defining a master controller
C. DHCP Option 6
D. DHCP Option 43
E. over-the-air provisioning

 

Answer: A

Explanation

AP priming happens after an AP is associated with at least one controller. The AP then gets a list of other controllers that it can associate with from the one it is already associated with. These other controllers are part of a mobility group. This information then gets stored in NVRAM and can be used if the AP reboots. To contact these controllers, the AP sends a broadcast to the primary controller and all the other controllers in the group.

Question 6

Which of the following methods is NOT used to access an AP in autonomous mode?

A. Browse
B. Telnet
C. Auxiliary
D. Console

 

Answer: C

Explanation

Well, there is no clear explanation why we can’t access an AP in auxiliary mode. You can access an autonomous AP in four ways:
* Console to it using a console cable and the console port.
* Telnet into it if it has an IP address.
* Browse to it with a web browser if it has an IP address.
* SSH into it if configured (preferred over Telnet).

(Reference: CCNA Wireless Official Exam Certification Guide)

Wireless LAN

February 25th, 2011 wirelesstut 12 comments

Here you will find answers to Wireless LAN Questions

Question 1

Up to how many Cisco WiSMs are supported in a single mobility group operating under v5.0 code?

A. 5
B. 12
C. 16
D. 24
E. 150
F. 300


Answer: B

Wireless Client

February 24th, 2011 wirelesstut 6 comments

Here you will find answers to Wireless Client Questions

Question 1

When creating new configuration profiles in Cisco Secure Services Client, in what format are the files saved?

A. .RTF
B. .HTML
C. .TXT
D. .XML
E. .XTML

 

Answer: D

Explanation

The Cisco Secure Services Client (Cisco SSC) generates an XML file that can be easily deployed network-wide to all client machines. This process is very secure and scalable, and still flexible enough to let users create their own personal connection profiles for private use.

Below is an example of the structure of a XML file. Notice that this configuration is only used for demonstration and is not created by the Cisco Secure Services Client software.

xml_file.jpg

To learn more about how to configure Cisco Secure Services Client, you can visit

http://www.cisco.com/en/US/docs/wireless/wlan_adapter/secure_client/5.1/administration/guide/C2_SetupSSC.html

Question 2

How are application-specific devices differentiated from laptop computers in the way they support Cisco Compatible Extensions?

A. ASDs are required to support only CCXv1 and v2 features. Laptops must support all CCX features.
B. ASDs are required to support only CCXv5 management features, while laptops are optional features.
C. Several features that are required for laptops are not required for ASDs.
D. There is no differentiation. ASDs and laptops must both support the same CCX features.

 

Answer: C

Explanation

Several features that are required for laptops are not required for application-specific devices (ASDs) that are used either exclusively or primarily for data applications. Data ASDs include data capture devices, PDAs, and printers. Voice ASDs include single mode, dual mode and smart phones. Every feature that is optional for an ASD is represented in the ASD field as Optional.

Question 3

Which open standard defines the combination of Extensible Authentication Protocol with Advanced Encryption Standard for providing strong wireless LAN client security?

A. IEEE 802.1X
B. IEEE 802.11i
C. WEP
D. WPA
E. WPA2

 

Answer: B

Explanation

The full standard IEEE 802.11i (also known as WPA2 or RSN)) is designed to provide secured communication of wireless LAN as defined by all the IEEE 802.11 specifications. IEEE 802.11i enhances the WEP (Wireline Equivalent Privacy), a technologies used for many years for the WLAN security, in the areas of encryption, authentication and key management. IEEE 802.11i is based on the Wi-Fi Protected Access (WPA), which is a quick fix of the WEB weaknesses.

The aim of 802.11i was to produce a specification for a robust security network (RSN) designed to enhance:
* Authentication
* Key management
* Confidentiality and integrity

The IEEE 802.11i has the following key components:

1. Temporal Key Integrity Protocol (TKIP): session key establishment and re-negotiation
2. Counter-Mode/CBC-MAC Protocol (CCMP):
an AES-based protocol to provide confidentiality, integrity and origin authentication
3. IEEE 802.1x
for authentication (entailing the use of EAP and an authentication server)

Advanced Encryption Standard (AES) is the cipher system used by WPA2. It is the equivalent of the RC4 algorithm used by WPA. However the encryption mechanism is much more complex and does not suffer from the problems associated with WEP. AES is a block cipher, operating on blocks of data 128bits long.

Note: WPA only implemented a subset of a draft of 802.11i. It is not the full standard of IEEE 802.11i.

Question 4

Which client application utility allows wireless configuration on Linux platforms?

A. Airport Extreme
B. CiscoAironet Desktop Utility
C. Cisco Secure Services Client
D. NetworkManager
E. Windows ZeroConfig

 

Answer: D

Explanation

NetworkManager is a GUI that communicates directly with the hardware for Linux. It is distribution- and desktop environment-agnostic (that is, it works on distributions Ubuntu as well as on Fedora, and on KDE, as well as on Gnome and many others).

Cisco Mobility Express

February 23rd, 2011 wirelesstut 19 comments

Here you will find answers to Cisco Mobility Express Questions

Question 1

Which two tasks does RRM routinely perform? (Choose two)

A. antenna selection
B. AP address assignment
C. channel assignment
D. encryption method assignment
E. transmit power control


Answer: C E

Explanation

Radio resource management (RRM) is a management control system designed to eliminate or reduce co-channel interference in wireless systems. The objective of RRM is to optimize the availability of channel resources as required to provide the best possible wireless service for users while allowing wireless service providers to serve as many users as possible. RRM engine monitors the radio resources, performs dynamic channel assignments, provides detection and avoidance of interference, and provides the dynamic transmit power control (TPC).

Question 2

A new Cisco Mobility Express 526 controller using v4.2 code direct from the factory is accessible by which default IP address?

A. 10.10.1.1
B. 172.16.1.1
C. 172.16.100.1
D. 192.168.1.1
E. 192.168.100.1


Answer: D

Explanation

The default IP address of the configuration wizard of Cisco Mobility Express Wizard is 192.168.1.1.  So if you have never performed CLI setup, you can access the web interface of a Cisco 526 Express Controller via this address. But notice that you have to access it using secure http, https://192.168.1.1

Question 3

What are the primary methods of configuration management for the Mobility Express Solution?

A. CCA and CLI
B. CCA and Web GUI
C. CLI and Web GUI
D. CLI, Web GUI, and CCA
E. Cisco WCS, Web GUI, and CCA
F. Cisco WCS, Web GUI, CCA, and CLI


Answer: B

Explanation

The Cisco 526 Controller can be configured using the web interface or using the Cisco Configuration Assistant.

Authentication and Encryption

February 22nd, 2011 wirelesstut 18 comments

Here you will find answers to Authentication and Encryption Questions

Question 1

What are three primary components that describe TKIP? (Choose three)

A. Broadcast Key Rotation
B. Dynamic WEP
C. Message Integrity Check
D. Per-Packet Key Hashing
E. Symmetric Key Cipher
F. WPA2 Enterprise Mode

 

Answer: A C D

Explanation

TKIP offers three advantages over WEP:

* Per packet keying: Each packet is generated using a unique key so it is much more difficult to get from repetitive data back to the key.
* Message integrity check: (MIC – If the message integrity check does not pass, the message is seen as a forgery. If two forgeries are detected in one second, the radio assumes it is under attack. It deletes its session key, disassociates itself, then forces re-association)
* Broadcast key rotation: Broadcast key is required in 802.1X environments but it is vulnerable to same attacks as static WEP key. By using broadcast key rotation, key is delivered to client encrypted with client’s dynamic key.

Based on Per packet keying & Message integrity check, every packet has a unique encryption key and each packet is digitally signed to validate the source of the sender before decrypting it to make sure the packet is valid and that it’s coming from a trusted source and not being spoofed

Per Packeting Keying

per-packet-keying.jpg

 

Integrity Check

integrity-check.jpg

Question 2

What is the impact of configuring a single SSID to simultaneously support both TKIP and AES encryption?

A. The overhead associated with supporting both encryption methods will significantly degrade client throughput.
B. Some wireless client drivers might not handle complex SSID settings and may be unable to associate to the WLAN.
C. This is an unsupported configuration and the Cisco Wireless Control System will continuously generate alarms until the configuration is corrected.
D. This is a common configuration for migrating from WPA to WPA2. There is no problem associated with using this configuration.

 

Answer: D

Explanation

AES encryption uses hardware so there is almost no overhead when using it. TKIP is based on software. So when we support both TKIP and AES the client throughput will not significantly degrade -> A is not correct.

When choosing both AES and TKIP, the router will support both encryption algorithms. Because not all wireless NICs support AES, some only support TKIP,  so this option is probably the best choice -> B isnot correct.

As the picture below, Cisco Wireless Control System does support both simultaneously -> C is not correct.

AES_TKIP.gif

Question 3

What is the Default Local Database size for authenticating local users?

A. 512 entries
B. 1024 entries
C. 2048 entries
D. 4096 entries
E. 8192 entries

 

Answer: A

Question 4

Which statement best represents the authorization aspect of AAA?

A. Authorization takes place after a successful authentication and provides the Cisco WLC the information needed to allow client access to network resources.
B. Authorization is the validation of successful DHCP address delivery to the wireless client.
C. Authorization must be successfully completed in order to proceed with the authentication phase.
D. Successful authorization will provide encryption keys that will be used to secure the wireless communications between client and AP.

 

Answer: A

Explanation

AAA is an architectural framework for configuring a set of three independent security functions in a consistent manner. AAA provides a modular way of performing the following services:

* Authentication: Provides the method of identifying users, including login and password dialog, challenge and response, messaging support, and, depending on the security protocol you select, encryption.
* Authorization: Provides the method for remote access control, including one-time authorization or authorization for each service, per-user account list and profile, user group support, and support of IP, IPX, ARA, and Telnet.
* Accounting: Provides the method for collecting and sending security server information used for billing, auditing, and reporting, such as user identities, start and stop times, executed commands (such as PPP), number of packets, and number of bytes.

(Reference: http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfaaa.html)

Question 5

Which Extensible Authentication Protocol types are supported by the Cisco Unified Wireless Network?

A. EAP-TLS, PEAP-MSCHAPv2 and PEAP-GTC only
B. LEAP and EAP-FAST only
C. EAP-TLS, PEAP-MSCHAPv2, PEAP-GTC, LEAP, EAP-FAST only
D. Any EAP supported by the RADIUS authentication server

 

Answer: D

Question 6

The 4-way handshake is used to establish which key during the WPA authentication process?

A. Pairwise Master Key
B. Pairwise Multiple Key
C. Pairwise Session Key
D. Pairwise Transient Key
E. Pairwise Transverse Key

 

Answer: D

Explanation

After a successful EAP authentication the 4-way handshake begins

Objective: Generate PTK and confirm the procession and freshness of PTK.

Assumption: PMK only known to Supplicant and Authenticator, never transmitted over network.

4-way_handshake_WPA.jpg

PTK: Pairwise Transient Key
PMK: Pairwise Master Key
ANonce: nonce generated by authenticator
SNonce: nonce generated by supplicant

Initial stage: The Supplicant generates a random number called SNonce and the Authenticator generates a random number called ANonce.

1) The AP first sends ANonce to the client, including its MAC address. The client then uses a common passphrase along with this random number to derive Pairwise Transient Key (PTK) that is used to encrypt data to the AP.

Note: The PTK is generated by the ANonce, authenticator MAC address as well as the SNonce and MAC address of the Supplicant.

2) The Supplicant then sends its own random number to the AP (called SNonce), along with a Message Integrity Code (MIC) and Security parameters (RSN), which are used to ensure that the data is not tampered with.

3) The AP generates GTK key used to encrypt unicast traffic to the client. To validate, the AP sends the random number again, encrypted using the derived PTK.

4) A final message is sent, indicating that the PTK is in place on both sides.

Therefore, the four-way handshake is used to obtain the Pairwise Transient Key that is used for communication between the device and the Access Point.

Question 7

Which four parameters need to be configured for local EAP-FAST on the controller? (Choose four)

A. Authority ID
B. Authority ID Information
C. Client Key
D. PAC
E. Server Key
F. TTL for PAC
G. Monitor Key
H. NTP Source

 

Answer: A B E F

Explanation

EAP-FAST is designed to speed re-authentication when a station roams from one AP to another. Here are the parameters that can be configured:

* Server Key (in hexadecimal): The key (in hexadecimal characters) used to encrypt and decrypt PACs.
* Time to Live for the PAC: Enter the number of days for the PAC to remain viable. The valid range is 1 to 1000 days, and the default setting is 10 days.
* Authority ID (in hexadecimal): Enter the authority identifier of the local EAP-FAST server in hexadecimal characters. It is possible to enter up to 32 hexadecimal characters,  but an even number of characters must be entered. This will identify the controller as the emitter of the PAC.
* Authority ID Information: Enter the authority identifier of the local EAP-FAST server in text format.
* Anonymous Provision: Enable this setting to allow anonymous provisioning. This feature allows PACs to be sent automatically to clients that do not have one during PAC provisioning. If this feature is disabled, PACS must be manually provisioned. Disable this feature when using EAP-FAST with certificates. The default setting is enabled.

Question 8

When using the enterprise-based authentication method for WPA2, a bidirectional handshake exchange occurs between the client and the authenticator. Which five statements are results of that exchange using controller based network? (Choose five)

A. a bidirectional exchange of a nonce used for key generation
B. binding of a Pairwise Master Key at the client and the controller
C. creation of the Pairwise Transient Key
D. distribution of the Group Transient Key
E. distribution of the Pairwise Master key for caching at the access point
F. proof that each side is alive

 

Answer: A B C D F

Question 9

What are four features of WPA? (Choose four)

A. a larger initialization vector, increased to 48 bits
B. a message integrity check protocol to prevent forgeries
C. authenticated key management using 802.1X
D. support for a key caching mechanism
E. unicast and broadcast key management
F. requires AES-CCMP

 

Answer: A B C E

Authentication and Encryption 2

February 22nd, 2011 wirelesstut 7 comments

Here you will find answers to Authentication and Encryption – Part 2

Question 1

What two statements are true about AES-CCMP? (Choose two)

A. It is an encryption algorithm used in the 802.11i security protocol.
B. It is defined in 802.1X.
C. It is the encryption algorithm used in TKIP implementations.
D. It is required in WPA.
E. It is required in WPA2.

 

Answer: A E

Explanation

Advanced Encryption Standard (AES) is the cipher system used by RSN. It is the equivalent of the RC4 algorithm used by WPA. However the encryption mechanism is much more complex and does not suffer from the problems associated with WEP. AES is a block cipher, operating on blocks of data 128bits long.

CCMP is the security protocol used by AES. It is the equivalent of TKIP in WPA. CCMP computes a Message Integrity Check (MIC) using the well known, and proven, Cipher Block Chaining Message Authentication Code (CBC-MAC) method. Changing even one bit in a message produces a totally different result.

The AES-CCMP encryption algorithm used in the 802.11i (WPA2) security protocol. It uses the AES block cipher, but restricts the key length to 128 bits. AES-CCMP incorporates two sophisticated cryptographic techniques (counter mode and CBC-MAC) and adapts them to Ethernet frames to provide a robust security protocol between the mobile client and the access point.

AES itself is a very strong cipher, but counter mode makes it difficult for an eavesdropper to spot patterns, and the CBC-MAC message integrity method ensures that messages have not been tampered with.

Question 2

One of the advantages of implementing EAP-FAST is that there is no need to implement which item as part of your authentication infrastructure?

A. an access control server
B. a Certificate Authority infrastructure
C. a client that supports EAP-FAST
D. a RADIUS server

 

Answer: B

Explanation

EAP-FAST is a solution for organizations that are too small to run a dedicated PKI Certificate Authority infrastructure as this certificate costs much (around $500/year). Instead, EAP-FAST uses a strong shared secret key called a
Protected Access Credential (PAC) that is unique on every client.

Question 3

What is the Default Local Database size for authenticating local users?

A. 512 entries
B. 1024 entries
C. 2048 entries
D. 4096 entries
E. 8192 entries

 

Answer: A

Question 4

When using the Pre-Shared Key authentication method for WPA or WPA2, the pre-shared key is used for which two functions? (Choose two)

A. to act as the Group Transient Key during the bidirectional handshake
B. to act as the Pairwise Master Key during the bidirectional handshake
C. to derive the nonce at each side of the exchange
D. to derive the Pairwise Transient Key

 

Answer: B D

Explanation

Pre-shared key (PSK) is computed based on a shared secret (pass-phrase) which was previously shared between the two parties using some secure channel before it needs to be used. It is used to identify both peers to each other.

The strength of the PSK depends on the strength of the pass-phrase. The strength of the PSK is important, because WPA-Personal (and WPA2-Personal) use the PSK as the Pairwise Master Key (PMK). The PMK, when combined with two random numbers (nonces) and the MAC addresses of the access point and the client, produces a unique Pairwise Transient Key (PTK) that secures the unicast traffic between the access point and the client. A new PTK is produced each time a client connects to the access point.

Question 5

EAP-FAST was first supported where?

A. CCXv1
B. CCXv2
C. CCXv3
D. CCXv4
E. CCXv5

 

Answer: C

Explanation

The Cisco Compatible Extensions (CCX) program ensures that wireless clients are compatible with Cisco WLAN equipment. The following is a brief list of the features supported by each CCX specification:

CCXv1 – Standard 802.11 features, 802.1X with LEAP
CCXv2 – WPA, 802.1X with PEAP
CCXv3 – WPA2, 802.1X with EAP-FAST
CCXv4 – Network Admission Control (NAC), Call Admission Control for VoIP
CCXv5 – Advanced troubleshooting and client reporting functionality

Question 6

Which authentication method best supports a large enterprise deployment where over the air security is a necessity?

A. Open Authentication with Web Authentication
B. PSK with WEP
C. WPA with PSK
D. WPA2 with EAP-FAST
E. WPA2 with PSK

 

Answer: D

Question 7

Which statement applies to TKIP?

A. is part of the initial key exchange used to derive apairwise temporal key
B. is used to encrypt a WEP authenticated session
C. is used to encrypt the data for WPA sessions
D. is used to secure the initial authentication credential exchange between client and authenticator

 

Answer: C

Explanation

The Temporal Key Integrity Protocol (TKIP) was brought into WPA. TKIP encryption replaces WEP’s small 40-bit encryption key that must be manually entered on wireless access points and devices and does not change. TKIP is a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet.

Question 8

WEP is a mandatory encryption mechanism. True or false?

A. True
B. false

 

Answer: B

Question 9

WPA uses TKIP and is a subset of the 802.11 i standard. True or false?

A. True
B. false

 

Answer: A

Cisco Unified Wireless Network

February 21st, 2011 wirelesstut 3 comments

Here you will find answers to Cisco Unified Wireless Network Questions

Note:

The Cisco Unified Wireless Network is composed of five interconnected elements that work together to deliver a unified enterprise-class wireless solution. They are client devices, APs, network unification, network management, and mobility services.

There is no upgrade path between the Mobility Express solution and the Cisco Unified Wireless Network solution, though they offer features close to each other.

Question 1

Which three Cisco Unified Wireless Network capabilities use information that is provided by Radio Resource Management neighbor messages? (Choose three)

A. Aggressive Load Balancing
B. Dynamic Channel Assignment
C. Hybrid Remote Edge Access Point
D. Inter-controller Mobility (that is, Mobility Groups)
E. Over-the-Air Provisioning
F. Rogue AP Classification

 

Answer: B E F

Explanation

First we should learn how the RRM works:

1) Controllers (whose APs need to have RF configuration computed as a single group) are provisioned with the same RF Group Name. An RF Group Name is an ASCII string each AP will use to determine if the other APs they hear are a part of the same system.

(RF groups are groups of controllers that share the same RF group name and whose APs can hear the neighbor messages of each other)

2) APs periodically send out Neighbor Messages, sharing information about themselves, their controllers, and their RF Group Name. These neighbor messages can then be authenticated by other APs sharing the same RF Group Name.

3) APs that can hear these Neighbor Messages and authenticate them based on the shared RF Group Name, pass this information (consisting primarily of controller IP address and information on the AP transmitting the neighbor message) up to the controllers to which they are connected.

4) The controllers, now understanding which other controllers are to be a part of the RF Group, then form a logical group to share this RF information and subsequently elect a group leader.

5) Equipped with information detailing the RF environment for every AP in the RF Group, a series of RRM algorithms are used to optimize AP configurations.

Information from Radio Resource Management (RRM) monitors the radio resources, performs dynamic channel assignments, provides detection and avoidance of interference, and provides the dynamic transmit power control (TPC).

The RRM neighbor message contains the following information:

* Radio Identifier: If the AP had multiple radios, this field identifies the radio used to transmit the message.
* Group ID: The 16-bit value and controller MAC address. This information is used to detect rogue access points. The access points will then check the beacon/probe-response frames in neighboring access point messages to see if they contain an authentication information element (IE) that matches that of the RF group. If the check is successful, the frames are authenticated. Otherwise, the authorized access point reports the neighboring access point as a rogue, records its BSSID in a rogue table, and sends the table to the controller.

* WLC IP Address: RF group leader’s management IP address. This address is discovered through Over-the-Air Provisioning (OTAP)
* AP Channel: The native channel that the AP uses to service clients.
* Neighbor Message Channel: The channel the message is sent on.
* Power: The power level at which the message is transmitted.
* Antenna Pattern: The antenna pattern currently in use

Note:

Dynamic channel assignment is used to dynamically allocate access point channel assignments to avoid conflict and to increase capacity and performance. For example, two overlapping channels in the 802.11g band, such as 1 and 2, cannot both simultaneously use 54 Mbps. By effectively reassigning channels, the controller keeps adjacent channels separated, thereby avoiding this problem.

Over-the-Air Provisioning (OTAP) is a method for APs to discover the management IP of a controller over the air.

A rogue AP is an AP that is unknown to the controller.

Reference:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008072c759.shtml
http://www.cisco.com/en/US/docs/wireless/controller/5.2/configuration/guide/c52rrm.html

Question 2

Which roaming situation using controllers in a Cisco Unified Wireless Network requires a client using WPA2 with PKC to reauthenticate to the network?

A. A wireless client roams to another AP on a different controller in the same mobility domain.
B. A wireless client roams to another AP on the same controller.
C. A wireless client roams to another AP after being out of range of the network for 2 minutes.
D. A wireless client roams to another AP on a controller in a different mobility domain.

 

Answer: D

Explanation

PKC is a feature enabled in Cisco 2006/410x/440x Series Controllers which permits properly equipped wireless clients to roam without full re-authentication with an AAA server. In order to understand PKC, you first need to understand Key Caching.

Key Caching is a feature that was added to WPA2. This allows a mobile station to cache the master keys (Pairwise Master Key [PMK]) it gains through a successful authentication with an access point (AP), and re-use it in a future association with the same AP. This means that a given mobile device needs to authenticate once with a specific AP, and cache the key for future use. Key Caching is handled via a mechanism known as the PMK Identifier (PMKID), which is a hash of the PMK, a string, the station and the MAC addresses of the AP. The PMKID uniquely identifies the PMK.

(Reference: http://www.cisco.com/en/US/products/ps6366/products_qanda_item09186a00808b4c61.shtml)

Question 3

To seamlessly roam between two wireless cells in a Cisco Unified Wireless Network using controllers, which condition must exist?

A. The next cell should be on the same channel as the client’s current cell.
B. The wireless client must use an EAP authentication method with the infrastructure authenticator.
C. The client’s password must be the same on both APs.
D. The next cell should provide the same SSID as the client’s current cell.
E. The clients need static IP addresses.

 

Answer: D

Question 4

On a Cisco Unified Wireless Controller, which three Access Point modes allow for client connectivity? (Choose three)

A. Bridge Mode
B. H-REAP Mode
C. Local Mode
D. Monitor Mode
E. Rogue Detector Mode
F. Sniffer Mode

 

Answer: A B C

Explanation

Bridge mode allows administrators to connect LAN networks together across a wireless link or to provide wireless
access to clients where wired connections are not directly available. It can be used as a point-to-point or point-to-multipoint link.

Hybrid Remote Edge Access Point (H-REAP) lets you configure access points (AP) in a branch or remote office from the corporate office through a wide-area network (WAN) link without the need to deploy a controller in each office. An H-REAP device operates on the far side of a WAN, and its controller is back at the core site. H-REAP APs may not be registered to a controller, it can service wireless clients.

Local mode (or normal mode) is the default mode of an AP. When operating in this mode, an AP will allow both client data services and monitoring of all channels simultaneously.

Note:

In Monitor mode , APs do not allow for client connectivity; they only monitor the IEEE 802.11 spectrum seeking rogue APs or clients and  reporting to the controller that acts as a wireless intrusion detection system (IDS). This mode is used for troubleshooting or site surveys.

In Rogue Detector mode, the AP radio is turned off, and the AP listens to wired traffic only. The controllers keep track of the rogue APs detected in the wireless space. The controllers send all the rogue AP and client MAC address lists to the rogue detector, and the rogue detector AP forwards this information to the other Cisco Wireless LAN Controllers (WLCs).

Sniffer mode is used to capture all data traveling on a given 802.11 channel. Sniffer mode is only used for the remote analysis of frames, for troubleshooting or baseline purposes.

(Reference: IUWNE Student Guide)

Drag and Drop

February 20th, 2011 wirelesstut 22 comments

Here you will find answers to Drag and Drop Questions

Question 1

Match the interface description on the left with the appropriate interface on the right.

Interface_description.jpg


Answer:

+ AP Manager: Used for Layer 3 communications between the Cisco WLC and the lightweight access points

+ Dynamic: Designed to be analogous to VLANs for wireless LAN client device

+ Management: This interface is the only consistently “pingable” in-band interface IP address on the Cisco WLC

+ Service Port: The only port that is active when the controller is in boot mode

+ Virtual: Used to support mobility management, DHCP relay and guest web authentication

Explanation

A WLC has one or more AP Manager Interfaces that are used for all Layer 3 communications between the WLC and the lightweight access points after the access point discovers the controller. The AP Manager IP address is used as the tunnel source for LWAPP packets from the WLC to the access point, and as the destination for LWAPP packets from the access point to the WLC. The AP Manager must have a unique IP address. Usually this is configured on the same subnet as the Management interface, but this is not necessarily a requirement. An AP Manager IP address is not pingable from outside the WLC. The use of multiple AP Manager Interfaces is discussed in the Advanced Deployment Concepts Section.

Dynamic Interfaces are created by users and are designed to be analogous to VLANs for wireless LAN client device. The WLC will support up to 512 Dynamic Interface instances. Dynamic Interfaces must be configured on a unique (to the WLC) IP network and VLAN. Each Dynamic Interface acts as a DHCP relay for wireless clients associated to wireless LANs mapped to the interface.

The Management interface is the default interface for in-band management of the WLC and connectivity to enterprise services such as AAA servers. If the service port is in use, the management interface must be on a different subnet from the service port. The management interface is also used for layer 2 communications between the WLC and access points. The Management interface is the only consistently “pingable” in-band interface IP address on the WLC.

The Service-port Interface is statically mapped by the system only to the physical service port. The service port interface must have an IP address on a different subnet from the Management, AP Manager, and any dynamic interfaces. The service port can get an IP address via DHCP or it can be assigned a static IP address, but a default-gateway cannot be assigned to the Service-port interface. Static routes can be defined in the WLC for remote network access to the Service-port. The Service-port is typically reserved for out-of-band management in the event of a network failure. It is also the only port that is active when the controller is in boot mode. The physical service port is a copper 10/100 Ethernet port and is not capable of carrying 802.1Q tags so it must be connected to an access port on the neighbor switch.

The Virtual Interface is used to support mobility management, DHCP relay, and embedded layer 3 security like guest web authentication and VPN termination. The Virtual Interface must be configured with an unassigned and unused gateway IP address. A typical virtual interface is “1.1.1.1”. The Virtual Interface address will not be pingable and should not exist in any routing table in your network. If multiple WLCs are configured in a mobility group, the Virtual Interface IP address must be the same on all WLC devices to allow seamless roaming.

(Reference: http://www.cisco.com/en/US/docs/wireless/technology/controller/deployment/guide/dep.html)

Question 2 (notice: we haven’t had enough information about this question yet, but it is something like this)

Authentication_Mechanisms.jpg


Answer:

+ PEAP: Need Certificate on Authentication Server only

+ LEAP: Out of date

+ EAP-FAST: Need client credential

+ EAP-MD5: Need strong password

+ EAP-TLS: Need Certificate on both Server and Client

Explanation

* EAP-MD5: MD5-Challenge requires username/password, and is equivalent to the PPP CHAP protocol [RFC1994]. This method does not provide dictionary attack resistance, mutual authentication, or key derivation, and has therefore little use in a wireless authentication enviroment.

* Lightweight EAP (LEAP): A username/password combination is sent to a Authentication Server (RADIUS) for authentication. Leap is a proprietary protocol developed by Cisco, and is not considered secure. Cisco is phasing out LEAP in favor of PEAP.

* EAP-TLS: Creates a TLS session within EAP, between the Supplicant and the Authentication Server. Both the server and the client(s) need a valid (x509) certificate, and therefore a PKI. This method provides authentication both ways.

*EAP-FAST: Provides a way to ensure the same level of security as EAP-TLS, but without the need to manage certificates on the client or server side. To achieve this, the same AAA server on which the authentication will occur generates the client credential, called the Protected Access Credential (PAC).

* Protected EAP (PEAP): Uses, as EAP-TTLS, an encrypted TLS-tunnel. Supplicant certificates for both EAP-TTLS and EAP-PEAP are optional, but server (AS) certificates are required. Developed by Microsoft, Cisco, and RSA Security, and is currently an IETF draft.