Wireless Security Interview Questions & Answers

  1. Question 1. What Is Passpoint?

    Answer :

    Passpoint is a program launched by the Wi-Fi Alliance in an effort to streamline network access in hotspots and eliminate the need for users to find and authenticate a network each time they connect. The first release of Passpoint was in 2012 and the second release was in October 2014.

  2. Question 2. What Features Are Included In Passpoint Release 2?

    Answer :

    The first release of Passpoint included features around network selection and secure access. In the second release of Passpoint, the Wi-Fi Alliance introduced new, streamlined methods for secure online signup and policy provisioning. DigiCert SecureWiFi Certificates help to secure the online signup process.

  3. Networking Interview Questions

  4. Question 3. Can I Use Another Type Of Certificate To Secure My Osu Server?

    Answer :

    WiFi certificates are able to authenticate a service provider because of the special WiFi root on Passpoint-certified devices. WiFi certificates are the only kind of certificate that can provide this authentication and the visual indicators like the logo and friendly name.

  5. Question 4. What Are The Logo And Friendly Name?

    Answer :

    When you order a SecureWiFi Certificate, you must include either a logo, friendly name, or both a logo and a friendly name. The logo and friendly name are shown to end-users after the WiFi certificate on the OSU server is validated by the device to show that the service provider has been authenticated.

  6. Networking Tutorial

  7. Question 5. What Information Do I Need To Provide To Get A Securewifi Certificate?

    Answer :

    To order a SecureWiFi Certificate you need the common name for the certificate, a logo and/or friendly name for your service provider, organization details (name, address), and contact details (name, telephone, email). Once you complete the order, DigiCert’s validation team will contact you to gather validation information.

  8. Network Security Interview Questions

  9. Question 6. What Other Products Does Digicert Offer?

    Answer :

    As a publicly trusted Certificate Authority, DigiCert offers a full line of authentication and encryption solutions.

  10. Question 7. What Is The Wi-fi Alliance?

    Answer :

    The Wi-Fi Alliance is a global industry association that governs the standards around WiFi interoperability and security. 

  11. Network Security Tutorial
    Internet Security Interview Questions

  12. Question 8. Do Wifi Certificates Replace Wireless Security Protocols Like Wpa2?

    Answer :

    No. WiFi certificates are only used to encrypt data during the signup process. They are not used to encrypt data that is passed while an end-user is browsing the Internet.

  13. Question 9. If My Wireless Network Doesn’t Have A Lot Of Traffic, Is It Okay To Use Wep Because The Ivs Required To Crack The Wep Key Won’t Be Generated?

    Answer :

    No. Automated tools are available that allow attackers to capture an ARP packet and reinject it to the access point very rapidly. This generates a significant amount of traffic and allows the attacker to capture enough unique initialization vectors to quickly crack the key

  14. Computer Network Security Interview Questions

  15. Question 10. What Is The Difference Between Active And Passive Wlan Detection?

    Answer :

    Active WLAN detection requires that the SSID be broadcast in the beacon frame. Passive WLAN detection listens to all traffic in range of the device and determines what WLANs are in range.

  16. Internet Security Tutorial

  17. Question 11. Briefly Describe The Process Involved In Cracking Wep?

    Answer :

    To efficiently crack a WEP key, you first need to obtain an Address Resolution Protocol (ARP) packet from the access point you want to attack. You can obtain this packet using a tool such as Void11 to send deauthentication packets to the clients associated with that access point. When the clients reassociate to the access point, ARP packets will be generated and can be captured. After you have captured a valid ARP packet, you can use a tool such as Aireplay, a part of the Aircrack suite, to inject the ARP packet back into the network. This injection process will cause a large number of initialization vectors to be generated. You can capture this traffic with any pcap format sniffer. Ethereal, Airodump, and Kismet all support pcap format. After you have captured between 500,000 and 1 million unique initialization vectors, you can then crack the WEP key using Aircrack or other, similar tools. Most of these tools are available for free on the Internet.

  18. Wireless Interview Questions

  19. Question 12. How Many Types Of Extensible Authentication Protocols (eaps) Are Supported By Wpa/wpa2 And What Are They?

    Answer :

    There are six fully supported EAP types for WPA/WPA2: EAP-TLS; EAP-TLS/MSCHAPv2;


  20. Networking Interview Questions

  21. Question 13. What Is The Primary Difference Between 802.11g And 802.11a?

    Answer :

    802.11g operates in the 2.4 GHz frequency range, as do 802.11b and 802.11i, whereas 802.11a operates in the 5 GHz frequency range.

  22. Wi-Fi Tutorial

  23. Question 14. What Is The Difference Between The Hostap Drivers And The Wlan-ng Drivers For Linux?

    Answer :

    Both of these drivers work with a variety of cards; however, only the HostAP drivers allow you to place your card in monitor mode.

  24. Question 15. Who Determines The Wireless Standards?

    Answer :

    The IEEE develops and determines the wireless standards (802.11a, b, g, and so on). The WiFi Alliance, the group that owns the WiFi trademark, then certifies the interoperability of these devices.

  25. Domain Name System(DNS) Interview Questions

  26. Question 16. What Tools Do You Use To Wardrive?

    Answer :

    Depending on the operating system in use, Kismet for Linux or Kismac for OS X provide the greatest level of functionality for detecting and identifying WLANs. NetStumbler is available for Windows but supports only active WLAN detection and identification, whereas the Linux and OS X tools both support passive WLAN detection and identification.

  27. Wireless Communication Tutorial

  28. Question 17. What Is The Minimum Passphrase Length That Should Be Used For Wpa-psk?

    Answer :

    Because WPA-PSK with a short passphrase is vulnerable to a dictionary attack, and automated tools are available to facilitate this process, a WPA-PSK passphrase should be at least 21 characters long.

  29. DHCP Interview Questions

  30. Question 18. What Is Wep?

    Answer :

    Wired Equivalent Privacy is a security protocol defined by the IEEE Wireless Fidelity (WiFi) 802.11b standard designed to provide a similar level of security and privacy for a WLAN (wireless local area network) as commonly expected from a wired LAN (local area network).

    Wired LANs however, are physically protected because they are inside secure buildings unlike wireless networks that send data over radio waves not confined by physical barriers like walls and floors. WEP encrypts data sent over radio waves so that it is protected as it is transmitted from one end point to another.

  31. Network Security Interview Questions

  32. Question 19. How Secure Is Wep?

    Answer :

    WEP has been found to have a number of weaknesses. At its base, the encryption algorithm is flawed, making it susceptible to cracking. Also, the keys used for protection are unreliable and easily deciphered.

  33. Question 20. Should I Use Wep?

    Answer :

    It is better than no security at all, but it is not recommended.

  34. CWNA (Certified Wireless Network Administrator) Interview Questions

  35. Question 21. What Is Wpa?

    Answer :

    Wi-Fi Protected Access (WPA) is a data encryption specification for 802.11 wireless networks that replaces the weaker WEP. Created by WiFi Alliance before the 802.11i security standard was ratified by the IEEE, it improves on WEP by using dynamic keys, Extensible Authentication Protocol to secure network access, and an encryption method called Temporal Key Integrity Protocol (TKIP) to secure data transmissions.

  36. Question 22. What Is Wpa2?

    Answer :

    Wi-Fi Protected Access 2 is an enhanced version of WPA. It is the official 802.11i standard that was ratified by the IEEE in June 2004. WPA2 is stronger than WPA because it uses Advanced Encryption Standard (AES) instead of RC-4/TKIP (see above). AES supports 128-bit, 192-bit and 256-bit keys. WPA2 can also use pre-shared keys or 802.1x authentication.

  37. Question 23. What Are 802.11i And 802.1x?

    Answer :

    These are new security standards developed by 802.11 that use advanced encryption technologies such as Advanced Encryption Standard (AES) and Temporal Key Integrity Protocol (TKIP), as well as secure key-distribution methods. 802.1x enables automatic changing of encryption keys at certain time intervals, for example every 5 minutes or so.

    By the time a hacker has intercepted a key and managed to decipher it, a new key has already replaced it.

  38. BREW (Binary Runtime Environment for Wireless) Interview Questions

  39. Question 24. What Is Encryption And Why Is It Important?

    Answer :

    Encryption is a security measure that uses special technologies to scramble transmissions from one end to the other. One of the most popular forms of encryption uses special keys or codes enabling two computers to communicate: the sending computer transmits a key or code to the receiving computer and if the keys match, the sender is allowed into the system.

    Encryption is important because it prevents others from reading your messages, files and information.

  40. Internet Security Interview Questions

  41. Question 25. What Is An Ssid ?

    Answer :

    Every wireless network, whether home or business, has a name consisting of up to 32 letters or numbers by which it can be identified – this is its Service Set Identifier (SSID). A wireless access point (AP) or router in open network mode will periodically broadcast a beacon signal along with the signal strength and functional capabilities of the AP, and the SSID to all wireless devices within range announcing that the network is live.

  42. Question 26. I Have Heard That Disabling The Ssid Beaconing Functionality Can Stop War Drivers From Acc Essing My Wlan . Is This True?

    Answer :

    This helps make your wireless network less susceptible, but it’s still not failsafe. When you disable the beacon functionality, you need to know the SSID to access the connection. If you are not broadcasting, the hacker does not easily know the SSID to your network, but he can still intercept data packets as they travel between your access point and wireless client, vice versa. This data may reveal the SSID of your network.

  43. Wi-Fi Interview Questions

  44. Question 27. What Is Ma C Filtering And How Effective Is It?

    Answer :

    Every Wi-Fi device has its own unique media access control (MAC) number. Networks can be configured to accept only certain MAC addresses and filter out the rest. MAC filtering is effective for small networks, but for larger networks it is not as useful as experienced hackers can imitate a MAC address by intercepting it and then programming their own computer to broadcast using this stolen MAC address.

  45. Computer Network Security Interview Questions

  46. Question 28. What Security Should I Use? Wep; Wpa Or Wpa2?

    Answer :

    You should use WPA2 as it is the most secure of all three options and uses AES encryption to protect data. After WPA2, WPA is the second most secure using Temporal Key Integrity Protocol (TKIP) to secure transmission. WEP is the least secure due to its flawed encryption algorithm.

  47. Question 29. What Is Radius ?

    Answer :

    Already in place in many corporations, remote access dial-up service (RADIUS), is another standard that protects access to wireless networks. RADIUS employs a user name and password scheme to allow only approved users access to the network – it does not affect or encrypt data. When a user wants access to network files, email programs or the internet, they submit their user name and password to the server, the server verifies that the user has an account, then verifies that the user is using the correct password, before granting access.

  48. Wireless Testing Interview Questions

  49. Question 30. What Is Kerberos?

    Answer :

    Kerberos is a network authentication system based on key distribution, developed by MIT.

    Devices communicating over a wired or wireless network identify themselves to each other while preventing eavesdropping or replay attacks. After a client and server have identified themselves to one another, Kerberos enables their communication to be encrypted to assure privacy and data integrity, using cryptography systems such as data encryption standard (DES).