CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources]

c

b

b, d, e

b, d, e

b

b, c, e

b, c, d

c

b, c, e

a

a

b, c, d

b

b

What four SAFE modules are used in the large-enterprise IPSec WLAN design?

Building module

Building Distribution module

Edge Distribution module

Server module

What two design options are available within the remote WLAN design model?

Software-based VPN WLAN design

Hardware-based VPN WLAN design

Name at least three of the potential threats or problems associated with the axiom "Wireless networks are targets."

Interference and jamming

MAC authentication

Denial or degradation of service

Rogue access points

802.11 is insecure

What is the recommendation with regard to network-management traffic and WLANs?

Use VLANs on access points to isolate management traffic from user traffic.

Name two of the three extensible authentication protocols.

Cisco Lite EAP (LEAP)

EAP-Transport Layer Security (EAP-TLS)

Protected EAP (PEAP)

What two mitigation technologies are used in the design of WLANs?

Implementing a mutual authentication-based and key-distribution method using 802.1X with Wired Equivalent Privacy (WEP) Improvements

Implementing a network layer encryption approach based on IP Security (IPSec)

802.1X and EAP provide what three main elements in the design approach of secure WLANs?

Mutual authentication between the wireless client and an authentication server using a RADIUS server

Dynamically derived encryption keys after authentication

Centralized policy control for reauthentication and generation of encryption keys

Name three models of Cisco wireless access points or bridges.

Cisco Aironet 350

Cisco Aironet 1100

Cisco Aironet 1200

Cisco Aironet 1300

Cisco Aironet 1400

Name the WLAN IPSec design threats and threat mitigations.

Address Resolution Protocol (ARP) spoofing

IP spoofing

Man-in-the middle attacks

Network topology discovery

Password attack

Wireless packet sniffers