Network Access and Wireless Security

Provide a brief definition of network access control
Click the card to flip 👆
1 / 12
Terms in this set (12)
Provide a brief definition of network access control
Network access control (NAC) is an umbrella term for managing access to a network. It authenticates users logging into the network and determines what data they can access and actions they can perform. It also examines the health of the user's computer or mobile device
What is an EAP?
Extensible Authentication Protocol (EAP) provides a generic transport service for the exchange of authentication information between a client system and an authentication server. The basic EAP transport service is extended by using a specific authentication protocol that is installed in both the EAP client and the authentication server
List and briefly define four EAP authentication methods.
-EAP Transport Layer Security
-EAP Tunneled TLS
-EAP Generalized Pre-Shared Key
EAP--IKEv2
Why is EAPOL an essential element of IEEE 802.1X?
EAPOL enables a supplicant to communicate with an authenticator and supports the exchange of EAP packets for authentication.
What is the basic building block of an 802.11 WLAN?
The basic building block of an 802.11 WLAN is the Basic Service Set which consists of wireless
stations executing the same MAC protocol and competing for access to the same shared wireless
medium.
List and briefly define threats to a wireless network.
- Eavesdropping is easy (sometimes)
- Fake AP
- Associate with an incorrect AP
- MAC spoofing
- Frame injection
- DoS
- Ad hoc network
List and briefly define IEEE 802.11 services.
-Access control(IEEE 802.1 port based access control)): This function enforces the use of the authentication function,routes the messages properly, and facilitates key exchange. It can work with avariety of authentication protocols.
-Authentication and key generation (EAP): A protocol is used to define an exchange between a user and an AS that provides mutual authentication and generates temporary keys tobe used between the client and the AP over the wireless link.
-Confidentiality, data origin authentication and integrity, and replay protection(TKIP/CCMP): MAC-level data (e.g., an LLC PDU) are encrypted along with a message integrity code that ensures that the data have not been altered.
List some security threats related to mobile devices.
-Lack of physical security controls; your phone can get stolen
-use of untrusted mobile devices
-use of untrusted networks
-use of untrusted content
-use of applications created by unknown parties
-Interaction with other systems
-Use of location services
How is the concept of an association related to that of mobility?
Association is to agree on a set of security capabilities to be used. It allows a mobile node that
has made a transition to identify itself to the access point (AP) within a basic service set (BSS) so
that the node can participate in data exchanges with other mobile nodes
What security areas are addressed by IEEE 802.11i?
1) authentication,
2) key management, and
3) data transfer privacy.
Briefly describe the five IEEE 802.11i phases of operation.Phase 1: Discovery - An AP uses messages called Beacons and Probe Responses to advertise its IEEE 802.11i security policy. The STA uses these to identify an AP or a WLAN with which it wishes to communicate. The STA associates with the AP, which it uses to select the cipher suite and authentication mechanism when the Beacons and Probe Responses present a choice. Phase 2: Authentication - During this phase, the STA and AS prove their identities to each other. The AP blocks non-authentication traffic between the STA and AS until the authentication transaction is successful. The AP does not participate in the authentication transaction other than forwarding traffic between the STA and AS. Phase 3: Key Management - The AP and the STA perform several operations that cause cryptographic keys to be generated and placed on the AP and the STA. Frames are exchanged between the AP and STA only. Phase 4: Protected data transfer - Frames are exchanged between the STA and the end station through the AP. As denoted by the shading and the encryption module icon, secure data transfer occurs between the STA and the AP only; security is not provided end-to-end. Phase 5: Connection termination - The AP and STA exchange frames. During this phase,the secure connection is torn down and the connection is restored to the original state.What is the difference between TKIP and CCMP?TKIP - Older, used for WEP, provides message integrity and data confidentiality, uses an algorithm called Michael for message integrity CCMP - Newer, based on AES in CCM mode, assumes that AP and STA have AES hardware. Uses a single key for encryption and decryption.