The following activities provide practice with the topics introduced in this chapter.
Labs
Lab—Configure Windows Firewall Settings (16.3.8)
Packet Tracer Activities
Packet Tracer—Configure Basic Wireless Security (16.2.4)
Check Your Understanding Questions
Complete all the review questions listed here to test your understanding of the topics and concepts in this chapter. Appendix A, “Answers to the ‘Check Your Understanding‛ Questions,” lists the answers.
1. What type of authentication do most access points use by default?
- WEP
- EAP
- PSK
- Open
2. What is the purpose of a DMZ?
- It creates an encrypted and authenticated tunnel for remote hosts to access the internal network.
- It provides secure connectivity for clients that connect to the internal network through a wireless LAN.
- It analyzes traffic for intrusion attempts and sends reports to management stations.
- It enables external hosts to access specific company servers while maintaining the security restrictions for the internal network.
3. Which actions improve security on a wireless network? (Choose two.)
- Broadcast the default SSID.
- Keep the default administrator password for the access point.
- Enable WPA2-PSK.
- Enable MAC filtering.
4. What is the term used to describe the area of a network which stores servers that are accessible to any users from the Internet?
- DMZ
- Demarcation point
- Extranet
- Intranet
5. What is a feature that an administrator can use to prevent unauthorized users from connecting to a wireless access point?
- MAC filtering
- Proxy server
- WPA encryption
- Software firewall
6. What is the purpose of a wireless SSID?
- To securely transmit data between wireless clients
- To uniquely identify a wireless network
- To securely connect a wireless client to an access point
- To reliably receive and transmit data from wireless clients
7. Port triggering has been configured on a wireless router. Port 25 has been defined as the trigger port and port 113 as an open port. What effect does this have on network traffic?
- All traffic that is sent into port 25 to the internal network is also allowed to use port 113.
- All traffic that is sent out port 25 opens port 113 to allow inbound traffic into the internal network through port 113.
- Any traffic that comes into port 25 allows outgoing port 113 to be used.
- Any traffic that is using port 25 going out of the internal network is also allowed to transmit out port 113.
8. A network administrator has decided to use WPA2 for security in a WLAN. Which statement describes WPA2?
- WPA2 specifies the use of a dynamic encryption key.
- WPA2 uses preconfigured keys to encrypt and decrypt data.
- WPA2 specifies the use of a static encryption key that must be changed frequently to enhance security.
- WPA2 requires use of an open authentication method.
9. Which component is designed to protect against unauthorized communications to and from a computer?
- Antivirus
- Security center
- Port scanner
- Firewall
- Antimalware
10. Which wireless access point association parameter does the wireless client use to distinguish between multiple wireless networks in the same vicinity?
- Password
- Channel setting
- SSID
- Network mode