var quiz = {
questions : [
{
text : 'Your company is subject to regulations that require privacy for data sent over any network. Which of the following can help your WLAN meet that requirement?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. 802.1X/EAP-TLS',
'b. WPA TKIP',
'c. WPA2 AES-CCMP',
'd. All of the above'
],
answer : 3,
score : 1,
expandedAnswer : '
Both AES-CCMP and TKIP provide confidentiality by encrypting 802.11 data. Although 802.1X does not encrypt data, it does deliver the dynamic encryption keys used by AES-CCMP and TKIP. ',
moreInfo : ''
},
{
text : 'Your company has decided to ban wireless usage for now, and you have been assigned to develop a plan to enforce that policy at corporate headquarters and over 500 branch offices. Which of the following tools should you choose?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. Wireless intrusion prevention system',
'b. Wireless spectrum analyzer',
'c. Wireless network stumbler',
'd. All of the above'
],
answer : 0,
score : 1,
expandedAnswer : '
A spectrum analyzer helps to diagnose wireless interference with your WLAN, but you don\'t have a WLAN yet. While a stumbler can help you spot-check offices, looking for wireless APs, it cannot efficiently check over 500 offices or spot unauthorized wireless stations. You need an enterprise-class WIPS that can watch the air 24x7 at every office, providing a consolidated view of unauthorized wireless activity through a single console. You will also need a mobile WLAN analyzer for drill-down investigation. ',
moreInfo : ''
},
{
text : 'Your company uses RSA SecurID token authentication in its remote access VPN and would like to re-use those credentials on its WLAN. Which type of Extensible Authentication Protocol should you choose for use with 802.1X?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. EAP-TLS',
'b. PEAPv0',
'c. PEAPv1',
'd. EAP-SIM'
],
answer : 2,
score : 1,
expandedAnswer : '
EAP-TLS requires client certificates, EAP-SIM requires handset Subscriber Identity Modules and PEAPv0/EAP-MSCHAPv2 requires a password hash. Of these types, only PEAPv1/EAP-GTC provides support for generic token card authentication methods like SecurID.',
moreInfo : ''
},
{
text : 'Your corporate WLAN uses WEP encryption and 802.1X/LEAP authentication. Which of the following upgrades will provide the most security benefit?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. WPA-Personal',
'b. WPA-Enterprise with PEAP',
'c. WPA2-Enterprise with PEAP',
'd. WPA2-Enterprise with LEAP'
],
answer : 2,
score : 1,
expandedAnswer : '
WPA2 uses AES-CCMP to provide stronger, faster data protection than WPA. WPA-Enterprise uses 802.1X to provide more granular, robust access control and authentication than WPA-Personal. When using either WPA or WPA2-Enterprise, you must use at least one EAP Type. Protected EAP (PEAP) is a better choice than Lightweight EAP (LEAP) because PEAP is not vulnerable to dictionary attacks. ',
moreInfo : ''
},
{
text : 'You are responsible for creating wireless security guidelines for teleworkers. Which of the following WLAN security measures will you recommend?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. VLAN',
'b. VPN',
'c. MAC ACL',
'd. WEP'
],
answer : 1,
score : 1,
expandedAnswer : '
VPNs provide end-to-end security for corporate data sent by teleworkers, applying security policies that are usually under your control. What about the others? MAC Address Access Control Lists are easily spoofed. Teleworkers may still use them to avoid unintentional associations with neighbors, but this does nothing to protect corporate data. WEP is easily cracked. Teleworkers may still want to use WEP to deter neighbor eavesdropping on personal traffic, but WEP won\'t protect data sent over the Internet. VLANs are useful for traffic segregation inside corporate networks but are rarely used in residential networks.',
moreInfo : ''
},
{
text : 'You want to offer visitors wireless Internet access from your conference rooms. You know better than to drop a wireless AP onto your corporate LAN. What should you use to create a barrier between visitors and your wired LAN?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. Firewall demilitarized zone (DMZ)',
'b. VPN gateway',
'c. Network access controller',
'd. 802.1X on the visitor AP'
],
answer : 2,
score : 1,
expandedAnswer : '
A network access controller can offer Web-based captive portal authentication and apply policies that limit what visitors can send and destinations they can reach. A traditional firewall could be helpful but is less well-suited to perform these specific tasks. VPN gateways and 802.1X are poor choices because you have no control over visitor devices or software or configuration. ',
moreInfo : ''
},
{
text : 'Your company is deploying VoIP and would like to use VoWiFi phones for in-building voice communication between employees. If you could purchase VoWiFi handsets that supported 802.1X, which type of Extensible Authentication Protocol would best meet your VoIP user authentication needs?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. EAP-AKA',
'b. EAP-FAST',
'c. EAP-SIM',
'd. EAP-TLS'
],
answer : 1,
score : 1,
expandedAnswer : '
EAP-FAST caters to small footprint clients, like VoWiFi handsets, that would be noticeably slowed by the digital certificate signature verification used in EAP-TLS. EAP-SIM and EAP-AKA are designed to authenticate devices like smartphones that roam between commercial 802.11 hotspots and public carrier telephone networks. But, in this scenario, you want to provide in-building communication, on a privately-operated network. ',
moreInfo : ''
},
{
text : 'To reduce the risk of connecting to an evil twin AP, which of the following measures would you recommend adopting?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. Wireless intrusion prevention system',
'b. Managed wireless client configurations',
'c. 802.1X with mutual authentication',
'd. All of the above'
],
answer : 3,
score : 1,
expandedAnswer : '
A WIPS can automatically interfere with connections between authorized users and unknown rogue APs. Managing wireless client configurations can stop users from connecting to new, unprotected WLANs or changing security settings that require 802.1X or check server certificates. Using 802.1X with mutual authentication lets the client reject connections where the server does not present a trustworthy certificate. All of these steps can therefore reduce the risk posed by evil twin APs. ',
moreInfo : ''
},
{
text : 'You are responsible for trouble-shooting performance problems in an 802.11b/g network and have just received several alerts from your WIPS. Which of the following alerts suggests that there may be a configuration error?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. Radar interference detected',
'b. 802.11g AP not using protection',
'c. AP power save DTIM violation',
'd. Hidden station detected'
],
answer : 1,
score : 1,
expandedAnswer : '
In a mixed b/g network, 802.11g APs should be configured to use a protection mechanism to avoid collisions with 802.11b traffic. If you did not know this, you may have been able to learn what these WIPS alerts meant by examining the alert description and accompanying recommendation. ',
moreInfo : ''
},
{
text : 'You have decided to use VLANs to segregate wireless traffic. Which of the following standards should you look for in your AP and switch spec sheets?\n\n\n\n',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'a. 802.1AB',
'b. 802.1F',
'c. 802.1Q',
'd. 802.1V'
],
answer : 2,
score : 1,
expandedAnswer : '
IEEE 802.1Q is the standard that defines the operation of Virtual LAN (VLAN) bridges that permit the definition, operation and administration of Virtual LAN topologies within a bridged LAN infrastructure. ',
moreInfo : ''
}
]
};