Wi-Fi(802.11) interview questions and answers set – 1

Categories : InterviewQuestions , WLAN

Here I will share common WLAN interview questions asked in product based and service based companies. Then I will add answer for each question through any post or directly here. So keep following this post ☺.

Demo Video:

♦♦♦♦ WLAN Basic ♦♦♦♦
NoQuestionAnswer / Post Link
1How many IFSs are there? Where can we use these? Which IFS is the shortest? Which IFS is variable? There are 6 IFSs are there. RIFS, SIFS, PIFS, DIFS, AIFS, EIFS.

In short => RIFS: 11n, SIFS: Between Data and ACK, PIFS: Urgent frame transmission, AIFS: WMM enabled client, EIFS: For Retransmitted].

♣ RIFS->2us.

♣ AIFS->Depends on AIFSN.

♠ For detailed explanation : IFS
2Explain CSMA/CA method.Link
3What is Cwmin and Cwmax ? Explain.Link
4What is slot time? Where it is used? TBD
5What is random backoff number? TBD
6Explain frame exchanges for WLAN open security and WPA2 connection. TBD
7Explain frame exchanges between WEP open vs WEP shared security mechanism. TBD

♦♦♦♦ WLAN SCAN ♦♦♦♦
1What is active and passive scanningLink
2Advantage and disadvantage of active and passive scan.Link
3Which scan is better? Why?Link
4What is the waiting time for each channel for Active and Passive scan?Maximum and Minimum waiting time for each channel for scanning are defined by “MaxChannelTime[TU]” and “MinChannelTime[TU]” parameter respectively. Waiting time may vary from vendor to vendor implementation.

For Active Scanning:
MinChannelTime = 0.67 ms
[MinChannelTime >= DIF S + CW ∗ aSlotT ime = 50 µsec + 31 * 20 µsec = 670 µsec = 0.67ms] MaxChannelTime = 15 ms

For Passive Scanning :
MinChannelTime will be > 100TU [As default beacon interval is 100TU for APs]
5What is background scan?When STA is connected to AP and STA wants to scan, the STA sends null frame with PM=1 to AP. Then STA does Active/Passive scan on other channel. Then STA comes back to original channel [Connected AP channel] and sends null frame with PM=0 to AP.
Example: This type of scan observed at the time of Roaming.
♦♦♦♦ Security ♦♦♦♦
NoQuestionAnswer / Post Link
1When you enter wrong password, in which stage of 4-way handshake fails for personal security? ExplainTBD
2When client is entered with wrong password, still client is authenticated to the AP (because authentication happens before 4-way handshake) upon 4-way handshake failure? ExplainTBD
3WEP open vs WEP shared? Which one is weaker? Why?TBD
4What happens when you enter wrong key for WEP OPEN connection ?TBD
5Explain WPA2-PSK 4 way handshake.TBD
6Difference between WPA2 vs WPA.TBD
7Difference between PTK and GTKTBD
8When GTK timeout gets trigered?TBD
9Difference between CCMP and TKIP?TBD
10Difference between RC4 vs AES?TBD
11How much overhead is added for WEP, TKIP and CCMP?WEP : 8 Octet [4-IV + 4-ICV]

TKIP : 20 Octet [4-IV + 4-EIV + 8-MIC + 4-ICV]

CCMP : 16 Octet [8-CCMP Header + 8-MIC]
♦♦♦♦ Power Save
NoQuestionAnswer / Post Link
1What are the different powersave mechanisms are there?LINK
2How many types of Legacy PS are there? Explain PS-POLL and Non-PSPOLL frame exchangesLINK
3Throughput in PS-POLL and WWM-PSTBD
4Frame exchanges in WMM-PS?LINK
5What is SMPS and  PSMP ?TBD
6Advantages in WMMPSLINK
♦♦♦♦ 802.11n
NoQuestionAnswer / Post Link
1What are the enhancements added to 802.11n standard?TBD
2Is there any change in 802.11 MAC header for 802.11n?TBD
3What are the important fields for ADDBA (ADD BlockACK)?TBD
4How many types of Aggregations are there? Explain A-MPDU, A-MSDU and A-MSDU inside A-MPDU.TBD
5What is the use of BA (Block ACK)? Explain BA frame format.TBD
6Which is better A-MPDU or A-MSDU? Why?TBD
7What is DELBA (Delete Block ACK)TBD
♦♦♦♦ Roaming ♦♦♦♦
NoQuestionAnswer / Post Link
1Explain different roaming scenario differences: Legacy->PMK caching->Pre-Auth->OKC->11rTBD
2Explain 11r PMK-R0 and PMK1 keys.TBD
NoQuestionAnswer / Post Link
1Comparison table for 11n and 11acLink
2What is MIMO?TBD
4Explain Dynamic bandwidth signalingTBD
♦♦♦♦ 802.11 Frames ♦♦♦♦
NoQuestionAnswer / Post Link
1Probe request is unicast or broadcast?Probe Request can be unicast or broadcast.
Broadcast Probe Request: Destination address is ff:ff:ff:ff:ff:ff and SSID field is blank.
Unicast Probe Request:
i) Destination address is ff:ff:ff:ff:ff:ff and SSID field is set to target AP’s SSID.
ii) Destination address is set to target AP’s MAC address and SSID field is set to target AP’s SSID.
2How to send unicast probe request? Which field is set?Unicast Probe Request:
i) Destination address is ff:ff:ff:ff:ff:ff and SSID field is set to target AP’s SSID.
ii) Destination address is set to target AP’s MAC address and SSID field is set to target AP’s SSID.
Unicast probe request SSID field is always set to target AP’s SSID.
3Difference between Beacon and Probe response?Link
4Which frame has AID, Listen interval?Association/Re-Association response frame contains AID.
Association/Re-association request frame contains Listen Interval.
5Which frame has SSID ?Beacon, Directed Probe request, Probe Response, Assoc Req, Re-association Req
6Which frame has security information?Beacon, Probe Response, Assoc Req, Re-association Req, 11r Re-association response
7What is Hidden node problem?TBD
8What is Hidden SSID and use of it?TBD
9When a Wi-Fi device can send RTS-CTS?TBD

♥♥If you have any doubts or query please let me know in comment section or send mail at feedback@wifisharks.com.♥♥

5 comments on “Wi-Fi(802.11) interview questions and answers set – 1


    • May 8, 2022 at 9:12 pm

    Please post the answers for every question, difficult to find it outside…!


      • May 15, 2022 at 11:15 am

      Hi Tabrez,
      Thanks for reading the post.
      Will post the answers slowly.

    Mark D’Rozario

    • January 20, 2021 at 10:50 pm

    if we enter wrong password , in which step of the 4 way handshake does it fail for personal security ?
    Ans: it fails in the m2 step as the MIC which will be sent will be validated and if found incorrect , the four way handshake fails. Is my understanding correct.


      • January 23, 2021 at 10:55 am

      Hi Mark,
      Yes. MIC of M2 validation will be failed at AP side. I will share a details post on it. Keep following.

      Ravi patel

      • January 8, 2022 at 3:43 pm

      Yes, it will fail @ M2 steps if both PTK (PMK->MSK(which is PSK basically)will not match

      & AP won’t send out M3 & this loop is keep going on between AP & STA for exchange of M1 & M2 continuously.

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!
%d bloggers like this: