Effective CISSP Questions

You are implementing Wi-Fi networks. Which of the following is the last step when a station connects to the access point? (Wentz QOTD)
A. Association Request
B. 4-Way Handshake
C. Probe Request
D. Authentication Request

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. 4-Way Handshake.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.


Discovery: Beaconing and Probing

An access point (AP) connects a specific set of wireless network devices (stations or STA) and shapes a basic service set (BSS). Multiple basic service sets become an extended service set (ESS). An AP periodically broadcasts beacon frames that contain the service set identifier (SSID) so that stations can broadcast probe requests to the AP.

Service set (802.11 network)
Service set (Credit: Wikipedia)


An AP typically supports authentication mechanisms such as Open System Authentication (OSA), Pre-Shared Key or PSK (Personal Profile), and 802.1X or EAPoL (Enterprise Profile).

The legacy WEP supports OSA and PSK, while WPA, WPA2, and WPA3 support all of them. However, OSA is a null authentication algorithm where any station can be authenticated and associated with the AP.


A station (STA) can associate with the AP and establish an authenticated and encrypted channel. It is completed by exchanging association messages that contain information such as WPA/RSN version, cipher suites for unicast and multicast, Auth Key Management (AKM) suite, etc.

802.11i Authentication

If the AP uses 802.1X (or 802.11i authentication), EAP authentication is conducted after the association process.

4-Way Handshake

Once the association is completed, a 4-way handshake is conducted, which utilizes an exchange of four EAPOL-Key frames.

4-WAY Handshake
4-WAY Handshake (Source: wifi-professionals)

WPA3 SAE/Dragonfly Handshake

In 2018, the 4-Way Handshake was found vulnerable to the “KRACK attack,” which can be mitigated by WPA3 Simultaneous Authentication of Equals (SAE, aka Dragonfly) under the Personal Profile.

WPA3 and DragonFly (Credit: Balram Vakil)
WPA3 and DragonFly (SAE)


您正在實施 Wi-Fi 網絡。 以下哪一項是工作站連接到接入點的最後一步? (Wentz QOTD)
A. 關聯請求 (Association Request)
B. 四段交握 (4-Way Handshake)
C. 探測請求 (Probe Request)
D. 認證請求 (Authentication Request)

Leave a Reply