Here you will find answers to Wireless Fundamentals Questions – Part 1

If you are not sure about Wireless, please read my Wireless tutorial and Basic Wireless Terminologies

Question 1

What is fading?

A. Another signal source is producing energy on the channel in which you are trying to operate.
B. The desired signal reaches the receiving antenna via multiple paths, each of which has a different propagation delay and path loss.
C. A time-varying change in the path loss of a link with the time variance governed by the movement of objects in the environment, including the transmitter and receiver themselves.
D. A function of the frequency and should be provided in the cable specification by the vendor.
E. The minimum signal level for the receiver to be able to acceptably decode the information.
F. The time delay from the reception of the first instance of the signal until the last instance.

 

Answer: C

Explanation

Fading is a time-varying change in the path loss of a link with the time variance governed by the movement of objects in the environment, including the transmitter and receiver themselves. For example, you might be sitting in a conference room with a wireless laptop and be connected to an AP in the hallway. If someone closes the door to the conference room, the path loss drops, resulting in a lower received signal level because the signal has to go through different paths to reach the destination. This scenario is a fade.

The different signal paths between a transmitter and a receiver correspond to different transmission times. For an identical signal pulse from the transmitter, multiple copies of signals are received at the receiver at different moments. The signals on shorter paths reach the receiver earlier than those on longer paths.

In wireless communications, signal fading is caused by multi-path effect. Multi-path effect means that a signal transmitted from a transmitter may have multiple copies traversing different paths to reach a receiver. Thus, at the receiver, the received signal should be the sum of all these multi-path signals.

(Notice that the resulting received signal has similar form of direct signal)

Question 2

In what frequency band does 802.11n operate in?

A. 5.0Ghz
B. 2.4Ghz
C. 3.7Ghz
D. 2.4Ghz and 5.0Ghz

 

Answer: D

Explanation

802.11n operates in the 2.4-GHz and 5-GHz bandwidths and is backward-compatible with 802.11a and 802.11b/g.

Question 3

Which three elements define the 802.11n implementation of MIMO? (Choose three)

A. Channel Bonding
B. Dynamic Frequency Selection
C. Maximal Ratio Combining
D. Packet Aggregation
E. Spatial Multiplexing
F. Transmit Beam Forming

 

Answer: C E F

Explanation

Multiple-Input Multiple-Output (MIMO) is a technology that is used in the new 802.11n specification. A device that uses MIMO technology uses multiple antennas to receive signals (usually two or three) as well as multiple antennas to send signals. Three elements that are implemented in MIMO are:

+ Maximal Ratio Combining (MRC): used by the receiver with multiple antennas to optimally combine energies from multiple receive chains. An algorithm eliminates out-of-phase signal degradation.

In this example, the radio receiver uses 3 antennae to take advantage of the multiple signals that each carry an identical copy of the data, by combining the received signals and performing algorithms that increase the sensitivity to the received signal.

+ Spatial Multiplexing: Multiple antennas are used on the transmitting or receiving end. Since the same channel is used, each antenna receives the direct component intended for it as well as the indirect components for the other antennas. However it requires the client to have multiple antennae and be 802.11n compliant.

We can also use Spatial Multiplexing to transmit multiple data streams at the same time. They are transmitted on the same channel, but by different antenna. This technique can double, triple, or quadruple the data rate depending on the number of transmit antennas.

+ Transmit Beam Forming: The transmitter on a MIMO AP is able to adjust the transmitted signal by modifying the transmitted beam from each of its antenna according to the reflective environment in order to improve the signal to noise ratio (SNR) at the receiver, thereby improving network performance and predictability.

Question 4

Effective Isotropic Radiated Power is calculated by using which three values? (Choose three)

A. antenna bandwidth
B. antenna gain
C. cable loss
D. receiver sensitivity
E. SSID
F. transmission power

 

Answer: B C F

Explanation

Effective Isotropic Radiated Power (EIRP) is a way to measure the amount of energy radiated from an antenna. EIRP is calculated using the following formula:

EIRP = transmitter output power – cable loss + antenna gain

in which:

+ Transmitter output power: the total power radiated by the antenna.
+ Cable loss: when an access point sends energy to an antenna to be radiated, a cable might exist between the two. A certain degree of loss in energy is expected to occur in the cable.
+ Antenna gain: To counteract cable loss, an antenna adds gain, thus increasing the energy level.

Example 1:

Transmitter power = 35 dBm
Antenna gain = 10 dBi
Line loss = 8 dB

EIRP (dBm or dBW) = P (dBm or dBW) + G (dBi) – L (dB)

EIRP = 35 + 10 – 8
EIRP = 37 dB

Example 2:

Transmitter with 100 mW output power (+20 dBm)
Yagi antenna with a 13.5 dBi gain rating
50 foot of cable with a loss of 2.2 dB

EIRP = 20 + 13.5  – 2.2  = 31.3 dBm

Question 5

What increases bandwidth and resists multipath problems by carrying data in subcarriers?

A. Direct Sequence Spread Spectrum
B. Frequency Hopping Spread Spectrum
C. Narrow Band Frequency
D. Orthogonal Frequency Division Multiplexing

 

Answer: D

Explanation

Orthogonal Frequency Division Multiplexing (OFDM) defines a number of channels in a frequency range. It transmits several high speed communication channels through a single communication channel using separate sub-carriers ( frequencies) for each radio channel.

(“Orthogonal” here means the peak of each signal coincides with the trough of other signals)

With OFDM (Orthogonal Frequency Division Multiplexing), sub-carriers in the signal wave can be overlapping without causing any interference. This is accomplished by making the sub-carriers in an OFDM exactly orthogonal to each other, meaning that while one is at its peak the others are all zero. As a result, OFDM systems are able to maximize spectral efficiency without causing adjacent channel interference. The frequency domain of an OFDM system is represented in the diagram below.

Comparing to traditional FDM, each channel is spaced by about 25% of the channel width. This is done to ensure that adjacent channels do not interfere.

Because of the overlapping ability without interfering, OFDM systems are able to maximize spectral efficiency and this allows for a greater data throughput for a given bandwidth.

OFDM helps resisting multipath

The great advantage of OFDM is that if there are 48 channels carrying data, each of them can transmit slower than a CCK channel and the group of 48 will still achieve a higher throughput. For example, if each subcarrier sends at 1 Mb/s, the total speed achieved will be 48 Mb/s. The result is that not only is OFDM faster but, as each channel transmits slower, it becomes more resistant to multipath. Because there are many channels, some of them can be affected by interferences but the others can still offer normal communications. The control channels allow the receiver to detect which channels are unusable and provide feedback to the sender.

Question 6

What is derived from measuring the RF duty cycle?

A. dynamic channel selection
B. LWAPP header length
C. RF utilization
D. transmit power control

 

Answer: C

Explanation

Duty cycle is a percentage, and is directly related to RF utilization. If something other than a Wi-Fi radio is transmitting on a channel, then a Wi-Fi radio can’t use the channel until it’s free. So duty cycle tells us how often (what percentage of time) the channel is in use by something that is seen as noise by the Wi-Fi network.

Question 7

In 802.1X, which is the supplicant?

A. the point of access
B. the machine in the network that keeps a list of conditions
C. the machine that attempts to access the network
D. the device that performs the authentication

 

Answer: C

Explanation

The IEEE 802.1X protocol defines port-based access control. It defines three roles:
+ Supplicant: The machine that wishes to access the network.
+ Authenticator: The point of access, typically a switch. It is the point of entrance to the network. The supplicant, typically a PC, would connect to the authenticator.
+ Authentication server: A machine somewhere in the network that keeps a list of conditions by which access should be granted or refused.

Question 9

What three roles are defined by 802.1X? (Choose three)

A. AAA Server
B. Authenticatee
C. Authenticator
D. Authentication Server
E. Supplicant

 

Answer: C D E

Question 10

Which modulation technique allows you to achieve a data rate of 54Mb/s in the 2.4GHz-band?

A. Complimentary Code Keying
B. Differential Binary Phase Shift Keying
C. Differential Quadrature Phase Shift Keying
D. Quadrature Amplitude Modulation

 

Answer: D

Explanation

Quadrature Amplitude Modulation (QAM) is a method of combining two amplitude-modulated (AM) signals into a single channel, thereby doubling the effective bandwidth. In a QAM signal, there are two carriers, each having the same frequency but differing in phase by 90 degrees (so they are called quadrature carriers). Mathematically, one of the signals can be represented by a sine wave, and the other by a cosine wave. The two modulated carriers are combined at the source for transmission. At the destination, the carriers are separated, the data is extracted from each, and then the data is combined into the original modulating information.

With QAM method, 802.11g standard delivers the same 54 Mb/s maximum data rate as 802.11a, but operates in the
same 2.4-GHz band as 802.11b.

Here you will find answers to Wireless Fundamentals – Part 2

Question 1

How are omni antennas in a wireless network most commonly polarized?

A. circularly
B. horizontally
C. vertically
D. both horizontally and vertically

 

Answer: C

Explanation

Omni antennas send a signal of the same strength in all directions. Antennae in wireless networks are often vertically polarized, which makes the electric field vertical.

Note: A VERTICALLY POLARIZED antenna transmits an electromagnetic wave with the E field perpendicular to the Earth’s surface.

Vertical antenna: Electronic field perpendicular to the Earth’s surface

A HORIZONTALLY POLARIZED antenna transmits a radio wave with the E field parallel to the Earth’s surface.

Horizontal antenna: E field parallel to the Earth’s surface

 

Vertical polarization means that the wave moves up and down in a linear way. Horizontal polarization means that the wave moves left and right in a linear way.

-> We also notice that the E field is in the same direction with the antenna.

Question 2

Which governing body analyzes the applications and environments in which wireless networks are used?

A. EIRP
B. ETSI
C. FCC
D. IEEE
E. WiFi Alliance

 

Answer: D

Question 3

What does the current European Telecommunications Standards Institute rule state is the 2.4-GHz maximum transmitter output power for point-to-point installations?

A. 16dBm
B. 17dBm
C. 20dBm
D. 30dBm
E. 36dBm

Answer: B

Explanation

Currently ETSI stipulates a maximum of 20 dBm EIRP on point-to-multipoint and point-to-point installations; it also stipulates 17 dBm maximum transmitter power with 3 dBi in gain attributed to antenna and cable combination.

Question 4

What are two attributes used to characterize antenna performance? (Choose two)

A. attenuation
B. beamwidth
C. gain
D. harmony
E. interference

 

Answer: B C

Explanation

The fundamental characteristics of an antenna are its gain and half power beamwidth.

Some antennas are highly directional; that is, more energy is propagated in certain directions than in others. The ratio between the amount of energy propagated in these directions compared to the energy that would be propagated if the antenna were not directional (Isotropic Radiation) is known as its gain.

(An isotropic radiator will distribute its power equally in all directions)

Beamwidth is another of the important criteria since it specifies boundaries within the antenna radiation pattern, which are considered to be the limit of useful radiation (or reception).

Question 5

Bluetooth RF characteristics can be best described as which of the following?

A. continuous transmitting 5-GHz range
B. continuous transmitting 2.4-GHz range
C. frequency hopping 5-GHz range
D. frequency hopping 2.4-GHz range

 

Answer: D

Question 6

Which best describes an Ad Hoc Network?

A. Basic Service Set
B. Extended Service Set
C. Independent Basic Service Set
D. Mesh Network
E. WiMAX Network

 

Answer: C

Question 7

When would rate shifting down by a client occur?

A. when the distance to the AP has increased and the missed-symbol rate has increased
B. when the distance to the AP has increased and the signal level has increased
C. when multipath has decreased and the missed-symbol rate has decreased
D. when the noise level has decreased and the signal level has increased

 

Answer: A

Explanation

When a client moves away from the AP, the WLAN adapter software determines a threshold from where the client will not be able to achieve the maximum speed. This threshold is product-dependant and relies on values such as the Received Signal Strength Indicator (RSSI), packet error rate, and so on. To avoid losing too many packets or even the connection, the client reverts to a simpler modulation, thus slowing the speed of its communication with the AP.

Question 8

Which physical layer encoding technology is common to both the IEEE 802.11g and the IEEE 802.11a standards?

A. BPSK
B. CCK
C. DSSS
D. OFDM

 

Answer: D

Explanation

802.11a operates in the 5-GHz frequency range and is based on Orthogonal Frequency Division Multiplexing (OFDM). Like 802.11a, 802.11g uses OFDM for transmitting data. OFDM is a more efficient means of transmission than Direct Sequence Spread Spectrum (DSSS) transmission, which is used by 802.11b.

Question 9

Why are wireless analog video signals that are operating in the 2.4-GHz band particularly harmful to Wi-Fi service?

A. Analog video is a strong signal and increases the SN
B. Analog video is a constant signal with 100% duty cycle.
C. Analog video signals are slow frequency hopping and tend to affect the entire band.
D. Analog Video modulation is the same as Wi-Fi and causes interference.

 

Answer: B

Explanation

RF video cameras operate by exchanging information (the image stream) between a transmitter (the camera) and the receiver (linking to a video display). They usually use 100 mW and a channel narrower than Wi-Fi. But the stream of information is continuous, and will severely impact any wireless network in the neighboring channels. They are not compatible; an access point (AP) cannot receive a camera video stream and understand it.

The figure below illustrates the narrowband continuous transmitting nature of an analog video camera. The transmit power is concentrated on a very small portion of the spectrum (channels 4-8). Notice that the duty cycle of the analog video camera reaches 100% indicating that no Wi-Fi device in the vicinity will be able to operate on channels 4-8. Because of its continuous transmission nature, this device can cause prolonged periods of service disruption.

For your information, below lists popular sources of wireless interferer:

Question 10

Which two statements are true about WiMAX technology? (Choose two)

A. WiMAX is defined by 802.11i.
B. Typically, fixed WiMAX networks have a higher gain direction antenna installed near the client.
C. WiMAX is capable of working as a long-range system over several miles.
D. WiMAX works only for licensed frequencies.

 

Answer: B C

Explanation

WiMAX is defined by 802.16, that is intended for wireless “metropolitan area networks”. WiMAX can provide broadband wireless access (BWA) up to 30 miles (50 km) for fixed stations, and 3 – 10 miles (5 – 15 km) for mobile stations. In contrast, the WiFi/802.11 wireless local area network standard is limited in most cases to only 100 – 300 feet (30 – 100m).

Fixed WiMAX networks typically have a higher-gain directional antenna installed near the client (customer) which results in greatly increased range and throughput. Using 802.11 with high-gain antenna can bridge last-mile gaps, but they require more power.

WiMAX operates on both licensed and non-licensed frequencies, providing a regulated environment and viable economic model for wireless carriers. In particular, WiMax operates on the 10- to 66-GHz frequency band, so it doesn’t interfere with 802.11 LANs.

Here you will answers to Wireless Fundamentals – Part 3

Question 1

What unit of measurement is used to represent the strength of an antenna’s radiation pattern?

A. dBi
B. dBm
C. mW
D. GHz

 

Answer: A

Explanation

+ dBi is a unit of sound that measures acoustical and electrical power. In particular, dBi is a measure of the increase in signal (gain) by your antenna compared to the hypothetical isotropic antenna (which uniformly distributes energy in all directions) -> It is a ratio. The greater the dBi value, the higher the gain and the more acute the angle of coverage.

+ dBm is a measure of signal power. It is the the power ratio in decibel (dB) of the measured power referenced to one milliwatt (mW). The “m” stands for “milliwatt”.

Question 2

What are the four types of wireless networks? (Choose four)

A. Wireless PAN
B. LAN
C. MAN
D. VLAN
E. WAN

 

Answer: A B C E

Question 3

What is the typical maximum range of a wireless PAN?

A. 45 feet
B. 50 feet
C. 55 feet
D. 60 feet

 

Answer: B

Explanation

A wireless personal area network (WPAN) is a network that exists within a relatively small area, connecting electronic devices such as desktop computers, printers, scanners, fax machines, personal digital assistants (PDAs) and notebook computers.

I am not sure about the maximum range of a wireless PAN but typically a wireless personal area network can communicate within a range of about 30 feet (10 meters). I can’t find any information saying that it can operate up to 50 feet but in the exam you should choose “50 feet”.

The main WPAN technology is Bluetooth. Some technologies are IrDA, UWB, Z-Wave and ZigBee…

Question 4

What is the general maximum coverage area of a wireless PAN?

A. within 30 feet
B. within 35 feet
C. within 40 feet
D. within 45 feet

 

Answer: A

Explanation

It is weird that Cisco thinks “maximum coverage area” is different from “maximum range”!  But this question has correct answer of 30 feet.

Question 5

What relatively new standard applies to wireless MANs?

A. IEEE 802.11
B. IEEE802.3Z
C. Wi-Fi
D. IEEE 802.16

 

Answer: D

Question 6

True or false: A computer device stores data in analog form.

A. true
B. false

 

Answer: B

Question 7

On what layers of the OSI reference model do wireless networks operate? (Choose two)

A. Physical layer
B. Network layer
C. data link layer
D. session layer

 

Answer: A C

Question 8

RF signals offer relatively short range as compared to light signals. True or false?

A. True
B. False

 

Answer: B

Explanation

First we need to explain about Line-of-sight & non-line-of-sight:

Line-of-sight (LOS) is a condition where a signal travels over the air directly from a wireless transmitter to a wireless receiver without passing an obstruction.

Conversely, non-line-of-sight (NLOS) is a condition where a signal from a wireless transmitter passes several obstructions before arriving at a wireless receiver. The signal may be reflected, refracted, diffracted, absorbed or scattered.

In most case RF signals are line-of-sight signal and “light” is a non-line-of-sight signal so FR signals offer longer range than light signals.

Question 9

Spread spectrum generally requires user licenses. True or false?

A. True
B. False

 

Answer: B

Explanation

Spread spectrum is a form of wireless communications in which the frequency of the transmitted signal is deliberately varied. This results in a much greater bandwidth than the signal would have if its frequency were not varied. For example, if you listen to an FM radio at 100 MHz, the signal stays at 100 MH and does not vary. But when you are talking to your friends via a cell phone then you are using spread spectrum technology as the mobile frequency varies from time to time (but within a specific range). This technology is called frequency hopping.

Spread-spectrum systems offer the flexibility of license-free operation in four distinct frequency bands (902-928 MHZ, 2400-2483.5 MHZ, 5150-5350 MHZ, and 5725-5825 GHz), and there are many other unlicensed ISM frequency bands, the two frequencies most commonly used for environmental monitoring and SCADA applications are 902 MHz-928 MHz and 2400 MHz-2483.5 MHz. Wireless LANs are common in the 2.4GHz band where a high data rate over short distance is required. Bluetooth and WiFi communications use the 2.4GHz band.

Question 10

Approximately up to what range do direct infrared systems operate?

A. 0.5 mile
B. 1 mile
C. 1.5 mile
D. 2.0 mile

 

Answer: B

Explanation

The range of an infrared light system can vary from a few feet with PDA applications to 1 mile with direct infrared systems. This is significantly less range than with RF systems.

Here you will find answers to Wireless Fundamentals – Part 4

Question 1

True or false: A wireless PAN consumes little power from small handheld computer devices.

A. True
B. False

 

Answer: A

Explanation

An example of the Wireless PAN technology is Bluetooth. It is also known as IEEE 802.15.1, has the advantage of being very energy-efficient, which makes it particularly well-suited to use in small devices.

Question 2

Which IEEE standards group uses Bluetooth as the basis for the standard?

A. IEEE 802.15
B. IEEE 802.11
C. IEEE 802.13
D. IEEE 802.16

 

Answer: A

Question 3

In what frequency band does Bluetooth operate?

A. 2.2 GHz
B. 2.4 GHz
C. 2.6 GHz
D. 3.0 GHz

 

Answer: B

Question 4

A Bluetooth-enabled device is always transmitting. True or false?

A. True
B. False

 

Answer: B

Explanation

The Bluetooth device hops across all the channels. Although the energy emitted by the Bluetooth device may appear high, its duty cycle values are much lower (maximum is about 3.5%, which may not affect WiFi devices seriously). If a bluetooth-enabled device is always transmitting, its duty cycle should be 100%.

Question 5

What is the highest possible data rate of an IrDA device?

A. 2 Mbps
B. 4 Mbps
C. 6 Mbps
D. 8 Mbps

 

Answer: B

Explanation

IrDA is an acronym for the Infrared Data Association, an organization which sets communications standards for infrared over small distances. Some kinds of IrDA devices include printers, cameras, handheld portables, smart remotes with display screens, cell phones…

IrDA devices provide a point-to-point method of data transfer that is adaptable to a broad range of computing and communicating devices. The first version of the IrDA specification (version 1.0) provides communication at data rates up to 115.2 Kbps. Later versions (version 1.1) extended the data rate to 4 Mbps, while maintaining backward compatibility with version 1.0 interfaces.

Question 6

In what frequency band does 802.11a operate in?

A. 2.2 GHz
B. 2.4 GHz
C. 2.6 GHz
D. 5 GHz

 

Answer: D

Question 7

How many non-overlapping channels are available with 802.11b wireless LANs?

A. One
B. Two
C. Three
D. Four

 

Answer: C

Explanation

Fourteen channels are defined in the IEEE 802.11b channel set. Each channel is 22MHz wide but there is only 5MHz channel separation so, as can be seen in the illustration, the channels overlap.

There are only 3 non-overlapping channels available in the 802.11b standard, they are channels 1, 6 and 11. For WiFi access points that are located near each other it is recommended that they each use one of the above non-overlapping channels to minimize the effects of interference.

Question 8

True of false: 802.11g operates at up to 54 Mbps and interoperates with 802.11b.

A. True
B. False

 

Answer: A

Question 9

A learning bridge forwards all packets. True or false?

A. True
B. False

 

Answer: B

Explanation

A learning bridge monitors MAC  (OSI layer 2) addresses  on both positions of its connection and  attempts to learn which addresses are on which  side. When a packet arrives, it examines the destination address of the frame. If it does not find the destination address in its forwarding table so it floods it to all other ports. If the bridge already has that destination address in its forwarding table so it will forward that packet to the corresponding port.

In this question, maybe the author wants to mention about a “real” bridge (not switch, because these 2 terms are sometimes used interchangeable). A bridge, in some circumstances, must determine when it receives a packet whether it should let the packet cross the bridge or continue local (some packets may not want to cross the bridge because the source and  destination addresses are both on one side).

Question 10

True or false: FDMA requires users to take turns transmitting signals.

A. True
B. False

 

Answer: B

Explanation

When using Frequency Division Multiple Access (FDMA), the available bandwidth is subdivided into a number of narrower band channels. Each user is allocated a unique frequency band in which to transmit and receive on. During a call, no other user can use the same frequency band.

FDMA

“TDMA requires users to take turns transmitting signals” is a true statement. Time Division Multiple Access (TDMA) divides the available spectrum into multiple time slots, by giving each user a time slot in which they can transmit or receive.

TDMA

Question 11

A company has a wireless network. In this network, collisions occur when more than one device sends data at the same time. Which physical layer function can a network administrator perform to determine whether or not any device is sending data to the channel?

A. CSMA/CD
B. CCA
C. CSMA/CA
D. CCX

 

Answer: B

Explanation

Wireless devices cannot send and receive at the same time. It means that if more than one device were to send at the same time, a collision would result. If a collision occurs, the data from both senders would be unreadable and would need to be resent.

When a station is ready to send, it listens to the media to verify that nothing else is sending. If the media is free, the station sends its wave. This method is called Clear Channel Assessment (CCA).

CSMA/CCA copies the contention window (CW) size piggybacked in the MAC header of an overheard data frame within its basic service set (BSS) and updates its backoff counter according to the new CW size.

CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) is a layer 2 technique, not layer 1 (physical). In CSMA/CA, as soon as a device receives a packet that is to be sent, it checks to be sure the channel is clear (no other node is transmitting at the time). If the channel is clear, then the packet is sent. If the channel is not clear, the node waits for a randomly chosen period of time, and then checks again to see if the channel is clear. This period of time is called the backoff factor, and is counted down by a backoff counter. If the channel is clear when the backoff counter reaches zero, the node transmits the packet. If the channel is not clear when the backoff counter reaches zero, the backoff factor is set again, and the process is repeated.

Note:

CSMA/CD deals with transmissions after a collision has occurred, CSMA/CA acts to prevent collisions before they happen.

Question 11

A business customer uses Non-LOS WiMAX wireless network technology. Which of the following data rates is provided to the customer?

A. 30 Mbps
B. 70 Mbps
C. 40 Mbps
D. 15 Mbps

 

Answer: A

Explanation

The signal range of Non-LOS WiMAX is about 3 to 4 miles, and data rates are advertised at around 30 Mbps, but you can expect less, closer to 15 Mbps.

Question 12

A network administrator needs to determine what LAN devices to install on his network. What are two advantages of using Layer 2 Ethernet switches over hubs? (Choose two)

A. Allowing simultaneous frame transmissions
B. Increasing the size of broadcast domains
C. Increasing the maximum length of UTP cabling between devices
D. Filtering frames based on MAC addresses
E. Decreasing the number of collision domains

 

Answer: A D

Here you will find answers to Traffic Flow and AP QuestionsAccording to the IEEE 802.11 standard

Question 1

What two statements about beacon frames used by access points are true? (Choose two)

A. contains SSIDs if this feature is enabled
B. provides vendor proprietary information
C. is another name for an associated request
D. sent in response to a probe frame
E. includes ATIM window information for power save operations

 

Answer: A B

Explanation

Prior to authentication/association, devices must identify any access-points that are within range. Two methods of scanning are available; namely, passive and active. In passive scanning mode, a device monitors each channel for beacon frames that are broadcast by the access-points in the vicinity.

A beacon frame is a management frame in IEEE 802.11-based wireless LANs. It contains all the information about the network. Beacon frames are transmitted periodically to announce the presence of a wireless LAN network and are transmitted by the Access Point (AP). A beacon frame includes timestamp, beacon interval, its capabilities, SSIDs, supported rates,  TIM (Traffic Indication Map) and some configuration and security information to the client devices. Some of them are standard; other are vendor proprietary. Below shows a beacon frame with “Cisco Proprietary” parameters from the Cisco AP:

(Note: beacon interval is the time interval between two consecutive beacon frames)

Question 2

In general, what is the difference in transmit power between an AP operating at Tx Power Level 1 and the same AP operating at Tx Power Level 3?

A. 2 dB
B. 3 dB
C. 6 dB
D. 11 dB
E. 17 dB

 

Answer: C

Explanation

In Tx Power Level term, a level of “1” represents the highest power level available in the country for which this AP is configured. A level of “2” is 50 percent of this maximum, a level of “3” is 25 percent of this maximum, a level of “4” is 12.5 percent, and so on. Each level is half the power strength of the previous level.

Therefore, the difference between Tx Power Level 1 and Level 3 is calculated (in dB) as follows:

Difference (dB) = 10* log(25%) = -6 dB but we just need its amplitude-> C is correct.

Question 3

Which interface is considered a dynamic interface?

A. the virtual interface
B. the AP manager interface
C. the LAG interface
D. the management interface
E. the service port interface
F. a WLAN client data interface

 

Answer: F

Explanation

Each interface performs specific roles within the unified wireless environment. The static interfaces perform system roles, while the dynamic interfaces are user-defined, and provide client connectivity. Therefore a WLAN client data interface is considered a dynamic interface.

Question 4

An indoor 1240 AP is booting and has obtained an IP address using DHCP. The AP has confirmed prior controller IP addresses from a previously joined mobility group stored in NVRAM. What is the next step the AP performs?

A. DHCP option 43.
B. DNS resolution of CISCO-LWAPP-CONTROLLER.localdomain.
C. Layer 2 LWAPP discovery broadcast.
D. Layer 3 LWAPP discovery broadcast.
E. Ping each Cisco WLC to verify its current status.
F. Select a Cisco WLC based on its position in the configured join selection sequence.

 

Answer: A

Explanation

In a controller-based architecture, access points are dependent on a wireless controller to provide the software image, configuration, and centralized control and optionally data forwarding functions. Therefore, it is necessary for the access point to find a list of available controllers with which it can associate. Below is the process of finding as many controllers as possible in order to choose the best candidate to join after the AP has an IP address:

1 – LWAPP discovery broadcast on local subnet. This is a broadcast that is sent at Layer 2.
2 – OTAP
3 – Locally stored WLC IPs
4 – DHCP Option 43
5 – DNS Discovery.

DHCP protocol has become more and more popular over the time, hard and software vendors have started using the DHCP protocol to distribute all kinds of configuration options for their network devices or for their software. Now the problem is that the number of official options is limited and the process to get a new option recognized is difficult. For this reason, a new mechanism was introduced to make it easier for vendors to distribute their own proprietary information without clashing with other vendors and without having to register new options each time they decide the need them. This is achieved through the DHCP option 43 (Vendor Specific Information). Now the DHCP server has a private table of DHCP options which is kept separately for each vendor. Each vendor is identified by a vendor string. Now when a DHCP client asks for vendor specific options it makes a request with option 43 using the vendor string and a list of requested vendor specific options.

The information provided by DHCP option 43 is presumably interpreted by vendor-specific code on the clients and servers. The definition of this information is vendor specific. The vendor is indicated in the vendor class identifier option. Servers not equipped to interpret the vendor-specific information sent by a client MUST ignore it (although it may be reported). Clients which do not receive desired vendor-specific information SHOULD make an attempt to operate without it, although they may do so (and announce they are doing so) in a degraded mode.

Question 5

Which AP to Wireless LAN Controller discovery process requires a previous association of the AP with a Cisco WLC?

A. AP priming
B. defining a master controller
C. DHCP Option 6
D. DHCP Option 43
E. over-the-air provisioning

 

Answer: A

Explanation

AP priming happens after an AP is associated with at least one controller. The AP then gets a list of other controllers that it can associate with from the one it is already associated with. These other controllers are part of a mobility group. This information then gets stored in NVRAM and can be used if the AP reboots. To contact these controllers, the AP sends a broadcast to the primary controller and all the other controllers in the group.

Question 6

Which of the following methods is NOT used to access an AP in autonomous mode?

A. Browse
B. Telnet
C. Auxiliary
D. Console

 

Answer: C

Explanation

Well, there is no clear explanation why we can’t access an AP in auxiliary mode. You can access an autonomous AP in four ways:
* Console to it using a console cable and the console port.
* Telnet into it if it has an IP address.
* Browse to it with a web browser if it has an IP address.
* SSH into it if configured (preferred over Telnet).

(Reference: CCNA Wireless Official Exam Certification Guide)

Here you will find answers to Wireless LAN Questions

Question 1

Up to how many Cisco WiSMs are supported in a single mobility group operating under v5.0 code?

A. 5
B. 12
C. 16
D. 24
E. 150
F. 300

Answer: B

Here you will find answers to Wireless Client Questions

Question 1

When creating new configuration profiles in Cisco Secure Services Client, in what format are the files saved?

A. .RTF
B. .HTML
C. .TXT
D. .XML
E. .XTML

 

Answer: D

Explanation

The Cisco Secure Services Client (Cisco SSC) generates an XML file that can be easily deployed network-wide to all client machines. This process is very secure and scalable, and still flexible enough to let users create their own personal connection profiles for private use.

Below is an example of the structure of a XML file. Notice that this configuration is only used for demonstration and is not created by the Cisco Secure Services Client software.

To learn more about how to configure Cisco Secure Services Client, you can visit

http://www.cisco.com/en/US/docs/wireless/wlan_adapter/secure_client/5.1/administration/guide/C2_SetupSSC.html

Question 2

How are application-specific devices differentiated from laptop computers in the way they support Cisco Compatible Extensions?

A. ASDs are required to support only CCXv1 and v2 features. Laptops must support all CCX features.
B. ASDs are required to support only CCXv5 management features, while laptops are optional features.
C. Several features that are required for laptops are not required for ASDs.
D. There is no differentiation. ASDs and laptops must both support the same CCX features.

 

Answer: C

Explanation

Several features that are required for laptops are not required for application-specific devices (ASDs) that are used either exclusively or primarily for data applications. Data ASDs include data capture devices, PDAs, and printers. Voice ASDs include single mode, dual mode and smart phones. Every feature that is optional for an ASD is represented in the ASD field as Optional.

Question 3

Which open standard defines the combination of Extensible Authentication Protocol with Advanced Encryption Standard for providing strong wireless LAN client security?

A. IEEE 802.1X
B. IEEE 802.11i
C. WEP
D. WPA
E. WPA2

 

Answer: B

Explanation

The full standard IEEE 802.11i (also known as WPA2 or RSN)) is designed to provide secured communication of wireless LAN as defined by all the IEEE 802.11 specifications. IEEE 802.11i enhances the WEP (Wireline Equivalent Privacy), a technologies used for many years for the WLAN security, in the areas of encryption, authentication and key management. IEEE 802.11i is based on the Wi-Fi Protected Access (WPA), which is a quick fix of the WEB weaknesses.

The aim of 802.11i was to produce a specification for a robust security network (RSN) designed to enhance:
* Authentication
* Key management
* Confidentiality and integrity

The IEEE 802.11i has the following key components:

1. Temporal Key Integrity Protocol (TKIP): session key establishment and re-negotiation
2. Counter-Mode/CBC-MAC Protocol (CCMP): an AES-based protocol to provide confidentiality, integrity and origin authentication
3. IEEE 802.1x for authentication (entailing the use of EAP and an authentication server)

Advanced Encryption Standard (AES) is the cipher system used by WPA2. It is the equivalent of the RC4 algorithm used by WPA. However the encryption mechanism is much more complex and does not suffer from the problems associated with WEP. AES is a block cipher, operating on blocks of data 128bits long.

Note: WPA only implemented a subset of a draft of 802.11i. It is not the full standard of IEEE 802.11i.

Question 4

Which client application utility allows wireless configuration on Linux platforms?

A. Airport Extreme
B. CiscoAironet Desktop Utility
C. Cisco Secure Services Client
D. NetworkManager
E. Windows ZeroConfig

 

Answer: D

Explanation

NetworkManager is a GUI that communicates directly with the hardware for Linux. It is distribution- and desktop environment-agnostic (that is, it works on distributions Ubuntu as well as on Fedora, and on KDE, as well as on Gnome and many others).

Here you will find answers to Cisco Mobility Express Questions

Question 1

Which two tasks does RRM routinely perform? (Choose two)

A. antenna selection
B. AP address assignment
C. channel assignment
D. encryption method assignment
E. transmit power control

Answer: C E

Explanation

Radio resource management (RRM) is a management control system designed to eliminate or reduce co-channel interference in wireless systems. The objective of RRM is to optimize the availability of channel resources as required to provide the best possible wireless service for users while allowing wireless service providers to serve as many users as possible. RRM engine monitors the radio resources, performs dynamic channel assignments, provides detection and avoidance of interference, and provides the dynamic transmit power control (TPC).

Question 2

A new Cisco Mobility Express 526 controller using v4.2 code direct from the factory is accessible by which default IP address?

A. 10.10.1.1
B. 172.16.1.1
C. 172.16.100.1
D. 192.168.1.1
E. 192.168.100.1

Answer: D

Explanation

The default IP address of the configuration wizard of Cisco Mobility Express Wizard is 192.168.1.1.  So if you have never performed CLI setup, you can access the web interface of a Cisco 526 Express Controller via this address. But notice that you have to access it using secure http, https://192.168.1.1

Question 3

What are the primary methods of configuration management for the Mobility Express Solution?

A. CCA and CLI
B. CCA and Web GUI
C. CLI and Web GUI
D. CLI, Web GUI, and CCA
E. Cisco WCS, Web GUI, and CCA
F. Cisco WCS, Web GUI, CCA, and CLI

Answer: B

Explanation

The Cisco 526 Controller can be configured using the web interface or using the Cisco Configuration Assistant.

Here you will find answers to Authentication and Encryption Questions

Question 1

What are three primary components that describe TKIP? (Choose three)

A. Broadcast Key Rotation
B. Dynamic WEP
C. Message Integrity Check
D. Per-Packet Key Hashing
E. Symmetric Key Cipher
F. WPA2 Enterprise Mode

 

Answer: A C D

Explanation

TKIP offers three advantages over WEP:

* Per packet keying: Each packet is generated using a unique key so it is much more difficult to get from repetitive data back to the key.
* Message integrity check: (MIC – If the message integrity check does not pass, the message is seen as a forgery. If two forgeries are detected in one second, the radio assumes it is under attack. It deletes its session key, disassociates itself, then forces re-association)
* Broadcast key rotation: Broadcast key is required in 802.1X environments but it is vulnerable to same attacks as static WEP key. By using broadcast key rotation, key is delivered to client encrypted with client’s dynamic key.

Based on Per packet keying & Message integrity check, every packet has a unique encryption key and each packet is digitally signed to validate the source of the sender before decrypting it to make sure the packet is valid and that it’s coming from a trusted source and not being spoofed

Per Packeting Keying

 

Integrity Check

Question 2

What is the impact of configuring a single SSID to simultaneously support both TKIP and AES encryption?

A. The overhead associated with supporting both encryption methods will significantly degrade client throughput.
B. Some wireless client drivers might not handle complex SSID settings and may be unable to associate to the WLAN.
C. This is an unsupported configuration and the Cisco Wireless Control System will continuously generate alarms until the configuration is corrected.
D. This is a common configuration for migrating from WPA to WPA2. There is no problem associated with using this configuration.

 

Answer: D

Explanation

AES encryption uses hardware so there is almost no overhead when using it. TKIP is based on software. So when we support both TKIP and AES the client throughput will not significantly degrade -> A is not correct.

When choosing both AES and TKIP, the router will support both encryption algorithms. Because not all wireless NICs support AES, some only support TKIP,  so this option is probably the best choice -> B isnot correct.

As the picture below, Cisco Wireless Control System does support both simultaneously -> C is not correct.

Question 3

What is the Default Local Database size for authenticating local users?

A. 512 entries
B. 1024 entries
C. 2048 entries
D. 4096 entries
E. 8192 entries

 

Answer: A

Question 4

Which statement best represents the authorization aspect of AAA?

A. Authorization takes place after a successful authentication and provides the Cisco WLC the information needed to allow client access to network resources.
B. Authorization is the validation of successful DHCP address delivery to the wireless client.
C. Authorization must be successfully completed in order to proceed with the authentication phase.
D. Successful authorization will provide encryption keys that will be used to secure the wireless communications between client and AP.

 

Answer: A

Explanation

AAA is an architectural framework for configuring a set of three independent security functions in a consistent manner. AAA provides a modular way of performing the following services:

* Authentication: Provides the method of identifying users, including login and password dialog, challenge and response, messaging support, and, depending on the security protocol you select, encryption.
* Authorization: Provides the method for remote access control, including one-time authorization or authorization for each service, per-user account list and profile, user group support, and support of IP, IPX, ARA, and Telnet.
* Accounting: Provides the method for collecting and sending security server information used for billing, auditing, and reporting, such as user identities, start and stop times, executed commands (such as PPP), number of packets, and number of bytes.

(Reference: http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfaaa.html)

Question 5

Which Extensible Authentication Protocol types are supported by the Cisco Unified Wireless Network?

A. EAP-TLS, PEAP-MSCHAPv2 and PEAP-GTC only
B. LEAP and EAP-FAST only
C. EAP-TLS, PEAP-MSCHAPv2, PEAP-GTC, LEAP, EAP-FAST only
D. Any EAP supported by the RADIUS authentication server

 

Answer: D

Question 6

The 4-way handshake is used to establish which key during the WPA authentication process?

A. Pairwise Master Key
B. Pairwise Multiple Key
C. Pairwise Session Key
D. Pairwise Transient Key
E. Pairwise Transverse Key

 

Answer: D

Explanation

After a successful EAP authentication the 4-way handshake begins

Objective: Generate PTK and confirm the procession and freshness of PTK.

Assumption: PMK only known to Supplicant and Authenticator, never transmitted over network.

PTK: Pairwise Transient Key
PMK: Pairwise Master Key
ANonce: nonce generated by authenticator
SNonce: nonce generated by supplicant

Initial stage: The Supplicant generates a random number called SNonce and the Authenticator generates a random number called ANonce.

1) The AP first sends ANonce to the client, including its MAC address. The client then uses a common passphrase along with this random number to derive Pairwise Transient Key (PTK) that is used to encrypt data to the AP.

Note: The PTK is generated by the ANonce, authenticator MAC address as well as the SNonce and MAC address of the Supplicant.

2) The Supplicant then sends its own random number to the AP (called SNonce), along with a Message Integrity Code (MIC) and Security parameters (RSN), which are used to ensure that the data is not tampered with.

3) The AP generates GTK key used to encrypt unicast traffic to the client. To validate, the AP sends the random number again, encrypted using the derived PTK.

4) A final message is sent, indicating that the PTK is in place on both sides.

Therefore, the four-way handshake is used to obtain the Pairwise Transient Key that is used for communication between the device and the Access Point.

Question 7

Which four parameters need to be configured for local EAP-FAST on the controller? (Choose four)

A. Authority ID
B. Authority ID Information
C. Client Key
D. PAC
E. Server Key
F. TTL for PAC
G. Monitor Key
H. NTP Source

 

Answer: A B E F

Explanation

EAP-FAST is designed to speed re-authentication when a station roams from one AP to another. Here are the parameters that can be configured:

* Server Key (in hexadecimal): The key (in hexadecimal characters) used to encrypt and decrypt PACs.
* Time to Live for the PAC: Enter the number of days for the PAC to remain viable. The valid range is 1 to 1000 days, and the default setting is 10 days.
* Authority ID (in hexadecimal): Enter the authority identifier of the local EAP-FAST server in hexadecimal characters. It is possible to enter up to 32 hexadecimal characters,  but an even number of characters must be entered. This will identify the controller as the emitter of the PAC.
* Authority ID Information: Enter the authority identifier of the local EAP-FAST server in text format.
* Anonymous Provision: Enable this setting to allow anonymous provisioning. This feature allows PACs to be sent automatically to clients that do not have one during PAC provisioning. If this feature is disabled, PACS must be manually provisioned. Disable this feature when using EAP-FAST with certificates. The default setting is enabled.

Question 8

When using the enterprise-based authentication method for WPA2, a bidirectional handshake exchange occurs between the client and the authenticator. Which five statements are results of that exchange using controller based network? (Choose five)

A. a bidirectional exchange of a nonce used for key generation
B. binding of a Pairwise Master Key at the client and the controller
C. creation of the Pairwise Transient Key
D. distribution of the Group Transient Key
E. distribution of the Pairwise Master key for caching at the access point
F. proof that each side is alive

 

Answer: A B C D F

Question 9

What are four features of WPA? (Choose four)

A. a larger initialization vector, increased to 48 bits
B. a message integrity check protocol to prevent forgeries
C. authenticated key management using 802.1X
D. support for a key caching mechanism
E. unicast and broadcast key management
F. requires AES-CCMP

 

Answer: A B C E

Here you will find answers to Authentication and Encryption – Part 2

Question 1

What two statements are true about AES-CCMP? (Choose two)

A. It is an encryption algorithm used in the 802.11i security protocol.
B. It is defined in 802.1X.
C. It is the encryption algorithm used in TKIP implementations.
D. It is required in WPA.
E. It is required in WPA2.

 

Answer: A E

Explanation

Advanced Encryption Standard (AES) is the cipher system used by RSN. It is the equivalent of the RC4 algorithm used by WPA. However the encryption mechanism is much more complex and does not suffer from the problems associated with WEP. AES is a block cipher, operating on blocks of data 128bits long.

CCMP is the security protocol used by AES. It is the equivalent of TKIP in WPA. CCMP computes a Message Integrity Check (MIC) using the well known, and proven, Cipher Block Chaining Message Authentication Code (CBC-MAC) method. Changing even one bit in a message produces a totally different result.

The AES-CCMP encryption algorithm used in the 802.11i (WPA2) security protocol. It uses the AES block cipher, but restricts the key length to 128 bits. AES-CCMP incorporates two sophisticated cryptographic techniques (counter mode and CBC-MAC) and adapts them to Ethernet frames to provide a robust security protocol between the mobile client and the access point.

AES itself is a very strong cipher, but counter mode makes it difficult for an eavesdropper to spot patterns, and the CBC-MAC message integrity method ensures that messages have not been tampered with.

Question 2

One of the advantages of implementing EAP-FAST is that there is no need to implement which item as part of your authentication infrastructure?

A. an access control server
B. a Certificate Authority infrastructure
C. a client that supports EAP-FAST
D. a RADIUS server

 

Answer: B

Explanation

EAP-FAST is a solution for organizations that are too small to run a dedicated PKI Certificate Authority infrastructure as this certificate costs much (around $500/year). Instead, EAP-FAST uses a strong shared secret key called a
Protected Access Credential (PAC) that is unique on every client.

Question 3

What is the Default Local Database size for authenticating local users?

A. 512 entries
B. 1024 entries
C. 2048 entries
D. 4096 entries
E. 8192 entries

 

Answer: A

Question 4

When using the Pre-Shared Key authentication method for WPA or WPA2, the pre-shared key is used for which two functions? (Choose two)

A. to act as the Group Transient Key during the bidirectional handshake
B. to act as the Pairwise Master Key during the bidirectional handshake
C. to derive the nonce at each side of the exchange
D. to derive the Pairwise Transient Key

 

Answer: B D

Explanation

Pre-shared key (PSK) is computed based on a shared secret (pass-phrase) which was previously shared between the two parties using some secure channel before it needs to be used. It is used to identify both peers to each other.

The strength of the PSK depends on the strength of the pass-phrase. The strength of the PSK is important, because WPA-Personal (and WPA2-Personal) use the PSK as the Pairwise Master Key (PMK). The PMK, when combined with two random numbers (nonces) and the MAC addresses of the access point and the client, produces a unique Pairwise Transient Key (PTK) that secures the unicast traffic between the access point and the client. A new PTK is produced each time a client connects to the access point.

Question 5

EAP-FAST was first supported where?

A. CCXv1
B. CCXv2
C. CCXv3
D. CCXv4
E. CCXv5

 

Answer: C

Explanation

The Cisco Compatible Extensions (CCX) program ensures that wireless clients are compatible with Cisco WLAN equipment. The following is a brief list of the features supported by each CCX specification:

CCXv1 – Standard 802.11 features, 802.1X with LEAP
CCXv2 – WPA, 802.1X with PEAP
CCXv3 – WPA2, 802.1X with EAP-FAST
CCXv4 – Network Admission Control (NAC), Call Admission Control for VoIP
CCXv5 – Advanced troubleshooting and client reporting functionality

Question 6

Which authentication method best supports a large enterprise deployment where over the air security is a necessity?

A. Open Authentication with Web Authentication
B. PSK with WEP
C. WPA with PSK
D. WPA2 with EAP-FAST
E. WPA2 with PSK

 

Answer: D

Question 7

Which statement applies to TKIP?

A. is part of the initial key exchange used to derive apairwise temporal key
B. is used to encrypt a WEP authenticated session
C. is used to encrypt the data for WPA sessions
D. is used to secure the initial authentication credential exchange between client and authenticator

 

Answer: C

Explanation

The Temporal Key Integrity Protocol (TKIP) was brought into WPA. TKIP encryption replaces WEP’s small 40-bit encryption key that must be manually entered on wireless access points and devices and does not change. TKIP is a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet.

Question 8

WEP is a mandatory encryption mechanism. True or false?

A. True
B. false

 

Answer: B

Question 9

WPA uses TKIP and is a subset of the 802.11 i standard. True or false?

A. True
B. false

 

Answer: A

Here you will find answers to Cisco Unified Wireless Network Questions

Note:

The Cisco Unified Wireless Network is composed of five interconnected elements that work together to deliver a unified enterprise-class wireless solution. They are client devices, APs, network unification, network management, and mobility services.

There is no upgrade path between the Mobility Express solution and the Cisco Unified Wireless Network solution, though they offer features close to each other.

Question 1

Which three Cisco Unified Wireless Network capabilities use information that is provided by Radio Resource Management neighbor messages? (Choose three)

A. Aggressive Load Balancing
B. Dynamic Channel Assignment
C. Hybrid Remote Edge Access Point
D. Inter-controller Mobility (that is, Mobility Groups)
E. Over-the-Air Provisioning
F. Rogue AP Classification

 

Answer: B E F

Explanation

First we should learn how the RRM works:

1) Controllers (whose APs need to have RF configuration computed as a single group) are provisioned with the same RF Group Name. An RF Group Name is an ASCII string each AP will use to determine if the other APs they hear are a part of the same system.

(RF groups are groups of controllers that share the same RF group name and whose APs can hear the neighbor messages of each other)

2) APs periodically send out Neighbor Messages, sharing information about themselves, their controllers, and their RF Group Name. These neighbor messages can then be authenticated by other APs sharing the same RF Group Name.

3) APs that can hear these Neighbor Messages and authenticate them based on the shared RF Group Name, pass this information (consisting primarily of controller IP address and information on the AP transmitting the neighbor message) up to the controllers to which they are connected.

4) The controllers, now understanding which other controllers are to be a part of the RF Group, then form a logical group to share this RF information and subsequently elect a group leader.

5) Equipped with information detailing the RF environment for every AP in the RF Group, a series of RRM algorithms are used to optimize AP configurations.

Information from Radio Resource Management (RRM) monitors the radio resources, performs dynamic channel assignments, provides detection and avoidance of interference, and provides the dynamic transmit power control (TPC).

The RRM neighbor message contains the following information:

* Radio Identifier: If the AP had multiple radios, this field identifies the radio used to transmit the message.
* Group ID: The 16-bit value and controller MAC address. This information is used to detect rogue access points. The access points will then check the beacon/probe-response frames in neighboring access point messages to see if they contain an authentication information element (IE) that matches that of the RF group. If the check is successful, the frames are authenticated. Otherwise, the authorized access point reports the neighboring access point as a rogue, records its BSSID in a rogue table, and sends the table to the controller.

* WLC IP Address: RF group leader’s management IP address. This address is discovered through Over-the-Air Provisioning (OTAP)
* AP Channel: The native channel that the AP uses to service clients.
* Neighbor Message Channel: The channel the message is sent on.
* Power: The power level at which the message is transmitted.
* Antenna Pattern: The antenna pattern currently in use

Note:

Dynamic channel assignment is used to dynamically allocate access point channel assignments to avoid conflict and to increase capacity and performance. For example, two overlapping channels in the 802.11g band, such as 1 and 2, cannot both simultaneously use 54 Mbps. By effectively reassigning channels, the controller keeps adjacent channels separated, thereby avoiding this problem.

Over-the-Air Provisioning (OTAP) is a method for APs to discover the management IP of a controller over the air.

A rogue AP is an AP that is unknown to the controller.

Reference:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008072c759.shtml
http://www.cisco.com/en/US/docs/wireless/controller/5.2/configuration/guide/c52rrm.html

Question 2

Which roaming situation using controllers in a Cisco Unified Wireless Network requires a client using WPA2 with PKC to reauthenticate to the network?

A. A wireless client roams to another AP on a different controller in the same mobility domain.
B. A wireless client roams to another AP on the same controller.
C. A wireless client roams to another AP after being out of range of the network for 2 minutes.
D. A wireless client roams to another AP on a controller in a different mobility domain.

 

Answer: D

Explanation

PKC is a feature enabled in Cisco 2006/410x/440x Series Controllers which permits properly equipped wireless clients to roam without full re-authentication with an AAA server. In order to understand PKC, you first need to understand Key Caching.

Key Caching is a feature that was added to WPA2. This allows a mobile station to cache the master keys (Pairwise Master Key [PMK]) it gains through a successful authentication with an access point (AP), and re-use it in a future association with the same AP. This means that a given mobile device needs to authenticate once with a specific AP, and cache the key for future use. Key Caching is handled via a mechanism known as the PMK Identifier (PMKID), which is a hash of the PMK, a string, the station and the MAC addresses of the AP. The PMKID uniquely identifies the PMK.

(Reference: http://www.cisco.com/en/US/products/ps6366/products_qanda_item09186a00808b4c61.shtml)

Question 3

To seamlessly roam between two wireless cells in a Cisco Unified Wireless Network using controllers, which condition must exist?

A. The next cell should be on the same channel as the client’s current cell.
B. The wireless client must use an EAP authentication method with the infrastructure authenticator.
C. The client’s password must be the same on both APs.
D. The next cell should provide the same SSID as the client’s current cell.
E. The clients need static IP addresses.

 

Answer: D

Question 4

On a Cisco Unified Wireless Controller, which three Access Point modes allow for client connectivity? (Choose three)

A. Bridge Mode
B. H-REAP Mode
C. Local Mode
D. Monitor Mode
E. Rogue Detector Mode
F. Sniffer Mode

 

Answer: A B C

Explanation

Bridge mode allows administrators to connect LAN networks together across a wireless link or to provide wireless
access to clients where wired connections are not directly available. It can be used as a point-to-point or point-to-multipoint link.

Hybrid Remote Edge Access Point (H-REAP) lets you configure access points (AP) in a branch or remote office from the corporate office through a wide-area network (WAN) link without the need to deploy a controller in each office. An H-REAP device operates on the far side of a WAN, and its controller is back at the core site. H-REAP APs may not be registered to a controller, it can service wireless clients.

Local mode (or normal mode) is the default mode of an AP. When operating in this mode, an AP will allow both client data services and monitoring of all channels simultaneously.

Note:

In Monitor mode , APs do not allow for client connectivity; they only monitor the IEEE 802.11 spectrum seeking rogue APs or clients and  reporting to the controller that acts as a wireless intrusion detection system (IDS). This mode is used for troubleshooting or site surveys.

In Rogue Detector mode, the AP radio is turned off, and the AP listens to wired traffic only. The controllers keep track of the rogue APs detected in the wireless space. The controllers send all the rogue AP and client MAC address lists to the rogue detector, and the rogue detector AP forwards this information to the other Cisco Wireless LAN Controllers (WLCs).

Sniffer mode is used to capture all data traveling on a given 802.11 channel. Sniffer mode is only used for the remote analysis of frames, for troubleshooting or baseline purposes.

(Reference: IUWNE Student Guide)

Here you will find answers to Drag and Drop Questions

Question 1

Match the interface description on the left with the appropriate interface on the right.

Answer:

+ AP Manager: Used for Layer 3 communications between the Cisco WLC and the lightweight access points

+ Dynamic: Designed to be analogous to VLANs for wireless LAN client device

+ Management: This interface is the only consistently “pingable” in-band interface IP address on the Cisco WLC

+ Service Port: The only port that is active when the controller is in boot mode

+ Virtual: Used to support mobility management, DHCP relay and guest web authentication

Explanation

A WLC has one or more AP Manager Interfaces that are used for all Layer 3 communications between the WLC and the lightweight access points after the access point discovers the controller. The AP Manager IP address is used as the tunnel source for LWAPP packets from the WLC to the access point, and as the destination for LWAPP packets from the access point to the WLC. The AP Manager must have a unique IP address. Usually this is configured on the same subnet as the Management interface, but this is not necessarily a requirement. An AP Manager IP address is not pingable from outside the WLC. The use of multiple AP Manager Interfaces is discussed in the Advanced Deployment Concepts Section.

Dynamic Interfaces are created by users and are designed to be analogous to VLANs for wireless LAN client device. The WLC will support up to 512 Dynamic Interface instances. Dynamic Interfaces must be configured on a unique (to the WLC) IP network and VLAN. Each Dynamic Interface acts as a DHCP relay for wireless clients associated to wireless LANs mapped to the interface.

The Management interface is the default interface for in-band management of the WLC and connectivity to enterprise services such as AAA servers. If the service port is in use, the management interface must be on a different subnet from the service port. The management interface is also used for layer 2 communications between the WLC and access points. The Management interface is the only consistently “pingable” in-band interface IP address on the WLC.

The Service-port Interface is statically mapped by the system only to the physical service port. The service port interface must have an IP address on a different subnet from the Management, AP Manager, and any dynamic interfaces. The service port can get an IP address via DHCP or it can be assigned a static IP address, but a default-gateway cannot be assigned to the Service-port interface. Static routes can be defined in the WLC for remote network access to the Service-port. The Service-port is typically reserved for out-of-band management in the event of a network failure. It is also the only port that is active when the controller is in boot mode. The physical service port is a copper 10/100 Ethernet port and is not capable of carrying 802.1Q tags so it must be connected to an access port on the neighbor switch.

The Virtual Interface is used to support mobility management, DHCP relay, and embedded layer 3 security like guest web authentication and VPN termination. The Virtual Interface must be configured with an unassigned and unused gateway IP address. A typical virtual interface is “1.1.1.1”. The Virtual Interface address will not be pingable and should not exist in any routing table in your network. If multiple WLCs are configured in a mobility group, the Virtual Interface IP address must be the same on all WLC devices to allow seamless roaming.

(Reference: http://www.cisco.com/en/US/docs/wireless/technology/controller/deployment/guide/dep.html)

Question 2 (notice: we haven’t had enough information about this question yet, but it is something like this)

Answer:

+ PEAP: Need Certificate on Authentication Server only

+ LEAP: Out of date

+ EAP-FAST: Need client credential

+ EAP-MD5: Need strong password

+ EAP-TLS: Need Certificate on both Server and Client

Explanation

* EAP-MD5: MD5-Challenge requires username/password, and is equivalent to the PPP CHAP protocol [RFC1994]. This method does not provide dictionary attack resistance, mutual authentication, or key derivation, and has therefore little use in a wireless authentication enviroment.

* Lightweight EAP (LEAP): A username/password combination is sent to a Authentication Server (RADIUS) for authentication. Leap is a proprietary protocol developed by Cisco, and is not considered secure. Cisco is phasing out LEAP in favor of PEAP.

* EAP-TLS: Creates a TLS session within EAP, between the Supplicant and the Authentication Server. Both the server and the client(s) need a valid (x509) certificate, and therefore a PKI. This method provides authentication both ways.

*EAP-FAST: Provides a way to ensure the same level of security as EAP-TLS, but without the need to manage certificates on the client or server side. To achieve this, the same AAA server on which the authentication will occur generates the client credential, called the Protected Access Credential (PAC).

* Protected EAP (PEAP): Uses, as EAP-TTLS, an encrypted TLS-tunnel. Supplicant certificates for both EAP-TTLS and EAP-PEAP are optional, but server (AS) certificates are required. Developed by Microsoft, Cisco, and RSA Security, and is currently an IETF draft.

Here you will find answers to Controllers and LWAPP Questions

Question 1

In the AP Layer 3 controller discovery process, after the LWAPP Discovery Request is broadcast on a local subnet, what is the next step that the AP takes?

A. Determine whether the controller responses are the primary controller.
B. Send an LWAPP discovery request to controllers learned via OTAP if operational.
C. Send an LWAPP response to the master controller if known.
D. Wait 5 seconds and resend a Discovery Request to the local subnet.

 

Answer: B

Question 2

A controller is connected to a Cisco IOS Catalyst switch. The following is the switch port configuration:

interface GigabitEthernet 1/0/10
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,20,30,50
switchport trunk native vlan 20
switchport mode trunk

Which controller CLI command assigns its management interface to the Cisco IOS Catalyst switch native vlan interface?

A. config interface vlan management 0
B. config interface vlan management 1
C. config interface vlan management 20
D. config interface vlan management 30
E. config interface vlan management 50

 

Answer: A

Question 3

Why does Cisco recommend using Tftpd32 version 3.0 or later when upgrading wireless LAN controller software to release 4.1 or later?

A. Tftpd32 is a component of CiscoWorks LMS
B. Tftpd32 supports TFTP file transfers larger than 32 MB
C. Tftpd32 is Cisco Compatible Extensions version 4 compliant
D. Tftpd32 supports EoIP tunneling which is required for remote Cisco WLC upgrades

 

Answer: B

Question 4

Which two statements best describe LWAPP? (Choose two)

A. Cisco proprietary
B. communication between the AP and client
C. communication between the AP and the WLC
D. Lightweight Access Point provisioning
E. used to encrypt control and data packets

 

Answer: A C

Question 5

Which two services are offered on Cisco Unified Wireless Networks running controller v5.0 but not offered on Cisco Mobility Express Solution using 526 controllers with v4.2 code? (Choose two)

A. Authentication using 802.1X
B. Guest access
C. GUI management
D. IDS/IPS
E. Location services
F. RRM
G. VoWLAN

 

Answer: D E

Question 6

A controller-based wireless solution can avoid interference by dynamically adjusting what two access point transmission characteristics? (Choose two)

A. operating RF channel
B. SSID names
C. transmit power levels
D. switch port parameters
E. antenna gain

Answer: A C

Explanation

A controller-based wireless solution can use RRM to perform these characteristics. RRM engine monitors the radio resources, performs dynamic channel assignments, provides detection and avoidance of interference, and provides the dynamic transmit power control (TPC).

Question 7

The office is currently operational using one 2106 WLAN controller with six 1131 APs and one 526 WLAN controller with three 521 APs. When the 526 loses power, the 521 APs do not establish a connection with the 2106 WLAN controller. What is the most likely cause of this problem?

A. The 2106 controller and 526 controller were not configured correctly using the sysname and MAC address for a mobility group.
B. The 2106 controller and 526 controller do not share the same mobility group name.
C. The 521 APs were not configured with the 2106 controller as the secondary controller.
D. The 2106 controller does not support the 521 APs.
E. The 2106 controller has no more AP capacity.

 

Answer: D

Explanation

The Cisco 521 AP cannot communicate with CUWN wireless LAN controllers. The Cisco 526 Controller communicates only with Cisco 521 Mobility

Question 8

Which CLI command would you use on the Cisco WLC to display detailed information for a client associated with a lightweight access point?

A. debug dot11
B. show arp switch
C. show client detailed
D. show exclusionlist

 

Answer: C

Explanation

Use the show client detail (or detailed) command to display detailed information for a client on a Cisco 1000 series lightweight access point.

Note: Use the show exclusionlist command to view clients on the exclusion list (blacklisted).

Question 9

What is the maximum number of lightweight APs that can be supported from a single Cisco WCS Navigator management console with Cisco WCS and Cisco WLC running v5.0 code?

A. 5,000
B. 10,000
C. 20,000
D. 25,000
E. 30,000
F. 35,000

 

Answer: E

Explanation

Cisco WCS Navigator runs on a server platform with an embedded database. It can support up to 20 Cisco WCS management platforms with manageability of up to 30,000 Cisco Aironet lightweight access points from a single management console.

(Reference: http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps7305/product_data_sheet0900aecd80633649.html)

Question 10

A lightweight AP has been deployed in local mode in a network consisting of 10 wireless LAN controllers in a single mobility group. The AP has been configured to use primary, secondary, and tertiary WLCs. Due to a major power failure, the AP’s primary, secondary, and tertiary Cisco WLCs are all unavailable. What will be the next step taken by the AP?

A. The AP will reboot and repeatedly attempt to join the configured primary, secondary, and tertiary Cisco WLCs in that order. The process will continue until one of the configured WLCs is again available.
B. The AP will attempt to join a Cisco WLC configured as a “Master Controller.”
C. The AP will attempt to join the Cisco WLC with the greatest amount of available capacity.
D. The AP state will transition to AP Fallback Mode and continue providing limited WLAN services (that is, no new client authentications) until a WLC is again available.

 

Answer: B

Explanation

Below lists the Access Point join order:

* The AP will associate first with its primary controller, assuming it has been primed.
* Upon failing with the primary, it will try to register with its secondary and then its tertiary.
* If there is no controller information primed in the AP, the AP will then look for a master controller.
* Finally, if there is no primed controller and no master controller, the AP will select the least loaded AP-Manager interface from all controllers that have responded to the discovery.

(Reference: IUWNE Student Guide)

Question 11

Which statement correctly describes the procedure for a lightweight AP to successfully establish a connection to a controller?

A. AP authenticates the received Cisco WLC certificate as valid.AP then sends its certificate to the controller.
B. AP sends its certificate to the controller. AP then authenticates the received Cisco WLC certificate as valid.
C. AP sends its certificate to the RADIUS server. AP then authenticates the controller certificate as valid.
D. AP sends its certificate to the RADIUS server. AP then authenticates the RADIUS certificate as valid.
E. AP authenticates the received RADIUS server certificate as valid. AP then sends its certificate to the RADIUS server.
F. AP authenticates the received RADIUS server certificate as valid. AP then sends its certificate to the controller.

 

Answer: B

Question 12

The corporate network locates all RADIUS servers at the centralized data center for authentication. The remote offices use access points operating in H-REAP mode using v5.0 code with various local and central switch WLANs. When a remote office has lost connectivity to the main corporate network due to a WAN outage, which two statements correctly describe the status of that remote office when H-REAP access points are operating in standalone mode? (Choose two)

A. All Cisco APs with 16 MB of RAM or more can operate as standalone H-REAP.
B. All clients will continue association until the respective authentication timers expire.
C. If configured, clients using WPA or WPA2 with PSK and locally switched WLANs will continue to operate.
D. If configured, locally switched WLANs will continue operation using the backup RADIUS server feature.
E. If configured, locally switched WLANs will continue operation using Local-EAP for EAP-LEAP and EAP-FAST for up to twenty users.
F. If configured, locally switched WLANs will continue operation using Local-EAP for EAP-LEAP, EAP-FAST, EAP-TLS, and EAP-PEAP for up to twenty users.

 

Answer: C E

Question 13

In which of the following modes can a LWAPP operate?

A. Layer 1 and Layer 3 LWAPP mode
B. Layer 1 and Layer 5 LWAPP mode
C. Layer 2 and Layer 3 LWAPP mode
D. Layer 3 and Layer 5 LWAPP mode

 

Answer: C

Explanation

LWAPP can operate in either Layer 2 LWAPP mode or Layer 3 LWAPP mode. The Layer 2 mode is considered out of date, and Cisco prefers and recommends Layer 3 mode. Layer 3 mode is the default LWAPP mode on most Cisco devices.

Question 14

Lightweight access points send control traffic to which device(s)?

A. Other access points.
B. The Wireless Control System.
C. The Wireless Controller.
D. Lightweight access points don’t send control traffic.

 

Answer: C

Explanation

In Cisco network the AP and the controller use Lightweight Access Point Protocol (LWAPP) to share information. In larger network environment, APs are often managed by a controller, which is the central point of configuration and intelligence. The AP has to send the frame to the Wireless Controller and the controller will decide what to do next.

Here you will find answers to Configuration and Monitoring Questions

Question 1

What is the result when client exclusion is enabled with a timeout value of zero?

A. Clients are excluded indefinitely.
B. Clients are never excluded.
C. Client exclusion is disabled.
D. Clients must be explicitly included by specifying the MAC address.
E. Exclusion and inclusion is determined by access list.

 

Answer: A

Explanation

The Client Exclusion is used to disable client machines. When turning this option on, you must set the Timeout Value in seconds for disabled client machines. Client machines are excluded by MAC address and their status can be observed. A timeout setting of 0 indicates that administrative control is required to re-enable the client.

Question 2

The central office is currently using a combination of 4400 and 2100 series WLAN controllers running v4.2 and a variety of LWAPP-enabled access points servicing both 2.4 GHz and 5 GHz. The WLAN deployment has been extended to each remote office by implementing a 526 WLAN controller running v4.1 and several 521 access points. Wireless client deployment uses EAP-TLS authentication using a centralized RADIUS server plus 802.11n for performance. After the first remote office deployment, remote office users complain that they are not connecting via 802.11n. What is the most likely cause of this problem?

A. The 526 WLAN controller does not support external authentication via RADIUS, prohibiting authentication.
B. The 521 AP does not support 5 GHz, which prohibits 802.11n.
C. The 521 AP and 526 WLAN controllers do not support AES, which prohibits 802.11n.
D. The 526 WLAN controller does not support 802.11n with v4.1 and must be upgraded to v4.2.
E. The 526 WLAN controller does not support 802.11n with either v4.1 or v4.2.

 

Answer: E

Question 3

Which statement about an infrastructure basic service set is true according to IEEE 802.11 specifications?

A. Also called an Ad Hoc Network.
B. The BSSID is generated from the first wireless client that starts up in the IBSS.
C. Enables the use of ESS.
D. No relaying of signals from one client to another client.

 

Answer: C

Explanation

The set-up formed by the access point and the stations located within its coverage area are called the basic service set (or infrastructure basic service set, or BSS for short). Each BSS forms one cell.

We can link several BSS’s together (it means we link access points) using a connection called a distribution system in order to form an extended service set or ESS. The distribution system can also be a wired network, a cable between two access points or even a wireless network.

Note: When a station moves from one access point to another in an ESS, it is called roaming.

Question 4

Which set of commands assigns a standalone access point an IP address of 10.0.0.24 with a 27-bit subnet mask and a gateway of 10.0.0.1?

A. config t
interface BVI1
ip address 10.0.0.24 255.255.255.192
exit
ip default-gateway 10.0.0.1

B. config t
interface BVI1
ip address 10.0.0.24 255.255.255.224
exit
ip default-gateway 10.0.0.1

C. config t
interface FastEthernet1
ip address 10.0.0.24 255.255.255.224
exit
ip default-gateway 10.0.0.1

D. config t
interface Dot11Radio0
ip address 10.0.0.24 255.255.255.224
exit
ip default-gateway 10.0.0.1

E. config t
interface FastEthernet1
ip address 10.0.0.24 255.255.255.192
exit
ip default-gateway 10.0.0.1
F. config t
interface Dot11Radio0
ip address 10.0.0.24 255.255.255.192
exit
ip default-gateway 10.0.0.1

 

Answer: B

Question 5

If you have the Cisco ADU installed but want to use the Windows Zero Config utility to configure a wireless network profile, what must you do first?

A. Define a common profile in both the Cisco ADU and WZC.
B. Define the wireless profile in the Wireless Networks tab in WZC.
C. In the WZC utility, make sure that the box labeled “Use Windows to configure my Wireless Network Settings” is checked.
D. Uninstall the Cisco ADU.

 

Answer: C

Question 6

Which CLI command would be used on a Cisco WLC to troubleshoot mobility, rogue detection, and load-balancing events?

A. debug dot11
B. debug lwapp
C. show dot11 details
D. showlwapp details

 

Answer: A

Explanation

The debug dot11 command helps you troubleshoot 802.11 parameters, such as these:

* Mobility
* Rogue detection
* Load balancing events

(Cisco Controller) > debug dot11 ?

all	Configures debug of all 802.11 messages.
load-balancing	Configures debug of 802.11 load balancing events.
locp	Configures debug of LOCP interface events.
management	Configures debug of 802.11 MAC management messages.
mobile	Configures debug of 802.11 mobile events.
rfid	Configures debug of 802.11 RFID tag module.
rldp	Configures debug of 802.11 Rogue Location Discovery.
rogue	Configures debug of 802.11 rogue events.
state	Configures debug of 802.11 mobile state transitions.

Note: Remember to use “terminal monitor” when running debugs on the AP from a Telnet session to see the result.

Question 7

The configuration of a wireless LAN controller as a RADIUS client is ensured by doing what?

A. adding the MAC address of the physical port of the controller into the trusted client table of the CiscoSecure RADIUS server
B. using an encrypted tunnel between the Cisco Secure RADIUS server and the controller
C. defining a RADIUS server secret at both the Cisco Secure RADIUS server and the controller
D. implementing an EAP exchange between the Cisco Secure RADIUS server and the controller

 

Answer: C

Question 8

A WLAN deployment will use a combination of Cisco Aironet AP 1240s and multiple Cisco 4404 Wireless LAN Controllers to provide wireless LAN access to end-users. The network administrator has decided to use DHCP Option 43 to enable the APs to discover the wireless LAN controllers. When configuring the DHCP scope, which format should be used for the Cisco WLC addresses?

A. a comma-separated ASCII string of Cisco WLC AP-manager addresses
B. a comma-separated ASCII string of Cisco WLC management addresses
C. a comma-separated ASCII string of Cisco WLC virtual IP addresses
D. a hexadecimal string of Cisco WLC AP-manager addresses
E. a hexadecimal string of Cisco WLC management addresses
F. a hexadecimal string of Cisco WLC virtual IP addresses

 

Answer: E

Question 9

The network administrator of a company makes some changes in monitor mode of the access point using a CLI session. This change affects the value of the channels that are monitored in the monitor mode. Which command has he run on the access point?

A. config advanced [802.11a | 802.11b} channel dca anchor-time value
B. config {802.11a | 802.11b} channel global auto
C. config advanced 802.11b monitor channel-list
D. config advanced {802.11a | 802.11b} channel dca interval value

 

Answer: C

Question 10

Which of the following defines the correct path to create an interface in the controller that ties to VLAN for GUESTNET users?

A. Interfaces > New
B. CONTROLLER > New interfaces
C. VLAN > Interface > New
D. CONTROLLER > Interfaces > New

 

Answer: D

Explanation

This is what you see when click into CONTROLLER > Interfaces > New

 

Question 11

Richard works as a network administrator for Fenco Auto Inc. The company has a wireless LAN network. All users are working on the Linux operating system. Which of the following is used to set the parameters of the network interface, which are specific to the wireless operation?

A. IPCONFIG
B. IWCONFIG
C. IFCONFIG
D. DB_CONFIG

 

Answer: B

Explanation

iwconfig is the command-line tool for Linux to work with WLANs. It is similar to the ifconfig that you would use to work with Ethernet interfaces.

Note: Linux has both command-line and GUI interface-type tools for working with WLANs. While IWCONFIG is the command-line tool, NetworkManager is the graphical user interface (GUI) tool that lets you create wireless pro-
files in Linux.

Here you will find answers to Wireless Security Questions

Question 1

Cisco Client Management Frame Protection is running on a mobility group with two controllers. Which two MFP requirements protect the network? (Choose two)

A. forces clients to authenticate, using a secure EAP method only
B. implements the validation of wireless management frames
C. requires CCXv5
D. requires the use of a non-broadcast SSID
E. requires CCXv4

 

Answer: B C

Explanation

In order to use client MFP, clients must support CCXv5 MFP and must negotiate WPA2 with either TKIP or AES-CCMP.

When management frame validation is enabled, the AP validates every management frame that it receives from other APs in the network. It ensures that the MIC IE is present (when the originator is configured to transmit MFP frames) and matches the content of the management frame. If it receives any frame that does not contain a valid MIC IE from a BSSID that belongs to an AP, which is configured to transmit MFP frames, it reports the discrepancy to the network management system.

(Reference: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008080dc8c.shtml)

Question 2

When creating a wireless profile in the Cisco ADU and you have selected the WPA/WPA2/CCKM radio button option, what other decision must you make and then configure on this same screen?

A. the address and the server secret of the authentication device you will authenticate with
B. the encryption type
C. the EAP type to be used for authentication
D. the length and value of the pre-shared key
E. the SSID of the wireless client

 

Answer: C

Explanation

The ADU profile manager feature enables you to create and manage up to 16 profiles (saved configurations) for your client adapter. These profiles enable you to use your client adapter in different locations, each of which requires different configuration settings. For example, you may want to set up profiles for using your client adapter at the office, at home, and in public areas such as airports. After the profiles are created, you can easily switch between them without having to reconfigure your client adapter each time you enter a new location.

When selecting the WPA/WPA2/CCKM radio button option you have to select the EAP type to be used for authentication too.

Question 3

What three authentication methods are generally used in enterprise wireless networks? (Choose three)

A. AE
B. CCKM
C. EAP-FAST
D. EAP-TLS
E. PEAP
F. WEP

 

Answer: C D E

Explanation

LEAP is fundamentally weak because it provides zero resistance to offline dictionary attacks. As LEAP began to gain a massive foothold on the enterprise market, a superior form of EAP called EAP-TLS (Transport Layer Security) was readily available and was completely password cracking resistant because it didn’t rely on user passwords. EAP-TLS relied on digital certificates on both the Server and the Client end to facilitate mutual authentication and secure key exchange. Unfortunately, the need for a PKI (Public Key Infrastructure) deployment on the server end and the installed user base was too great a barrier for many organizations.

To solve the need for a PKI, FunkSoftware created Tunneled Transport Layer Security (EAP-TTLS) to ease the deployment requirements by producing a standard that only required digital certificates on the authentication server end. Digital certificates were no longer needed for the client end which posed the biggest deployment barrier of all.

Similarly Microsoft, Cisco and RSA collaborated and created their own “lite”version of EAP-TLS called PEAP which in principal was the same as EAP-TTLS and also alleviated the need for client side certificates.

But many organizations don’t want to deploy a digital certificate on their authentication server because of the $300/year price tag of a publicly trusted digital certificate nor do they want to build their own Certificate Authority server or chain of servers. So many organizations still used LEAP which is very insecure.

Cisco has responded to the threat of LEAP hacking and the reluctance of most of their customers to adopt PKI-based PEAP with their so-called “PKI-free”protocol EAP-FAST.

(Reference: http://www.techrepublic.com/article/ultimate-wireless-security-guide-an-introduction-to-leap-authentication/6148551)

Question 4

A client is attached to the Cisco Unified Wireless network using controllers. When the client is using WPA2 and EAP authentication, where are the wireless encryption keys located during the active user session? (Choose two)

A. on the access point
B. on the RADIUS server
C. on the Cisco WCS
D. on the client
E. on the Cisco WLC

 

Answer: A D

Question 5

When choosing an EAP type for your Cisco ADU security profile, what must you ensure to authenticate successfully?

A. that the client and authentication server support the same encryption protocol
B. that the EAP type selected is known not to exchange any of its credentials in the clear
C. that the EAP type that you selected is supported by the authentication server
D. that the time set on the clocks for the wireless client and the authenticator are close to the same time
E. that WEP is not selected

 

Answer: C

Question 6

Which two attacks does Management Frame Protection help to mitigate? (Choose two)

A. Eavesdropping
B. Denial of Service
C. War Driving
D. Man-in-the-Middle

 

Answer: B D

 

Explanation

In 802.11, management frames such as authentication & de-authentication , association & dis-association , beacons, and probes are always unauthenticated and unencrypted. In other words, 802.11 management frames are always sent in an unsecured manner, unlike the data traffic, which are encrypted with protocols such as WPA, WPA2, or, at least, WEP, and so forth.

This allows an attacker to spoof a management frame from the AP to attack a client that is associated to an AP. With the spoofed management frames, an attacker can perform these actions:

* Run a Denial of Service (DOS) on the WLAN
* Attempt a Man in the Middle attack on the client when it reconnects
* Run an offline dictionary attack

Management Frame Protection overcomes these pitfalls when it authenticates 802.11 management frames exchanged in the wireless network infrastructure.

(Reference: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008080dc8c.shtml)

Question 7

What security benefit is enabled by using Management Frame Protection?

A. Provides encryption of administrator sessions between a wireless client and a wireless LAN
B. Protects the network infrastructure from denial-of-service attacks that attempt to flood the network with associations and probes.
C. Prevents the formation of client ad hoc networks within the RF coverage domain.
D. Detects network reconnaissance probes, like those used by tools like NetStumbler, that attempt to discover the wireless network topology.

 

Answer: B

Question 8

The Cisco Secure Services Client suite comprises which three elements? (Choose three)

A. Cisco Secure Services Client
B. Cisco Secure Services Client Administration Utilities
C. Cisco Secure Services Client Auditor
D. Cisco Secure Services Client Desktop Configurator
E. Cisco Secure Services Client Log Packager
F. Cisco Secure Services Client Manager

 

Answer: A B E

Explanation

The Cisco Secure Services Client (SSC) is client software that provides 802.1x (Layer 2) user and device authentication for access to both wired and wireless networks.

There are three pieces of SSC software:

* The SSC itself (Cisco Secure Services Client): Client software that provides 802.1x user and device authentication for access to both wired and wireless networks.
* The Cisco Secure Services Client Administration Utilities: Allow you to create complex profiles.
* The Cisco Secure Services Client Log Packager: Connects system information for support. An administrator would create profiles using the Cisco Secure Services Client Administration Utilities, which then generate an XML file that can be deployed network-wide to all the client machines.

(Reference: CCNA Wireless Official Exam Certification Guide)

Question 9

John works as a network administrator for Web Perfect Inc. The company has a wireless LAN network. John has configured shared key authentication on a client. The client and the AP start exchanging the frames to enable authentication. Which of the following vulnerabilities may occur while the client and the AP exchange the challenge text over the wireless link?

A. Land attack
B. Vulnerability attack
C. DoS attack
D. Man-in-the-middle attack

 

Answer: D

Explanation

Man-in-the-middle attack relies on spoofing a management frame to deauthenticate or disassociate the client. The Management Frame Protection (MFP) mechanism can be used to counteract them.

Question 10

Which software is designed for both wired and wireless profile management and can access to Cisco Enterprise networks?

A. ACS
B. SSC
C. CSA
D. SSL

 

Answer: B

Explanation

The Cisco SSC is client software that provides IEEE 802.1X (Layer 2) user and device authentication, for access to both wired and wireless networks. The Cisco SSC manages user and device identity, and the network access protocols required for secure access. It works intelligently to make it simple for employees and guests to connect to a Cisco wired or wireless network.

(Reference: IUWNE Student Guide)

Here you will find answers to Wireless Control System Questions

Question 1

Which command path correctly describes how to access the Cisco WCS 5.0 ability to troubleshoot clients?

A. Tools -> Clients -> select displayed client’s MAC address
B. Tools -> Clients -> enter client’s MAC address
C. Monitor -> Clients -> select displayed client’s MAC address
D. Monitor -> Clients -> enter client’s MAC address

 

Answer: D

Explanation

You can begin troubleshooting several ways: by entering a MAC addres sin the Client tab dashboard, by using the search function, or by clicking the Troubleshooting icon within the Client MAC Address column on the Monitor > Clients page.

Question 2

What information is required to add a Cisco WLC into the Cisco WCS?

A. IP address of AP manager interface
B. IP address of service port
C. IP address of management interface
D. IP address of virtual interface

 

Answer: C

Explanation

The management interface controls communications with network equipment for all physical ports in all cases. The management interface handles the AP communication. This is the only interface on the controller that reliably responds to pings when the controller is up and operational. It is the interface that the network admin uses to manage the box via Telnet, Secure Shell (SSH), web–HTTP, HTTPS, and so on.

Question 3

Using Cisco WCS v5.0, which configuration command option allows you to see a summary of all access points in the Cisco WCS database?

A. Configure -> Controllers
B. Configure -> Access Points
C. Configure ->Config Groups
D. Configure -> Chokepoints
E. Configure -> Database

 

Answer: B

Explanation

Choose Configure > Access Points to see a summary of all access points in the Cisco WCS database. The summary information includes the following:

* Ethernet MAC
* IP Address
* Radio
* Map Location
* AP Type
* Controller
* Operation Status
* Alarm Status
* Audit Status

Question 4

Which four file formats are used when importing a single campus map into the Cisco WCS 5.0? (Choose four)

A. .BMP
B. .GIF
C. .JPEG
D. .JPG
E. .PNG
F. .VSD
G. .MAP
H. .XML

 

Answer: B C D E

Explanation

Cisco WCS 5.0 supports popular image file types such as jpg, png, gif, bmp and AutoCAD files.

Question 5

How do the features that are available on the Cisco WCS for Linux version differ from those of the Cisco WCS for Windows version?

A. Assuming that there are no differences in hardware, a Cisco WCS for Linux can support up to 750 wireless LAN controllers. A Cisco WCS for Windows can support up to 250 wireless LAN controllers.
B. Cisco WCS for Windows includes support for Cisco Spectrum Expert clients. Cisco WCS for Linux does not support Cisco Spectrum Expert clients.
C. Cisco WCS for Linux is required for deployments.
D. There are no differences in features between the Linux and Windows versions of Cisco WCS.

 

Answer: D

Question 6

The existing Cisco Unified Wireless Controller is running v5.0 code for both the controllers and the Cisco WCS. A controller has been configured with an appropriate rogue rule condition to report discovered APs to the Cisco WCS. What default alarm level is used to display all rogue APs in the Alarm Summary?

A. Critical
B. Flash
C. Major
D. Minor
E. Urgent

 

Answer: D

Explanation

When Cisco WCS receives alarm messages from a controller, the Cisco WCS user interface displays an alarm indicator in the lower left corner. Alarms indicate the current fault or the state of an element which needs attention.

The default alarm level when a rogue AP is discovered is minor. If a rogue AP is detected to be connected to the enterprise network, the alarm will change the form from minor to critical.

There are four alarm levels, indicated by colors:
* Clear = no alarm
* Yellow  = minor alarm
* Orange = major alarm
* Red = critical alarm

Question 7

You work as a network administrator for Tech Perfect Inc. The company has a wireless network. You set up a Cisco 6100 series system controller in the network. After a short period, you find that the IP address assigned to the controller is unusable. Which of the following fields provides this information?

A. Rogue summary
B. Controller summary
C. Alarm summary
D. AP summary

 

Answer: C

Question 8

You are using maps in the WCS to design a wireless LAN network. You add a campus and two buildings to the map. Now you plan to add a new floor area to the first building. The floor types include cubes and walled offices, drywall office only, and outdoor open space. Which of the following do the floor types use to assist the WCS by adding these elements?

A. Electromagnetic interference
B. RF prediction
C. Site survey utility
D. RF modeling

 

Answer: D

Question 9

On which of the following web servers does WCS run?

A. Apache
B. Netscape enterprise
C. Boa
D. Zeus

 

Answer: A

Explanation

Cisco WCS is a web server, and uses Apache. It listens, by default, on ports 80 and 443 (HTTPS).

Here you will find answers to Troubleshooting Wireless Networks Questions

Question 1

What is the facility level of FTP Daemons?

A. 10
B. 11
C. 12
D. 15

 

Answer: B

Explanation

Syslog messages are broadly categorized on the basis of the sources that generate them. These sources can be the operating system, the process, or an application. These categories, called facility, are represented by integers. In other words, facility refers to the source of the message (such as a hardware device, a protocol, or a module of the system software).

The local use facilities are not reserved and are available for general use. Hence, the processes and applications that do not have pre-assigned facility values can choose any of the eight local use facilities. As such, Cisco devices use one of the local use facilities for sending syslog messages.

Question 2

Richard works as a network administrator for Fenco Auto Inc. The company has a wireless LAN network. Richard configures 802.11 authentications on all the clients present in the network. A client becomes active on the network and wants to pass traffic on the medium. Which of the following frames does the client use to search all access points in its radio range?

A. Authentication request frame
B. Association request frame
C. Probe request frame
D. Authentication response frame

 

Answer: C

Explanation

Probe request frame: A station sends a probe request frame when it needs to obtain information from another station. For example, a radio network interface cards (NIC) would send a probe request to determine which access points are within range.

Note:

Probe response frame: A station will respond with a probe response frame, containing capability information, supported data rates, etc., when after it receives a probe request frame.

Question 3

You work as a network consultant. Fenco Auto Inc. hires you to troubleshoot a communication problem and implement a functional wireless network. You check the network connection and all related issues. You find a reason why the clients do not communicate with each other, as they try to send data on the same channel at the same time. What is the best way to mitigate this problem?

A. Forces RTS/CTS control frames.
B. Remove the obstacles that are in the way
C. Reduce transmitted power of the signal.
D. Adjust the radio resources as needed.

 

Answer: A

Explanation

RTS/CTS (Request to Send / Clear to Send) is the optional mechanism used by the 802.11 wireless networking protocol to reduce frame collisions introduced by the hidden node problem.

The hidden node problem happens when two stations try to send on the same channel at the same time. If two stations are in the range of an AP but can not hear each other (because they are too far away or there is an obstacle between them), they both can start sending and the signals collide.

This is how the RTS/CTS works:

For example, station 1 has a frame to send; it initiates the process by sending an RTS frame. The RTS frame serves several purposes: in addition to reserving the radio link for transmission, it silences any stations that hear it. If the target station receives an RTS, it responds with a CTS. Like the RTS frame, the CTS frame silences stations in the immediate vicinity. Once the RTS/CTS exchange is complete, station 1 can transmit its frames without worry of interference from any hidden nodes. Hidden nodes beyond the range of the sending station are silenced by the CTS from the AP. When the RTS/CTS clearing procedure is used, any frames must be positively acknowledged.

The downsides of this method are that it slows down the network connection and that it usually sets, on a global level, for all clients in the cell.

Question 4

You work as a Network Administrator for Tech Perfect Inc. You have to implement a wireless LAN network for the company. After implementing the network, you check all the functions and find that most of its clients try to send data on the same channel at the same time. As a result, a collision occurs in the network and it affects the communication. What is the reason behind this problem?

A. The IP addresses of clients are in the same subnet.
B. The clients are not in range of one another.
C. The controller is not configured properly.
D. The access point cannot cover the required area.

 

Answer: B

Explanation

As explained at question 3, this phenomenon is called “the hidden node” problem.

Question 5

Richard works as a network administrator for Fenco Auto Inc. The company deploys a wireless LAN network but there is some problem due to the interference of signals. Which of the following tools should you use to determine signal strength, noise level, and potential sources of interference? Each answer represents a complete solution. (Choose three)

A. RSSI
B. Link Budget
C. EIRP
D. SNR

 

Answer: A B D

Explanation

RSSI is the signal strength indicator. It indicates how much power is received, usually expressed in dBm. RSSI usually a negative value, the closer to 0 the better.
SNR is signal strength relative to noise level. The higher the SNR, the better.

SNR and RSSI may be useful to detect a near/far issue or determine if the client RF conditions may be causing the issue.

The link budget determines how much power needs to be sent out of the transmitter for the receiver to get a signal that can be interpreted. It accounts for attenuation, antenna gain, and other miscellaneous losses that may occur -> it determines potential sources of interference.

Note:

Effective Isotropic Radiated Power (EIRP) determines how much energy was actually radiated from the antenna towards the main beam.

Question 6

Which two actions would you use to begin to troubleshoot an access point that fails to successfully join a wireless LAN controller? (Choose two)

A. SSH to the AP
B. SSH to the Cisco WCS
C. SSH to the Cisco WLC
D. Cisco WLC command: debuglwapp events enable
E. Cisco WLC command: showlwapp events

 

Answer: C D

Question 7

Which CLI command shows the controller configuration in a way that is similar to the way that it is displayed on Cisco IOS routers?

A. showconfig
B. show runconfig
C. show run-config
D. show runningconfig
E. show running-config

 

Answer: E

Here you will find answers to Miscellaneous Questions

Question 1

Which limitation applies to the use of the Cisco WLAN Solution Management over Wireless feature?

A. Controllers must be managed using only secure protocols (that is, SSH and HTTPS), not non secure protocols (that is, HTTP and Telnet).
B. Read-write access is not available; only read-only access is supported.
C. Uploads and downloads from the controller are not allowed.
D. Wireless clients can manage other controllers however not the same controller and AP to which the client is associated.

 

Answer: C

Question 2

What is the main advantage to using a short-range ZigBee communication device?

A. Low-power, long battery-life and secure networking
B. It will replace Bluetooth devices
C. The battery is smaller than other devices
D. Its almost as cheap as Bluetooth to operate

 

Answer: A

Explanation

The ZigBee website says: “ZigBee was created to address the market need for a cost-effective, standards-based wireless networking solution that supports low data-rates, low-power consumption, security, and reliability”.

The ZigBee data rate is low (20, 40, and 250 kb/s); compared to Bluetooth (which is up to 2.1 Mb/s).

Question 3

Study the exhibit carefully (click exhibit). You are deploying a site survey for a new implementation and see this information in Cisco Spectrum Expert. Which option is true?

Exhibit:

A. The capture shows radar. It is most probably military radar because of the frequency hopping in the “Swept Spectrogram.” The workaround is to disable DFS on the AP.
B. There is general background noise of -70dBm, which is not an issue at all for an 802.11b/g deployment.
C. The location of this capture is most likely near a kitchen, because it is clear that there is a microwave oven disrupting channel 1-13. There will be some packet loss while cooking, which is not a problem, because employees will not be working during lunch time.
D. This is a typical Bluetooth pattern. The source needs to be identified and eliminated because it will affect an 802.11b/g deployment.

 

Answer: D

Question 4

CDP is being used throughout the Wirelesstut.com network. What are two reasons why the network administrator would use CDP? (Choose two)

A. To determine the status of network services on a remote device
B. To obtain the IP Address of a connected device in order to telnet to the device
C. To verify the type of cable interconnecting two devices
D. To verify Layer 2 connectivity between two devices when Layer 3 fails
E. To obtain VLAN information from directly connected switches
F. To determine the status of the routing protocols between directly connected routers
G. To support automatic network failover during outages

 

Answer: B D

Question 5

CDP is running between two devices. What information is supplied by CDP? (Select three)

A. Device Identifiers
B. Capabilities list
C. Platform
D. Route identifier
E. Neighbor traffic data

 

Answer: A B C

Please share with us your experience after taking the CCNA Wireless 640-721 exam, your materials, the way you learned, your recommendations…

Your posts are warmly welcome!

Please don’t ask for links to download copyright materials here…