220-801 tricky questions ???

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

how would you guys pick the correct answer to the below question?

You have just installed a wireless router on your home network. Which of the following
should you do to make it highly secure? (Choose two.)

A. Change the default administrator name and password.
B. Change the SSID.
C. Enable WEP.
D. Configure it to channel 11.

i picked A and C, based on what options i have at the moment. the book picked A and B. i understand A we both agree on it, but the book goes onto explain how WEP is not as secure as WPA and WPA2 which i agree, but is it listed as an option? no.

it goes on to say changing the ssid is a good choice. how is changing the ssid making it more secure. lets say its linksys out of the box and i change it to biteme, how is that more secure? i would rather enable wep first before changing the ssid name.

i mean they have to be consistent with their questions, i would answer questions based on the choices i can pick at the moment, not ones not listed. i hope the damn exam isn't like this, but than again i haven't had too many of these tricky kind of questions. the only thing that stands out for those answers to be correct is the word HIGH SECURE.

not sure how changing ssid makes it more secure.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

take this with a pinch of salt (I don't have any Cisco qualifications) but changing or hiding the SSID is supposed to make the router a less obvious target. If somebody is looking for a network to attack, seeing a default SSID suggests that no other security settings have been altered. So if you see a default SSID is visible, it's likely that the default, factory-set admin login will also be in place.

 

I see that logic. However you can scan wifi bands and find SSID/Wireless access points. The answer says change the SSID... I don't see how that would secure it - as its not hidden (doesn't state that) you'll see it from your devices and if its unsecure/open. Lack of information to make a judgement?

 

The SSID and the SSID length is seeded into the passphrase hash. Changing the SSID would mean it's not as vulnerable to a brute force attack with pre computed rainbow tables based on default SSIDs. (I.e. church of WiFi)

 

Thanks, that made sense. If thats the reason behind the question on the A+ blimey! would expect that to be more covered in security related exams.

This site helped explain it a little - Think Your WPA2-encrypted Wireless Network is Secure? Think Again.

 

i have both network+ and security+, doing this cause of work . but that question is poorly written? why would it assume changing the ssdi the person also would change the security to enable protection of wep. if we are going based on assumptions my asnwers are right. i am not arguing this particular question just poor style of writing, this might be done on purpose to have a certain amoutn of people fail, i dont know its not right.

 

I agree it is a little ambiguous but then most cert exams tend to be. I find the best way to go about these questions is to rule out the most unlikely answers and go with what's left. In this case d is most unlikely, then c as most wireless routers released in recent years default to WPA 2 so changing to WEP will be less secure. If an old technology (14 years + for WEP) is given as an option on a recent exam that's generally a good indicator that its not the answer they want.

 

I agree with oscar here, in that with multiple choice questions it can be harder to guess correctly due to the nature of how they word the question... the best thing to do is read the question once, then look at the answers available, then read the question a second time picking out the answers which you know it most certainly cannot be. as noted, no-one should be using WEP as a security option on a router anymore, for those routers which do not have WPA/2 as an option, the router should have been discarded or a software/firmware update applied to get better security options.

On looking at the question and the answers I would also say A+B