CWNA-109 Question #23: Real Exam Question with Answer & Explanation

Question

Options

• AAny 802.11 protocol analyzer can see the SSID in clear text in frames other than Beacons
• BTo improve security by hiding the SSID, the AP and client stations must both be configured to
• CAny tenants in the same building using advanced penetration testing tools will be able to obtain
• DThis security practice prevents manufacturers' client utilities from detecting the SSID. As a result,

Explanation

The response that you should give to your manager's suggestion of implementing the security practices of disabling the broadcasting of the SSID in Beacons and configuring the access points not to respond to Probe Request frames that have a null SSID field is that any 802.11 protocol analyzer can see the SSID in clear text in frames other than Beacons frames. This negates any security benefit of trying to hide the SSID in Beacons and Probe Response frames. The SSID (Service Set Identifier) is a human-readable name that identifies a WLAN and allows users to connect to it. The SSID is transmitted in clear text in several types of 802.11 frames, such as Beacon frames, Probe Request frames, Probe Response frames, Association Request frames, Association Response frames, Reassociation Request frames, and Reassociation Response frames. Some people may think that hiding the SSID can improve the security of the WLAN by making it invisible to potential intruders. However, this is not true, as hiding the SSID only removes it from Beacon frames and Probe Response frames that have a null SSID field. The SSID is still present in other types of frames that can be easily captured and analyzed by any 802.11 protocol analyzer or wireless scanner tool. Therefore, hiding the SSID does not provide any real security benefit and may even cause some compatibility and performance issues for legitimate users.

No community discussion yet for this question.