Get ahead with a $300 test prep scholarship
| Enter to win by Tuesday 9/24
Chapter 9 ( Wireless Networking and Security)
Terms in this set (59)
What are two types of wireless networks?
Ad-hoc mode and Infrastructure mode
What is the advantage of ad-hoc?
You dont need to purchase the access point.
What is the advantage of infrastructure mode?
You can use the wireless access point to control who can conect to the wireless network and to filter out types of network traffic.
What is the institute of electricla and electronics engineers?
It's a committee that has developed wireless standards in the 802 project models for wireless networking.
What is wireless defined by?
The 802.11 project model and has several standards defined.
What are the 4 wireless standards
802.11a, 802.11b, 802.11g, 802.11N
What is the transfer rate and frequeny band for 802.11a?
What is the transfer rate and frequency band for 802.11b?
Transfer rate: 11 Mbps
Frequency band: 2.4ghz
What is the transfer rate and frequency band for 802.11g?
transfer rate: 54-Mbps
Frequency band: 2.4Ghz
What is the transfer rate and frequency band for 802.11n?
transfer rate: 600 Mbps
frequency band: 2.4Ghz or 5.0Ghz
What is a channel?
Each frequency in the range.
What can you do if you have wireless devices conflicting with each other?
Change the channel for the wireless radio.
What are omnidirectional antennas?
can send and receive signals in any direction.
What is a benefit of using omnidirectional antennas?
It can communicate with devices in any direction.
What is the disadvantage of omnidirectional antennas?
it is using all the power to cover multiple directions, so the distance it can reach is lower than with directional.
What are the three authentication protocols?
WEP - Wired Equivalent Privacy
WPA- WIFI protected access
WPA 2- WIFI protected access 2
Why was WEP designed?
to add security to wireless networks by requiring anyone who wishes to connect to the wireless network to inpput a wireless key.
What is a wireless key?
A value configured on the wireless access point that needs to be inputted by anyone wishing to connect.
What is WEP?
WEP is a wireless encryption protocol that uses RC4 as the symmetric encryption algorithm using 64 bit or 128 bit encryption.
What is the initialization vector for WEP?
24-bit initialization vector key
Why is WEP not used anymore?
It's not used because WEP had huge flaws in its implementation of encryption and key usage.
What does WAP stand for?
Wi-Fi Protected Access
Why was WAP designed?
To improve upon security and to fix some of the flas found in WEP.
What key(s) does WPA use?
A 128-bit key and Temporal key integrity protocol (TKIP)
What is TKIP?
A protocol used to change the encryption keys for every packet that is sent.
What are the benefits of using WPA compared to WEP?
- 128 bit key
- Temporal Key Integrity Protocol (TKIP)
- Improved integrity checking
- Extensible Authentication Protocol
What is Extensible Authentication protocol?
A very secure authentication protocol that supports a number of authentication methods such as Kerberos, token cards, certificates, and smart cards.
Where are EAP messages encapsulated?
What are the different EAP protocols?
Lightweight extensible authentication protocol (LEAP) and Protected Extensible Authentication protocol (PEAP)
What is Leap?
Cisco's proprietary EAP solution that cisco created before the IEEE created 802.1x.
What is PEAP?
Used to encapsulate EAP messages over a secure tunnel that uses TLS. The purpose of this protocol is that EAP assumed the packets are sent over a secure network; with PEAP, TLS is used to create a secure tunnel between two points.
What are the two modes for WPA?
What is WPA Personal?
WPA Personal, which is also known as WPA-PSK, is used to configure the access point with a starting key value, known as the preshared key, which is then used to encrypt the traffic. This mode is mostly used by home users and small business.
What is WPA Enterprise?
WPA Enterprise, also known as WPA-802.1x, is a WPA implementation that uses a ventral authentication server such as a radius server for authentication and auditing features. This mode is typically used by larger companies so they can use their existing authentication server to control for NAC.
What is WPA2?
WiFI Protected access 2 which improves upon the security of WPA and should be used instead of WPA if you have the choice. WPA2 uses counter mode with cipher block chaining message authentication code protocol ( CCMP or CCM mode protocol) for data privacy, integrity, and authentication on a WPA 2 wireless network. WPA2 uses CCMP with AES protocol for encryption of wireless traffic instead of TKIP.
What are the benefits of WPA2 compared to WPA?
- Uses CCMP with AES encryption.
- Supports features such as adde protection for ad-hoc networks and Key caching.
- It supports 128-bit,192-bit, and 256-bit.
What are some security best practices when configuring a wireless network?
- Change Admin Password
- Service Set Idenitifier (SSID)
- MAC address filtering
- Antenna Placement and Power Levels
- Captive Portal
- Encrypt Wireless traffic
- VPN solutions
Why change admin password when configuring a wireless network?
To secure the router with a custom admin password rather than using the default one.
What is Service Set Identifier (SSID)?
A name that you give the wireless network, and in order for someone to connect to your wireless network, that person needs to know the SSID.
What should you do with the service set identifier when configuring a wireless network?
Turn off SSID broadcasting.
Why should you implement MAC address filtering?
You can limit systems that can connect to your wireless network by finding out the MAC addresses of the systems you want to allow to connect and then configuring the router to deny traffic from all systems except the MAC addresses you input.
Why should you adjust Antenna placement and power levels when configuring a wireless network?
It will minimize the exposure of the wireless network outside the premises.
What should you implement Captive Portal?
This will force a user to authenticate to the network via a Web page before internet access is allowed.
Why should you implement a VPN solution for wireless networks?
It will allow to minimize users who are not authorized to use the network because the user will have to connect using the VPN software before establishing a connection to the organization network.
What are the vulnerabilities with wireless networks?
- Data emanation
- Jamming/ interference
- Packet Sniffing
- War Driving
- SSID Broadcasting
- WPS and Replay Attacks
-Rogue Access points
- Weak encryption and IV attacks
What is a WPS attack?
It's an attack where a hacker runs a brute force attack on the WPS PIN.
What is WPS?
wireless security feature introduced a number of years ago that allowed a user to enter a PIN ( Found on the back of the wireless router) to connect to the wireless network. After the PIN is used, the SSID and WPA2 encryption key is automatically configured.
What are two bluetooth vulnerabilities?
Bluejacking and Bluesnarfing
What is a Rogue access point?
When a device is connected to the network to be used as an access point to for the network. Also, this is a serious vulnerability for the organizations network.
What is a Evil Twin?
When there is a device portraying to be a wireless connection and having client's connect to that device. Also, this is a serious vulnerability for the organizations network.
How can you prevent Evil twin attacks?
Use a VPN solution for all wireless clients connecting to corporate systems.
Out of the three wireless encryption methods, list them in order from strongest to weakest?
WPA2, WPA, and WEP.
Why is it important to perform a wireless site survey?
TO identify any rogue devices on the network
What are the wireless standards?
- Near Field Communication
What is infrared?
the type of wireless communication that is used by TV remote conrols and some computer peripherals.
What is Bluetooth?
A radio frequency wireless technology that allows systems to connect to peripherals over a distance of up to 10 meters away.
How do you secure a bluetooth enabled device?
Disable bluetooth - If youa re not using the bluetooth feature on your phone, then disable it through phones menu system.
Phone visibility - If you are using bluetooth, then set the phones visibility setting to invisible so that hackers cannot detect your phone with a bluetooth scanner.
Pair Security - Ensure you are using a bluetooth phone that uses pair security, which allows people to connect to your phone only if they know the pin you have set on the phone.
What is NFC?
A smart phone standard that allows you to being the mobile devices within inches of one another to transfer information.