You work as a System Administrator for Tech Perfect Inc. The company has a wireless LAN network. You want to implement a tool in the company’s network, which monitors the radio spectrum used by the wireless LAN network, and immediately alerts you whenever a rogue access point is detected in the network. Which of the following tools will you use?

A.
Firewall

B.
WIPS

C.
MFP

D.
NAT

Explanation:
Wireless intrusion prevention system (WIPS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected. Conventionally it is achieved by comparing the MAC address of the participating wireless devices.
Rogue devices can spoof MAC address of an authorized network device as their own. WIPS uses fingerprinting approach to weed out devices with spoofed MAC addresses. The idea is to compare the unique signatures exhibited by the signals emitted by each wireless device against the known signatures of pre-authorized, known wireless devices.
Answer option D is incorrect. Network address translation (NAT) is a technique that allows multiple computers to share one or more IP addresses. NAT is configured at the server between a private network and the Internet. It allows the computers in a private network to share a global, ISP assigned address. NAT modifies the headers of packets traversing the server. For packets outbound to the Internet, it translates the source addresses from private to public, whereas for packets inbound from the Internet, it translates the destination addresses from public to private. Answer option A is incorrect. A firewall is a combination of software and hardware that prevents data packets from coming in or going out of a specified network or computer. It is used to separate an internal network from the Internet. It analyzes all the traffic between a network and the Internet, and provides centralized access control on how users should use the network. A firewall can also perform the following functions:
Block unwanted traffic.
Direct the incoming traffic to more trustworthy internal computers. Hide vulnerable computers that are exposed to the Internet.
Log traffic to and from the private network.
Hide information, such as computer names, network topology, network device types, and internal user IDs from external users.
Answer option C is incorrect. MFP (Management Frame Protection) is a method used to detect spoofed management frames. A user can avoid the vulnerabilities by enabling MFP in the Cisco wireless LAN. MFP works with the controller-based thin-AP architecture and the Cisco IOS software- based autonomous APs when they are used in combination with the Cisco Wireless LAN Solutions Engine.
Cisco WLAN systems place a digital signature into the management frame. This signature is a field with an encrypted hash to check the message integrity. Only an authorized AP can create it and an authorized receiver can validate the signature. Packets that arrive without digital signatures are ignored.