Free CWNP CWNA-109 Practice Exam with Questions & Answers | Set: 3

OFDM (Orthogonal Frequency Division Multiplexing) is the physical layer specification (PHY) that VHT capable devices must be backward compatible with according to the IEEE 802.11-2012 standard. VHT (Very High Throughput) is a PHY and MAC enhancement that is defined in the IEEE 802.11ac amendment and is also known as Wi-Fi 5. VHT operates only in the 5 GHz band and uses features such as wider channel bandwidths (up to 160 MHz), higher modulation schemes (up to 256-QAM), more spatial streams (up to eight), multi-user MIMO (MU-MIMO), beamforming, and VHT PHY and MAC enhancements. VHT can achieve data rates up to 6.9 Gbps.

According to the IEEE 802.11-2012 standard, VHT capable devices must be backward compatible with devices using OFDM PHY, which is defined in the IEEE 802.11a amendment and is also used by IEEE 802.11g, IEEE 802.11n, and IEEE 802.11h amendments. OFDM operates in both the 2.4 GHz and 5 GHz bands and uses features such as subcarriers, symbols, guard intervals, and OFDM PHY and MAC enhancements. OFDM can achieve data rates up to 54 Mbps.

Backward compatibility means that VHT capable devices can interoperate with OFDM devices on the same network by using common features and parameters that are supported by both PHYs. For example, VHT capable devices can use a channel bandwidth of 20 MHz, a modulation scheme of BPSK, QPSK, or 16-QAM, one spatial stream, no beamforming, and OFDM PHY and MAC headers when communicating with OFDM devices. Backward compatibility also means that VHT capable devices can fall back to OFDM mode when the signal quality or SNR is too low for VHT mode. References: 1, Chapter 3, page 123; 2, Section 3.2

 iPerf is an open source tool that is designed to perform a throughput test on the WLAN. iPerf is a cross-platform command-line tool that can measure the bandwidth and quality of network links by generating TCP or UDP traffic between two endpoints. iPerf can run as either a server or a client mode, depending on whether it receives or sends traffic. iPerf can also report various metrics of network performance, such as throughput, jitter, packet loss, delay, and TCP window size. To perform a throughput test on the WLAN using iPerf, one device needs to run iPerf in server mode and another device needs to run iPerf in client mode. The devices need to be connected to the same WLAN network and have their IP addresses configured properly. The device running iPerf in client mode needs to specify the IP address of the device running iPerf in server mode as well as other parameters such as protocol, port number, duration, interval, bandwidth limit, packet size, etc. The device running iPerf in server mode will listen for incoming connections from the client device and send back acknowledgments or responses depending on the protocol used. The device running iPerf in client mode will send traffic to the server device according to the specified parameters and measure the network performance. The device running iPerf in client mode will display the results of the throughput test at the end of the test or at regular intervals during the test. The results can show the average, minimum, maximum, and instantaneous throughput of the network link, as well as other metrics such as jitter, packet loss, delay, and TCP window size. References: 1, Chapter 7, page 287; 2, Section 4.3

The likely cause of the problem is that the external hard drive is USB 3.0 and is causing a significant increase in the noise floor when in use. USB 3.0 devices are known to generate radio frequency interference (RFI) in the 2.4 GHz band due to their high data transfer rates and harmonics. This RFI can increase the noise floor and degrade the signal-to-noise ratio (SNR) of WLAN devices operating in the same band. This can result in lower data rates, reduced throughput, increased retransmissions, and poor performance. The problem may not occur outside of business hours or on the user’s home network because of different usage patterns or environmental factors. References: [CWNP Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 527; [CWNA: Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 497.

The BSSID (Basic Service Set Identifier) is typically mapped to an AP’s MAC address if a single BSS is implemented. The BSSID is a unique identifier that distinguishes one BSS from another within the same RF medium. It is usually derived from the MAC address of the AP’s radio interface, but it can also be manually configured or randomly generated by some vendors. The BSSID is used by client stations to associate with an AP and to send and receive frames within a BSS. References: , Chapter 1, page 24; , Section 1.2

In a public Wi-Fi hotspot, like the one Lynne runs in his hotel, ensuring customer security against active attacks is crucial. Active attacks involve unauthorized access, eavesdropping, or manipulation of the network traffic. To mitigate such threats, an effective and practical step is:

Station-to-Station Traffic Blocking: Also known as client isolation, this feature prevents direct communication between devices connected to the Wi-Fi network. By enabling this on the access points, Lynne can significantly decrease the likelihood of active attacks like man-in-the-middle (MITM) attacks, where an attacker intercepts and possibly alters the communication between two parties.

The other options, while beneficial for network security, might not be as straightforward or practical for Lynne's situation:

Network Access Control (NAC) requires a more complex infrastructure and management, which might not be ideal for a small hotel setup.

Implementing an SSL VPN adds an extra layer of security but might complicate the login process for users, potentially affecting the user experience.

Requiring EAP-FAST authentication provides secure authentication but may not be feasible for transient customers who expect quick and easy network access.

Therefore, enabling station-to-station traffic blocking is a practical and efficient measure that Lynne can implement to enhance customer security on the Wi-Fi network.

The tool described is a WLAN (Wireless Local Area Network) scanner tool. WLAN scanner tools are designed to provide information about the wireless networks in a given area, including:

Signal Strength: They show the signal strength of all access points (APs) in the vicinity, which is crucial for understanding the coverage area and potential interference.

SSID Visualization: These tools display the SSIDs (Service Set Identifiers) of available networks, allowing users to identify different wireless networks easily.

Security Settings Information: WLAN scanner tools often show the type of security implemented on each network, such as WPA2, WEP, etc.

Frequency Band Filtering: They allow users to filter and view networks based on the frequency band (2.4 GHz or 5 GHz), which is useful for analyzing network distribution and planning.

While protocol analyzers, site survey utilities, and spectrum analyzers are also used in wireless networking, their functions are distinct from what is described:

Protocol Analyzers are more sophisticated and are used to capture and analyze network traffic.

Site Survey Utilities are used to map signal coverage and plan network layouts, often with more advanced features for detailed site surveys.

Spectrum Analyzers provide a detailed view of the frequency spectrum and non-Wi-Fi interference but don't typically focus on SSIDs or security settings.

Thus, the correct answer is D, a WLAN scanner tool, based on the functionalities described.

a mesh portal is a device that connects a mesh BSS (MBSS) to an Ethernet network, such as the Internet. A mesh portal acts as a bridge between the wired and wireless domains, and allows the mesh stations to communicate with external networks. A mesh portal is also a mesh point, which means it can forward traffic within the MBSS.

The other options are not correct. Option A. Mesh Gate is a device that connects a mesh BSS (MBSS) to another mesh BSS or another wireless network, such as an infrastructure BSS or an ad hoc network2. A mesh gate acts as a gateway between different wireless domains, and allows the mesh stations to communicate with other wireless networks. A mesh gate is also a mesh point, which means it can forward traffic within the MBSS. Option B. Mesh Switch is not a valid term in the 802.11 standard. Option C. Mesh Router is also not a valid term in the 802.11 standard.

 The frame type that is used to reserve the wireless medium for the transmission of high data rate frames that may not be understood by all clients connected to the BSS is RTS. RTS stands for Request to Send and is a control frame that is sent by a station to request access to the medium for a specified duration. The RTS frame contains the source and destination MAC addresses, as well as a Network Allocation Vector (NAV) value that indicates how long the medium will be occupied. The destination station responds with a Clear to Send (CTS) frame that echoes the NAV value and grants permission to the source station. All other stations in the BSS hear either the RTS or CTS frame and update their NAV timers accordingly, deferring their transmissions until the medium is free. The RTS/CTS mechanism can be used to prevent hidden node problems, reduce collisions, and protect high data rate frames that use features such as 802.11n or 802.11ac that may not be compatible with legacy stations. ACK, Beacon, and PS-Poll are not used to reserve the medium for high data rate frames. References: [CWNP Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 112; [CWNA: Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 102.

 The cipher suite specified by the 802.11-2016 standard and is not deprecated is Counter Mode with CBC-MAC Protocol (CCMP). CCMP is an encryption protocol that uses Advanced Encryption Standard (AES) as the underlying cipher and provides confidentiality, integrity, and origin authentication for wireless data. CCMP is the mandatory encryption protocol for WPA2 and WPA3. References: [CWNP Certified Wireless Network Administrator Official Study Guide: Exam CWNA-109], page 295; [IEEE Standard for Information technology–Telecommunications and information exchange between systems Local and metropolitan area networks–Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications], page 1560.