SSCP DOMAIN 6 - NETWORK AND
COMMUNICATIONS SECURITY EXAM
During a wireless network penetration test, Susan runs aircrack-ng against the network
using a password file. What might cause her to fail in her password-cracking efforts? -
Correct Answers -WPA2 enterprise uses RADIUS authentication for users rather than a
preshared key. This means a password attack is more likely to fail as password
attempts for a given user may result in account lockout. WPA2 encryption will not stop a
password attack, and WPA2's preshared key mode is specifically targeted by password
attacks that attempt to find the key. Not only is WEP encryption outdated, but it can also
frequently be cracked quickly by tools like aircrack-ng.
In her role as an information security professional, Susan has been asked to identify
areas where her organization's wireless network may be accessible even though it isn't
intended to be. What should Susan do to determine where her organization's wireless
network is accessible? - Correct Answers -Wardriving and warwalking are both
processes used to locate wireless networks but are not typically as detailed and
thorough as a site survey, and design map is a made-up term.
Place the layers of the OSI model shown here in the appropriate order, from layer 1 to
layer 7. - Correct Answers -The OSI layers in order from layer 1 to layer 7 are:
D. Physical
B. Data Link
C. Network
G. Transport
F. Session
E. Presentation
A. Application
Lauren wants to provide port-based authentication on her network to ensure that clients
must authenticate before using the network. What technology is an appropriate solution
for this requirement? - Correct Answers -802.1x provides port-based authentication and
can be used with technologies like EAP, the Extensible Authentication Protocol.
802.11a is a wireless standard, 802.3 is the standard for Ethernet, and 802.15.1 was
the original Bluetooth IEEE standard.
Lauren's and Nick's PCs simultaneously send traffic by transmitting at the same time.
What network term describes the range of systems on a network that could be affected
by this same issue? - Correct Answers -A collision domain
COMMUNICATIONS SECURITY EXAM
During a wireless network penetration test, Susan runs aircrack-ng against the network
using a password file. What might cause her to fail in her password-cracking efforts? -
Correct Answers -WPA2 enterprise uses RADIUS authentication for users rather than a
preshared key. This means a password attack is more likely to fail as password
attempts for a given user may result in account lockout. WPA2 encryption will not stop a
password attack, and WPA2's preshared key mode is specifically targeted by password
attacks that attempt to find the key. Not only is WEP encryption outdated, but it can also
frequently be cracked quickly by tools like aircrack-ng.
In her role as an information security professional, Susan has been asked to identify
areas where her organization's wireless network may be accessible even though it isn't
intended to be. What should Susan do to determine where her organization's wireless
network is accessible? - Correct Answers -Wardriving and warwalking are both
processes used to locate wireless networks but are not typically as detailed and
thorough as a site survey, and design map is a made-up term.
Place the layers of the OSI model shown here in the appropriate order, from layer 1 to
layer 7. - Correct Answers -The OSI layers in order from layer 1 to layer 7 are:
D. Physical
B. Data Link
C. Network
G. Transport
F. Session
E. Presentation
A. Application
Lauren wants to provide port-based authentication on her network to ensure that clients
must authenticate before using the network. What technology is an appropriate solution
for this requirement? - Correct Answers -802.1x provides port-based authentication and
can be used with technologies like EAP, the Extensible Authentication Protocol.
802.11a is a wireless standard, 802.3 is the standard for Ethernet, and 802.15.1 was
the original Bluetooth IEEE standard.
Lauren's and Nick's PCs simultaneously send traffic by transmitting at the same time.
What network term describes the range of systems on a network that could be affected
by this same issue? - Correct Answers -A collision domain
