New Year Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Given: An 802.1X/EAP implementation includes an Active Directory domain controller running Windows Server 2012 and an AP from a major vendor. A Linux server is running RADIUS and it queries the domain controller for user credentials. A Windows client is accessing the network.

What device functions as the EAP Supplicant?

A.

Linux server

B.

Windows client

C.

Access point

D.

Windows server

E.

An unlisted switch

F.

An unlisted WLAN controller

Given: ABC Company has recently installed a WLAN controller and configured it to support WPA2-Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering).

How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

A.

The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

B.

The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.

C.

The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.

D.

The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.

You have an AP implemented that functions only using 802.11-2012 standard methods for the WLAN communications on the RF side and implementing multiple SSIDs and profiles on the management side configured as follows:

1. SSID: Guest – VLAN 90 – Security: Open with captive portal authentication – 2 current clients

2. SSID: ABCData – VLAN 10 – Security: PEAPv0/EAP-MSCHAPv2 with AES-CCMP – 5 current clients

3. SSID: ABCVoice – VLAN 60 – Security: WPA2-Personal – 2 current clients

Two client STAs are connected to ABCData and can access a media server that requires authentication at the Application Layer and is used to stream multicast video streams to the clients.

What client stations possess the keys that are necessary to decrypt the multicast data packets carrying these videos?

A.

Only the members of the executive team that are part of the multicast group configured on the media server

B.

All clients that are associated to the AP using the ABCData SSID

C.

All clients that are associated to the AP using any SSID

D.

All clients that are associated to the AP with a shared GTK, which includes ABCData and ABCVoice.

Given: ABC Company secures their network with WPA2-Personal authentication and AES-CCMP encryption.

What part of the 802.11 frame is always protected from eavesdroppers by this type of security?

A.

All MSDU contents

B.

All MPDU contents

C.

All PPDU contents

D.

All PSDU contents

In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce? (Choose 2)

A.

They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.

B.

The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).

C.

They are added together and used as the GMK, from which the GTK is derived.

D.

They are input values used in the derivation of the Pairwise Transient Key.

E.

They allow the participating STAs to create dynamic keys while avoiding sending unicast encryption keys across the wireless medium.

When using the 802.1X/EAP framework for authentication in 802.11 WLANs, why is the 802.1X Controlled Port still blocked after the 802.1X/EAP framework has completed successfully?

A.

The 802.1X Controlled Port is always blocked, but the Uncontrolled Port opens after the EAP authentication process completes.

B.

The 802.1X Controlled Port remains blocked until an IP address is requested and accepted by the Supplicant.

C.

The 4-Way Handshake must be performed before the 802.1X Controlled Port changes to the unblocked state.

D.

The 802.1X Controlled Port is blocked until Vender Specific Attributes (VSAs) are exchanged inside a RADIUS packet between the Authenticator and Authentication Server.

You must support a TSN as you have older wireless equipment that will not support the required processing of AES encryption. Which one of the following technologies will you use on the network so that a TSN can be implemented that would not be required in a network compliant with 802.11-2012 non-deprecated technologies?

A.

WEP

B.

RC4

C.

CCMP

D.

WPA2

You are using a utility that takes input and generates random output. For example, you can provide the input of a known word as a secret word and then also provide another known word as salt input. When you process the input it generates a secret code which is a combination of letters and numbers with case sensitivity. For what is the described utility used? (Choose 3)

A.

Generating passwords for WLAN infrastructure equipment logins

B.

Generating PMKs that can be imported into 802.11 RSN-compatible devices

C.

Generating secret keys for RADIUS servers and WLAN infrastructure devices

D.

Generating passphrases for WLAN systems secured with WPA2-Personal

E.

Generating dynamic session keys used for IPSec VPNs

You are implementing a wireless LAN that will be used by point-of-sale (PoS) systems in a retail environment. Thirteen PoS computers will be installed. To what industry requirement should you ensure you adhere?

A.

ISA99

B.

HIPAA

C.

PCI-DSS

D.

Directive 8500.01

The following numbered items show some of the contents of each of the four frames exchanged during the 4-way handshake:

1. Encrypted GTK sent

2. Confirmation of temporal key installation

3. Anonce sent from authenticator to supplicant

4. Snonce sent from supplicant to authenticator, MIC included

Arrange the frames in the correct sequence beginning with the start of the 4-way handshake.

A.

2, 3, 4, 1

B.

1, 2, 3, 4

C.

4, 3, 1, 2

D.

3, 4, 1, 2