Options

What is the gaps and weaknesses of basic WAP transmission model?

AzukiAzuki Registered Users Posts: 4 ■□□□□□□□□□
in Security+
The basic WAP transmission involving a WAP client, a WAP gateway and a Web Server results in a security gap. By appraising
the basic WAP transmission model identify the gaps and weaknesses listed below:-
1. Within the gateway, data are not encrypted during the translation process
2. WTLS encryption is weaker than TLS and hence is easily compromised.
3. There is no end-to-end protection for data
4. The WAP gateway can be compromised resulting in data leakage
5. The WAP device and Web Server can be compromised.

(a) All of the above
(b) 1, 3 & 4
(c) 1, 2 & 5
(d) 3, 4 & 5
(e) 1, 2, 3 & 5

I would think it's (b). But I feel really unsure. Can someone please help to verify?

Thanks!
· Share on FacebookShare on Twitter

Comments

  • Options
    rscrtrscrt Member Posts: 62 ■■□□□□□□□□
    I think you're right.

    I would not say that WTLS can be easily compromised, therefore the correct answer should not contain option 2. So we have (b) and (d) left. Option 3 and 4 should be correct then. Well, there is no end-to-end protection for sure WAP gateway can be compromised. Option 5 should be eliminated, because you can not make a general statement like that.

    Can anyone confirm or oppose please?
    · Share on FacebookShare on Twitter
  • Options
    teancum144teancum144 Member Posts: 229 ■■■□□□□□□□
    Although WTLS is listed in the SY0-301 objectives, I don't see the Wireless Application Protocol listed:
    http://certification.comptia.org/Libraries/Exam_Objectives/CompTIA_Security_SY0-301.sflb.ashx
    If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. :D
    · Share on FacebookShare on Twitter
Sign In or Register to comment.