UNIT 5 - 8 Marks Questions

1. List and define types of wireless networks.

Ans:
Wireless networks are based on the Institute of Electrical and Electronics Engineers (IEEE)
standards and can be classified broadly into four main types: WPAN, WLAN, WMAN, and
WWAN.

Wireless Personal-Area Networks (WPAN) - Uses low powered transmitters for a short-
range network, usually 20 to 30 ft. (6 to 9 meters). Bluetooth and ZigBee based devices are
commonly used in WPANs. WPANs are based on the 802.15 standard and a 2.4-GHz radio
frequency.

Wireless LANs (WLAN) - Uses transmitters to cover a medium-sized network, usually up

to 300 feet. WLANs are suitable for use in a home, office, and even a campus environment.
WLANs are based on the 802.11 standard and a 2.4-GHz or 5-GHz radio frequency.

Wireless MANs (WMAN) - Uses transmitters to provide wireless service over a larger
geographic area. WMANs are suitable for providing wireless access to a metropolitan city
or specific district. Wireless Metropolitan Area Network (WMAN) technology based on
the IEEE 802.16 set of standards. It is deployed in a variety of spectrum bands: 2.3GHz,
2.5GHz, 3.5GHz, and 5.8GHz.

Wireless Wide-Area Networks (WWANs) - Uses transmitters to provide coverage over

an extensive geographic area. WWANs are suitable for national and global
communications. WWANs also use specific licensed frequencies.

2. Based on the distance coverage, what are the various types of wireless networks
available?
Ans:
Same as above

3. List the various IEEE 802.11 WLAN standards with description.

Ans:
Various implementations of the IEEE 802.11 standard have been developed over the years.
They are
IEEE WLAN Radio Description
Standard Frequency
802.11 2.4 GHz speeds of up to 2 Mbps
802.11a 5 GHz speeds of up to 54 Mbps
small coverage area
less effective at penetrating building structures
not interoperable with the 802.11b and 802.11g
802.11b 2.4 GHz speeds of up to 11 Mbps
longer range than 802.11a
better able to penetrate building structures
802.11g 2.4 GHz speeds of up to 54 Mbps

Compiled by KVS
 backward compatible with 802.11b with reduced bandwidth
capacity
802.11n 2.4 GHz 5 data rates range from 150 Mbps to 600 Mbps with a distance
GHz range of up to 70 m (230 feet)
APs and wireless clients require multiple antennas using
MIMO technology
backward compatible with 802.11a/b/g devices with limiting
data rates
802.11ac 5 GHz provides data rates ranging from 450 Mbps to 1.3 Gbps (1300
Mbps) using MIMO technology
Up to eight antennas can be supported
backwards compatible with 802.11a/n devices with limiting
data rates
802.11ax 2.4 GHz 5 latest standard released in 2019
GHz also known as Wi-Fi 6 or High-Efficiency Wireless (HEW)
provides improved power efficiency, higher data rates,
increased capacity, and handles many connected devices
currently operates using 2.4 GHz and 5 GHz but will use 1
GHz and 7 GHz when those frequencies become available
Search the internet for Wi-Fi Generation 6 for more
information

4. Give the list of different 802.11 wireless LAN standards along with their data rates.
Ans:
Same as above

5. Explain autonomous and controller-based access points with the help of a neat
diagram.
Ans:

Autonomous Aps:

Compiled by KVS
 These are standalone devices configured using a command line interface or a GUI, as
shown in the figure. Autonomous APs are useful in situations where only a couple of APs
are required in the organization. A home router is an example of an autonomous AP because
the entire AP configuration resides on the device. If the wireless demands increase, more
APs would be required. Each AP would operate independent of other APs and each AP
would require manual configuration and management. This would become overwhelming
if many APs were needed.

Controller-based APs

These devices require no initial configuration and are often called lightweight APs (LAPs).
LAPs use the Lightweight Access Point Protocol (LWAPP) to communicate with a WLAN
controller (WLC), as shown in the next figure. Controller-based APs are useful in situations
where many APs are required in the network. As more APs are added, each AP is
automatically configured and managed by the WLC.

Notice in the figure that the WLC has four ports connected to the switching infrastructure.
These four ports are configured as a link aggregation group (LAG) to bundle them together.
Much like how EtherChannel operates, LAG provides redundancy and load-balancing. All
the ports on the switch that are connected to the WLC need to be trunking and configured
with EtherChannel on. However, LAG does not operate exactly like EtherChannel. The
WLC does not support Port Aggregation Protocol (PaGP) or Link Aggregation Control
Protocol (LACP).

6. Write about autonomous and controller-based access points.

Ans:
Same as above

7. Explain about BSS and ESS in wireless networks.

Ans:

Compiled by KVS
 Infrastructure mode defines two topology building blocks: A Basic Service Set (BSS) and
an Extended Service Set (ESS).

Basic Service Set

A BSS consists of a single AP interconnecting all associated wireless clients. Two BSSs
are shown in the figure. The circles depict the coverage area for the BSS, which is called
the Basic Service Area (BSA). If a wireless client moves out of its BSA, it can no longer
directly communicate with other wireless clients within the BSA.

The Layer 2 MAC address of the AP is used to uniquely identify each BSS, which is called
the Basic Service Set Identifier (BSSID). Therefore, the BSSID is the formal name of the
BSS and is always associated with only one AP.

Extended Service Set

Compiled by KVS
 When a single BSS provides insufficient coverage, two or more BSSs can be joined through
a common distribution system (DS) into an ESS. An ESS is the union of two or more BSSs
interconnected by a wired DS. Each ESS is identified by a SSID and each BSS is identified
by its BSSID.

Wireless clients in one BSA can now communicate with wireless clients in another BSA
within the same ESS. Roaming mobile wireless clients may move from one BSA to another
(within the same ESS) and seamlessly connect.

The rectangular area in the figure depicts the coverage area within which members of an
ESS may communicate. This area is called the Extended Service Area (ESA).

8. Discuss about BSS and ESS in wireless networks with a neat diagram.
Ans:
Same as above
9. Explain the CSMA/CA protocol.
Ans:
WLANs are half-duplex, shared media configurations. Half-duplex means that only one
client can transmit or receive at any given moment. Shared media means that wireless
clients can all transmit and receive on the same radio channel. This creates a problem
because a wireless client cannot hear while it is sending, which makes it impossible to
detect a collision.

To resolve this problem, WLANs use carrier sense multiple access with collision avoidance
(CSMA/CA) as the method to determine how and when to send data on the network. A
wireless client does the following:

1. Listens to the channel to see if it is idle, which means that is senses no other traffic
is currently on the channel. The channel is also called the carrier.
2. Sends a request to send (RTS) message to the AP to request dedicated access to the
network.
3. Receives a clear to send (CTS) message from the AP granting access to send.
4. If the wireless client does not receive a CTS message, it waits a random amount of
time before restarting the process.
5. After it receives the CTS, it transmits the data.
6. All transmissions are acknowledged. If a wireless client does not receive an
acknowledgment, it assumes a collision occurred and restarts the process.

10. Differentiate between the CSMA/CD and CSMA/CA protocols.

Ans:
Key CSMA/CA CSMA/CD
Effectiveness CSMA/CA is effective before a CSMA/CD is effective after a collision.
collision.
Network CSMA/CA is generally used in CSMA/CD is generally used in wired
Type wireless networks. networks.

Compiled by KVS
 Recovery CSMA/CA minimizes the risk CSMA/CD reduces the recovery time.
Time of collision.
Conflict CSMA/CA initially transmits CSMA/CD resends the data frame in
Management the intent to send the data. case a conflict occurs during
Once an acknowledgment is transmission.
received, the sender sends the
data.
IEEE CSMA/CA is part of the IEEE CSMA/CD is part of the IEEE 802.3
Standards 802.11 standard. standard.
Efficiency CSMA/CA is similar in CSMA/CD is more efficient than
efficiency as CSMA. CSMA.
Recovery It reduces the possibility of a It cuts down the recovery time
time collision.

11. Explain about passive and active discover modes in access points.
Ans:
Wireless devices must discover and connect to an AP or wireless router. Wireless clients
connect to the AP using a scanning (probing) process. This process can be passive or active.

Passive Mode:
In passive mode, the AP openly advertises its service by periodically sending broadcast
beacon frames containing the Service Set IDentifier (SSID), supported standards, and
security settings. The primary purpose of the beacon is to allow wireless clients to learn
which networks and APs are available in a given area. This allows the wireless clients to
choose which network and AP to use.

Active Mode:
In active mode, wireless clients must know the name of the SSID. The wireless client
initiates the process by broadcasting a probe request frame on multiple channels. The probe
request includes the SSID name and standards supported. APs configured with the SSID
will send a probe response that includes the SSID, supported standards, and security

Compiled by KVS
 settings. Active mode may be required if an AP or wireless router is configured to not
broadcast beacon frames.

12. List and describe the discover modes in wireless access points.
Ans:
Same as above

13. How is an association established between a wireless client and the Access Point? To
achieve successful association, a wireless client and an AP must agree on specific
parameters, what are they?
Ans:
For wireless devices to communicate over a network, they must first associate with an AP
or wireless router.
Wireless devices complete the following three stage process:
1. Discover a wireless AP
2. Authenticate with the AP
3. Associate with the AP

To achieve successful association, a wireless client and an AP must agree on specific

parameters. They are:
• SSID – The client needs to know the name of the network to connect.

Compiled by KVS
 • Password – This is required for the client to authenticate to the AP.
• Network mode – The 802.11 standard in use.
• Security mode – The security parameter settings, i.e. WEP, WPA, or WPA2.
• Channel settings – The frequency bands in use.

14. Define FlexConnect AP. Describe the two modes of operation for the FlexConnect AP.
Ans:

FlexConnect enables the configuration and control of APs over a WAN link.

There are two modes of option for the FlexConnect AP:

Connected mode – The WLC is reachable. The FlexConnect AP has CAPWAP
connectivity with the WLC through the CAPWAP tunnel. The WLC performs all
CAPWAP functions.

Standalone mode – The WLC is unreachable. The FlexConnect AP has lost CAPWAP
connectivity with the WLC. The FlexConnect AP can assume some of the WLC functions
such as switching client data traffic locally and performing client authentication locally.

15. Discuss about CAPWAP and clearly identify the AP MAC functions and WLC MAC
functions.
Ans:
• Control and Provisioning of Wireless Access Points (CAPWAP) is an IEEE
standard protocol that enables a WLC to manage multiple APs and WLANs.
• Based on Light Weight Access Point Protocol (LWAPP) but adds additional
security with Datagram Transport Layer Security (DLTS).
• Encapsulates and forwards WLAN client traffic between an AP and a WLC over
tunnels using UDP ports 5246 and 5247.
• Operates over both IPv4 and IPv6. IPv4 uses IP protocol 17 and IPv6 uses IP
protocol 136.

Compiled by KVS
 The CAPWAP split MAC concept does all the functions normally performed by
individual APs and distributes them between two functional components:
• AP MAC Functions
• WLC MAC Functions
AP MAC Functions WLC MAC Functions
Beacons and probe responses Authentication
Packet acknowledgements and Association and re-association of roaming
retransmissions clients
Frame queueing and packet Frame translation to other protocols
prioritization
MAC layer data encryption and Termination of 802.11 traffic on a wired
decryption interface

16. Explain about DTLS encryption in CAPWAP.

Ans:

• Datagram Transport Layer Security (DTLS) provides security between the AP and
the WLC.

Compiled by KVS
 • It is enabled by default to secure the Control and Provisioning of Wireless Access
Points (CAPWAP) control channel and encrypt all management and control traffic
between AP and WLC.
• Data encryption is disabled by default and requires a DTLS license to be installed
on the WLC before it can be enabled on the AP.

4 Marks Questions
1. List and state the purpose of wireless standard organizations.
Ans:
Three International organizations influencing WLAN standards. They are:

International Telecommunication Union (ITU)

– Regulates the allocation of radio spectrum and satellite orbits.

Institute of Electrical and Electronics Engineers (IEEE)

– Specifies how a radio frequency is modulated to carry information. Maintains the
standards for local and metropolitan area networks (MAN) with the IEEE 802
LAN/MAN family of standards.

Wi-Fi Alliance
– Promotes the growth and acceptance of WLANs. It is an association of vendors
whose objective is to improve the interoperability of products that are based on the
802.11 standard

Purpose of Wireless Standard Organizations:

– Their main purpose is to ensure interoperability between devices that are made by
different manufacturers with making proper standards.

2. State the wireless standard organizations along with its purpose.

Ans:
Same as above

3. Identify the typical functionalities of a home wireless router.

Ans:
A home user typically interconnects wireless devices using a small, wireless router.
Wireless routers serve as the following:
– Access point – To provide wires access
– Switch – To interconnect wired devices
– Router - To provide a default gateway to other networks and the Internet

4. What are the functions of a home wireless router?

Ans:
Same as above
5. What are the types of external antennas used in wireless routers?
Ans:

Compiled by KVS
 Omnidirectional
– Provide 360-degree coverage. Ideal in houses and office areas.
Directional
– Focus the radio signal in a specific direction. Examples are the Yagi-Uda and
parabolic dish.
Multiple Input Multiple Output (MIMO)
– Uses multiple antennas (Up to eight) to increase bandwidth.

6. Differentiate adhoc and infrastructure mode access points.

Ans:
Sno. Adhoc mode Access Points Infrastructure mode Access Points
1. Used to connect clients in peer-to- Used to connect clients to the network
peer manner without an AP. using an AP.
2. Ex: Examples include wireless Ex: APs connect to the network
clients connecting directly to each infrastructure using the wired distribution
other using Bluetooth or Wi-Fi system, such as Ethernet.
Direct.
3. The IEEE 802.11 standard refers to More widely used.
an ad hoc network as an independent Generally used at airport lounge, hotel
basic service set (IBSS). lobby, railway station etc.
Generally used in the Military arena
(for sharing information among
soldiers),local area networks for
communication among a fixed
group of people etc.
4. Communication can be possible Communication can be possible between
only connected peers all the nodes which are managed by
Access Point.

7. Draw the structure of IEEE 802.11 frame format.

Ans:

Compiled by KVS
 The 802.11 frame format is similar to the Ethernet frame format, except that it contains
more fields.
All 802.11 wireless frames contain the following fields:
Frame Control - This identifies the type of wireless frame and contains subfields for
protocol version, frame type, address type, power management, and security settings.
Duration - This is typically used to indicate the remaining duration needed to receive the
next frame transmission.
From a wireless device:
• Address 1 Receiver Address - MAC address of the AP.
• Address 2 Transmitter Address - MAC address of the sender.
• Address 3 SA/DA/BSSID - MAC address of the destination which could be a
wireless device or wired device.
From the AP:
• Address 1 Receiver Address - MAC address of the sender.
• Address 2 Transmitter Address - MAC address of the AP.
• Address 3 SA/DA/BSSID - MAC address of the wireless destination.
• Sequence Control - This contains information to control sequencing and
fragmented frames.
• Address4 - This usually missing because it is used only in ad hoc mode.
• Payload - This contains the data for transmission.
• FCS - This is used for Layer 2 error control.

8. Show the format of IEEE 802.11 frame.

Ans:
Same as above

9. On what factors does the number of users supported by a WLAN depends on?
Ans:
The number of users supported by a WLAN depends on the following:
• The geographical layout of the facility
• The number of bodies and devices that can fit in a space
• The data rates users expect
• The use of non-overlapping channels by multiple APs and transmit power settings
When planning the location of APs, the approximate circular coverage area is important.

10. With the help of a diagram, show an example for non-overlapping channels in wireless
frequencies.
Ans:
A best practice for WLANs requiring multiple APs is to use non-overlapping channels. For
example, the 802.11b/g/n standards operate in the 2.4 GHz to 2.5 GHz spectrum. The 2.4
GHz band is subdivided into multiple channels. Each channel is allotted 22 MHz bandwidth
and is separated from the next channel by 5 MHz. The 802.11b standard identifies 11
channels for North America, as shown in the figure (13 in Europe and 14 in Japan).

Compiled by KVS
 Interference occurs when one signal overlaps a channel reserved for another signal,
causing possible distortion. The best practice for 2.4 GHz WLANs that require multiple
APs is to use non-overlapping channels, although most modern APs will do this
automatically. If there are three adjacent APs, use channels 1, 6, and 11, as shown in
the figure.

The figure shows three APs using channels 1, 6, and 11.

2.4 GHz Non-Overlapping Channels for 802.11b/g/n

11. Define channel saturation. Which modulation techniques can help to mitigate channel
saturation?
Ans:
If the demand for a specific wireless channel is too high, the channel may become
oversaturated, degrading the quality of the communication.

Channel saturation can be mitigated using techniques that use the channels more efficiently.
• Direct-Sequence Spread Spectrum (DSSS) - A modulation technique designed to
spread a signal over a larger frequency band. Used by 802.11b devices to avoid
interference from other devices using the same 2.4 GHz frequency.
• Frequency-Hopping Spread Spectrum (FHSS) - Transmits radio signals by
rapidly switching a carrier signal among many frequency channels. Sender and
receiver must be synchronized to “know” which channel to jump to. Used by the
original 802.11 standard.

Compiled by KVS
 • Orthogonal Frequency-Division Multiplexing (OFDM) - A subset of frequency
division multiplexing in which a single channel uses multiple sub-channels on
adjacent frequencies. OFDM is used by a number of communication systems
including 802.11a/g/n/ac.

12. Define channel saturation and suggest mitigation techniques.

Ans:
Same as above

13. List various wireless security threats.

Ans:
A WLAN is open to anyone within range of an AP and the appropriate credentials to
associate to it.
Attacks can be generated by outsiders, disgruntled employees, and even unintentionally by
employees. Wireless networks are specifically susceptible to several threats, including the
following:
• Interception of data
• Wireless intruders
• Denial of Service (DoS) Attacks
• Rogue APs

14. What are the four major types of wireless threats?

Ans:
A WLAN is open to anyone within range of an AP and the appropriate credentials to
associate to it.
Attacks can be generated by outsiders, disgruntled employees, and even unintentionally by
employees. Wireless networks are specifically susceptible to several threats, including the
following:
• Interception of data
• Wireless intruders
• Denial of Service (DoS) Attacks
• Rogue Access Points.

Or
Wireless networks are susceptible to various security threats, and the four major types of
wireless threats are:
1. Interception of Data: Wireless communications can be intercepted by unauthorized
individuals using techniques like eavesdropping. This means that sensitive data
transmitted over the wireless network, such as login credentials or confidential files,
can be captured by malicious actors.
2. Wireless Intruders: Unauthorized users may gain access to the wireless network,
either by cracking encryption keys or exploiting vulnerabilities. Once inside, they can
snoop on network traffic, launch attacks, or compromise the security of the network.
3. Denial of Service (DoS) Attacks: Attackers can flood a wireless network with an
overwhelming amount of traffic, rendering it unusable for legitimate users. This
disrupts network operations and can lead to significant downtime.

Compiled by KVS
 4. Rogue Access Points: Unauthorized access points (APs) set up by employees or
malicious actors can pose a threat to network security. These rogue APs may have weak
or no security measures, creating an entry point for attackers.

15. Identify the causes of wireless DoS attacks.

Ans:
Wireless DoS attacks can be the result of the following:
• Improperly configured devices - Configuration errors can disable the WLAN. For
instance, an administrator could accidently alter a configuration and disable the
network, or an intruder with administrator privileges could intentionally disable a
WLAN.
• A malicious user intentionally interfering with the wireless communication -
Their goal is to disable the wireless network completely or to the point where no
legitimate device can access the medium.
• Accidental interference - WLANs are prone to interference from other wireless
devices including microwave ovens, cordless phones, baby monitors, and more. The
2.4 GHz band is more prone to interference than the 5 GHz band.

16. Define wireless DoS attacks and how can you mitigate it.
Ans:
The attacks which are directed at disabling the service (making the target not available) or
degrading its performance (lowering the availability) lands under the umbrella of Denial of
Service (DoS) attacks.

DoS Attack mitigation Methods:

To minimize the risk of a DoS attack due to improperly configured devices and malicious
attacks, harden all devices, keep passwords secure, create backups, and ensure that all
configuration changes are incorporated off-hours.

Monitor the WLAN for any accidental interference problems and address them as they
appear. Because the 2.4 GHz band is used by other devices types, the 5 GHz should be used
in areas prone to interference.

2 Marks Questions
1. Identify the benefits of WLAN.
Ans:
Benefits of WLAN ate:
• A Wireless LAN (WLAN) is a type of wireless network that is commonly used in
homes, offices, and campus environments.
• WLANs make mobility possible within the home and business environments.
• WLAN are often useful in disasters situation e.g. earthquake and fire. A wireless
network can connect people in any disaster
• Wireless infrastructures adapt to rapidly changing needs and technologies.
• It’s a reliable sort of communication.
• As WLAN reduces physical wires so it’s a versatile way of communication.

Compiled by KVS
 • WLAN also reduces the value of ownership.

2. List the benefits of Wireless LAN.

Ans:
Same as above

3. What is the advantage of Tethering?

Ans:
Advantage of tethering:
• A smart phone or tablet with cellular data access is enabled to create a personal
hotspot. This feature is sometimes referred to as tethering.
• It is a quick solution to enables a smart phone to provide the wireless services of a
Wi-Fi router. Other devices can associate and authenticate with the smart phone to
use the internet connection.

4. Define rogue access points? What is the threat from it?

Ans:
A rogue AP is an AP or wireless router that has been connected to a corporate network
without explicit authorization and against corporate policy.
Threat with rouge AP:
• Once connected, the rogue AP can be used by an attacker to capture MAC
addresses, capture data packets, gain access to network resources, or launch a man-
in-the-middle attack.
• A personal network hotspot could also be used as a rogue AP.
- For example, a user with secure network access enables their authorized
Windows host to become a Wi-Fi AP.

5. Define MITM attack. How is it possible in wireless networks?

Ans:
In a man-in-the-middle (MITM) attack, the hacker is positioned in between two legitimate
entities in order to read or modify the data that passes between the two parties.

There are many ways in which to create a MITM attack.

A popular wireless MITM attack is called the “evil twin AP” attack, where an attacker
introduces a rogue AP and configures it with the same SSID as a legitimate AP. Locations
offering free Wi-Fi, such as airports, cafes, and restaurants, are particularly popular spots
for this type of attack due to the open authentication.

6. How can you mitigate MITM attack in wireless networks?

Ans:
We can mitigate a MITM attack, which depends on the sophistication of the WLAN
infrastructure and the vigilance in monitoring activity on the network. The process begins
with identifying legitimate devices on the WLAN. To do this, users must be authenticated.
After all of the legitimate devices are known, the network can be monitored for abnormal
devices or traffic.

Compiled by KVS
7. Where is SSID Cloaking used?
Ans:
It is used to address the threats of keeping wireless intruders out and protecting data.
Many organizations use SSID cloaking as a mechanism to add a layer of security to the
WLAN. This technique requires that all users have knowledge of the SSID to connect to
the wireless network.
SSID Cloaking:
• APs and some wireless routers allow the SSID beacon frame to be disabled.
• Wireless clients must be manually configured with the SSID to connect to the
network.

8. State the purpose of MAC address filtering in wireless networks.

Ans:
MAC address filtering allows you to define a list of devices and only allow those devices
on your Wi-Fi network. But this is tedious job for an administrator.

9. Identify the two types of authentication in the original 802.11 standard.

Ans:
Two types of authentication were introduced with the original 802.11 standard:
1. Open System Authentication:
• No password is required for authentication.
• Typically used in public Wi-Fi hotspots like cafes, airports, and hotels where
access is open to anyone.
• Security measures, such as VPNs, are the responsibility of the client to ensure
secure data transmission.
2. Shared Key Authentication:
• Provides mechanisms for authentication and data encryption between a wireless
client and an Access Point (AP).
• Requires a pre-shared password (key) between both the client and the AP to
establish a connection.
• Security protocols like WEP (Wired Equivalent Privacy), WPA (Wi-Fi
Protected Access), WPA2, and WPA3 can be used to enhance security in shared
key authentication.

10. Differentiate WEP and WPA.

Ans:
S.No. WEP WPA
01. WEP stands for Wired Equivalent WPA stands for Wi-Fi Protected
Privacy. Access.
02. It is a security protocol for wireless It is a security protocol which is used in
networks which provides data securing wireless networks and designed
confidentiality comparable to a to replace the WEP protocol.
traditional wired network.

Compiled by KVS
 03. It provides wireless security
through the use of an encryption
key.
04. The original 802.11 specification
designed to secure the data using
the Rivest Cipher 4 (RC4)
encryption method with a static
key. WEP is no longer
recommended and should never be
used.
05. It uses 40 bit key and 24 bit random
number.
06. Key management is not provided in
WEP.
It provides wireless security through the
use of a password.
A Wi-Fi Alliance standard that uses
WEP but secures the data with the much
stronger Temporal Key Integrity
Protocol (TKIP) encryption algorithm.
TKIP changes the key for each packet,
making it much more difficult to hack.
WPA key is 256 bit key.
Key management is provided through 4
way handshaking mechanism.

11. List the four shared key authentication techniques available in Wi-Fi networks.
Ans:
Four shared key authentication Techniques available in Wi-Fi networks are:
• Wired Equivalent Privacy (WEP)
• Wi-Fi Protected Access (WPA)
• WPA2
• WPA3

12. WPA 2 has two authentication methods, define them.

Ans:
Two WPA2 authentication methods are:

Personal - Intended for home or small office networks, users authenticate using a pre-
shared key (PSK). Wireless clients authenticate with the wireless router using a pre-shared
password. No special authentication server is required.

Enterprise - Intended for enterprise networks but requires a Remote Authentication Dial-
In User Service (RADIUS) authentication server. Although more complicated to set up, it
provides additional security.

13. WPA and WPA2 include two encryption protocols. Identify them.
Ans:
WPA: It includes Temporal Key Integrity Protocol (TKIP) encryption algorithm
WPA2: It includes Advanced Encryption Standard (AES) for encryption.

14. Give the abbreviations for the following: WEP, WPA, TKIP, AES
Ans:
WEP: Wired Equivalent Privacy
WPA: Wi-Fi Protected Access
TKIP: Temporal Key Integrity Protocol
AES: Advanced Encryption Standard

Compiled by KVS
15. List the four features provided by WPA3.
Ans:
Four new features in WPA3 are designed to improve on WPA2.
They are:
More secure handshake
– Simultaneous Authentication of Equals (SAE) protocol (aka the Dragonfly
handshake)
Replacement of wi-fi protected setup (WPS)
– a simpler way to securely add new devices to a network using the Wi-Fi Device
Provisioning Protocol (DPP), which allows you to securely add new devices to a
network using a QR code or a password.
Unauthenticated encryption
– Better protection when using public hotspots using Wi-Fi Enhanced Open which
provides unauthenticated encryption, a standard called Opportunistic Wireless
Encryption (OWE).
Bigger session key sizes
– WPA3-Enterprise will support key sizes the equivalent of 192-bit security during
the authentication stage, which will be harder to crack.

16. List the functions of NAT in a wireless router.

Ans:

Typically, the wireless router is assigned a publicly routable address by the ISP and uses a
private network address for addressing on the LAN.
• To allow hosts on the LAN to communicate with the outside world, the router will
use a process called Network Address Translation (NAT).
• NAT translates a private (local) source IPv4 address to a public (global) address
(the process is reversed for incoming packets).
• NAT makes sharing one public IPv4 address possible by tracking the source port
numbers for every session established by a device.

Compiled by KVS