Wireless Network Security Quiz

Questions and Answers

What is the principal method recommended for preventing unauthorized access to wireless access points?

• Implementing IEEE 802.1X for port-based network access control (correct)
• Changing the router’s pre-set password
• Disabling identifier broadcasting on wireless routers
• Using built-in encryption on wireless routers

Which of the following is NOT generally considered a primary security measure for wireless networks?

• Using antivirus software
• Changing the default identifier on the router
• Implementing physical security controls (correct)
• Turning off identifier broadcasting

What is a security concern related to a mobile device usage with regards to apps?

• Use of cloud-based applications
• Disabling the device's firewall
• Use of applications created by unknown parties (correct)
• Incompatible antivirus software

Before widespread smartphone use how was network security commonly based?

Clearly defined perimeters separating internal and external networks (C)

What is a significant change an organization's network needs to accommodate?

Use of de-perimeterization (C)

What is an essential mobile device security recommendation considering potential device theft?

Assume that mobile devices can be stolen (C)

Which of these settings should be changed from their default?

The router's identifier and password (D)

Which of these is NOT directly related to securing a wireless network?

External business requirements (A)

What is a key characteristic of a man-in-the-middle attack in a wireless network?

The attacker intercepts communication, making both the user and AP believe they are communicating directly. (D)

Which method is primarily used to combat eavesdropping in wireless networks?

Employing encryption with securely managed keys. (D)

What makes network injection attacks possible on wireless APs?

Exposure to unfiltered network traffic. (D)

What is the primary goal of a Denial of Service (DoS) attack on a wireless network?

To consume system resources by flooding the wireless network with messages. (B)

Which of the following is a signal-hiding technique used to secure wireless transmissions?

Using cryptic names for the SSID. (D)

How can the risk of eavesdropping be reduced by access point (AP) placement?

By locating them inside the building, away from windows. (D)

What is the risk associated with identity theft (spoofing) in wireless networks?

An attacker can gain network access using a stolen MAC addresses. (C)

Besides encryption, what is another security measure that helps protect against eavesdropping?

Turning off Service Set Identifier broadcasting. (A)

Which phase in the RSN operation involves the exchange of RAND values?

Pre-Shared Key Authentication (C)

What is the primary purpose of the Discovery Phase in the RSN operation?

Decide on confidentiality, integrity protocols, authentication method and key management approach. (D)

In the context of 802.11i security, what does 'MPDU integrity' refer to?

The protocol protecting message alteration during transmission (D)

Which of the following is NOT a specified phase of operation within an RSN?

Data Encryption (A)

Which security protocol is NOT listed as an option for confidentiality and MPDU integrity in the discovery phase?

WPA3 (D)

What is the main function of the Association Request in an Open System Authentication?

To indicate the SSID of the desired network. (D)

In a Pre-Shared Key authentication, what is the purpose of the 'Authentication (SessionKey)' message?

To share the newly generated session key with the Access Point (AP). (D)

What information is included in a 'Reassociation Request' in an open system?

The original AP MAC address. (A)

What is the primary function of the Group Master Key (GMK)?

To serve as an input in deriving the Group Temporal Key (GTK). (D)

According to IEEE 802.11i, what is a critical security requirement for the Group Master Key(GMK)?

Its value must be computationally indistinguishable from random. (D)

How is the Group Temporal Key (GTK) distributed in a secure manner?

It is distributed securely using the pairwise keys that are already established. (D)

Under what circumstances is the Group Temporal Key (GTK) changed?

Every time a device leaves the network. (A)

What is the purpose of the nonces exchanged in messages 1 and 2 during pairwise key distribution?

To provide input for each party to independently generate the PTK. (B)

What is the primary purpose of controlled ports in the context of IEEE 802.1X?

To permit PDU exchange between a supplicant and other LAN systems only when the supplicant is authorized. (B)

What is the primary function of uncontrolled ports in IEEE 802.1X?

To allow the exchange of PDUs between a supplicant and the AS, irrespective of the supplicant's authentication status. (D)

During the discovery phase of the station joining a network, what is the purpose of the 'Open System Authentication' request and response?

To conduct a preliminary check before the actual authentication. (C)

What is the role of the Access Point (AP) upon receiving an 'Association Request' from a station?

To send back to the station association response which contains security parameters related to the association. (D)

What happens immediately after the station sets the selected security parameters according to the association response in 802.1X?

The controlled port is blocked waiting for further authentication. (A)

Which part of the IEEE 802.1X exchange involves communication between the Supplicant, Access Point and Authentication Server using Extensible Authentication Protocol (EAP)?

EAP Request/Response and Access Challenges for authentication. (D)

What is the role of RADIUS in the IEEE 802.1X process described?

It acts as an intermediary for exchanging authentication and authorization (D)

What is a Pairwise Transient Key (PTK)?

A unique key derived from the master key after the 4 way handshake (D)

What is the purpose of TKIP?

A method to derive bits for the Pairwise Transient Key (PTK) (A)

What is the function of the 4-way handshake in the context of wireless security?

To generate a unique session key (PTK) between a station and an access point for encrypting data. (B)

What is the primary function of the EAPOL-key (MIC) message in the described context?

To acknowledge the successful installation of the GTK by the AP. (D)

Which of the following best characterizes the Temporal Key Integrity Protocol (TKIP)?

It is designed for use with WEP, requiring minimal software changes. (D)

What mechanism does TKIP employ to ensure message integrity?

Using Message Integrity Code (MIC) added to the MAC frame after the data. (D)

What is the main characteristic of Counter Mode-CBC MAC Protocol (CCMP) regarding its use?

Intended for newer devices equipped to support it through specific hardware. (D)

What is the primary encryption method used by TKIP to achieve data confidentiality?

RC4 encryption of the MPDU/MIC. (C)

What is the method used by Counter Mode-CBC MAC Protocol (CCMP) for data confidentiality?

CTR block cipher mode with AES (C)

Which of the following represents the function of the pseudorandom function in the IEEE 802.11i scheme?

To generate nonces, expand pairwise keys and generate GTK (C)

Which cryptographic hash function is used by the pseudorandom function to generate a pseudorandom bit stream?

HMAC-SHA-1 (D)

Flashcards

RSN Phases of Operation

The five phases in the IEEE 802.11i protocol for securing wireless networks.

Discovery Phase

The phase where STA and AP agree on security protocols and authentication methods.

Confidentiality Protocols

Protocols ensuring data confidentiality in wireless communications (WEP, TKIP, CCMP).

Authentication Method

Process that verifies the identity of users connecting to a network (e.g., pre-shared key, IEEE 802.1X).

Open System Authentication

A type of authentication that does not require the client to prove its identity before joining a network.

Association Request

A request from a client to connect to an Access Point (AP) using SSID.

Pre-Shared Key Authentication

An authentication process where a shared key is used for identity verification before access.

Reassociation Request

Request to switch from one AP to another while maintaining the same connection.

Identity theft (spoofing)

An attack where a perpetrator impersonates a user to gain access.

Denial of Service (DoS)

An attack that overwhelms a network resource, making it unavailable.

Man-in-the-middle attacks

An attacker secretly relays and possibly alters communication between two parties.

Network injection

An attack that sends malicious packets to a network to manipulate it.

Eavesdropping

Unauthorized listening to network traffic, often to steal information.

Signal-hiding techniques

Methods used to prevent unauthorized access to wireless signals.

Encryption

A method of converting information into a code to prevent unauthorized access.

Service Set Identifier (SSID) broadcasting

The visibility of a wireless network's name to users and devices.

Wireless Access Points (APs)

Devices that allow wireless devices to connect to a wired network.

IEEE 802.1X

A standard for port-based network access control to secure wireless networks.

Prevent Unauthorized Access

Measures taken to stop unauthorized devices from accessing the network.

Encryption at Routers

A security measure that protects data transmitted over wireless networks.

Change Default Router Settings

Modifying factory-set identifiers and passwords on routers for security.

De-perimeterization

The concept of security in a borderless network due to mobile and cloud technologies.

Security Threats for Mobile Devices

Risks faced by mobile devices, including theft and unverified applications.

Allow Specific Access

Configuring routers to permit only certain devices to connect to a wireless network.

Group Master Key (GMK)

A key in IEEE 802.11i that is indistinguishable from random and securely distributed.

GTK (Group Temporal Key)

A key derived from the Group Master Key for secure communication in wireless networks.

Key-generating key

A key used with other inputs to derive the GTK in IEEE 802.11i.

EAPOL-Key

A message type in the IEEE 802.11i standard used during pairwise key distribution.

Nonce

A random number used once in communication to ensure unique key generation.

Controlled Ports

Ports that allow communication based on a supplicant's authentication state.

Uncontrolled Ports

Ports that allow communication regardless of the authentication state.

Supplicant

A device or client requesting access to the network.

Extensible Authentication Protocol (EAP)

An authentication framework used in network access authentication.

Probe Request

A message sent by a station to discover available access points.

RADIUS

Remote Authentication Dial-In User Service, used for network access authentication.

PTK (Pairwise Transient Key)

A temporary key generated during the 4-way handshake for encrypting data.

4-Way Handshake

A process used in WLAN security to establish a secure connection.

Access Challenge

A step in the EAP process where the server challenges the supplicant during authentication.

EAPOL-key (MIC)

A message used to acknowledge and confirm the integrity of the key exchange.

Temporal Key Integrity Protocol

A protocol allowing security on WLANs that requires only software updates.

Periodic Rekeying

The process of changing encryption keys after a certain number of frames.

Message Integrity Code

A code added to ensure the integrity of a MAC frame after data transmission.

Counter Mode-CBC MAC Protocol

A protocol designed for more secure key management in newer devices.

Pseudorandom Function

A function used to generate nonces, expand keys, and create GTK in IEEE 802.11i.

HMAC-SHA-1

A specific hashing mechanism used to generate a pseudorandom bit stream.

Study Notes

Wireless Networks Security

• This presentation covers various aspects of wireless network security.
• The content spans wireless security, mobile device security, IEEE 802.11 wireless LAN security, and wireless network components.

Key Factors

• Channel: Wireless communication is vulnerable to eavesdropping and jamming, and active attacks.
• Mobility: Portability creates risks, as devices can be left unattended, which makes them vulnerable to physical attacks.
• Resources: Limited computing resources reduce the ability to defend against denial-of-service attacks.

Wireless Networking Components

• Endpoint: Devices like laptops, etc.
• Wireless Medium: The airwaves used for wireless communication.
• Access Point (AP): A central point for wireless network communication.

Wireless Network Threats

• Accidental Association: Users might connect to the wrong wireless network due to overlapping signal ranges.
• Malicious Association: Attackers may create fake access points to steal passwords and gain access to the network.
• Ad Hoc Networks: Peer-to-peer networks with no central control, posing security risks.
• Nontraditional networks: Devices such as Bluetooth devices, barcode readers, introduce security risks like eavesdropping and spoofing.

Wireless Network Threats

• Identity Theft: Attackers eavesdropping and obtaining network credentials.
• Man-in-the-Middle Attacks: Interception of communications to steal or manipulate data.
• Denial-of-Service Attacks: Flooding a network with requests to prevent legitimate users from accessing it.
• Network Injection: Attackers injecting malicious code to compromise network resources.

Securing Wireless Transmissions

• Countermeasures: Signal hiding, reducing signal strength for better coverage, and encryption to secure data transmission.
• Wireless transmission principle threats: Eavesdropping, alteration of messages, disruption.

Securing Wireless Access Points

• Main threat: Unauthorized network access.
• Principal approach: IEEE 802.1X for port-based network access control, also to prevent rogue APs.

Securing Wireless Networks

• Use: Encryption with built-in features, antivirus software, anti-spyware, and firewall software.
• Change: Update router identifiers, default passwords.
• Allow: Specific computers to access a wireless network.

Organizational Requirements of Mobile Devices

• Critical for overall network infrastructure.
• Security was based on defined perimeters separating trusted internal networks from untrusted Internet networks previously.
• Due to massive changes such as a large number of devices, cloud-based applications, de-perimeterization, and external business requirements, accommodating modern network infrastructure is needed.

Mobile Device Security Threats

• Lack of Physical Security: Mobile devices can be stolen.
• Device Untrustworthiness: All devices aren't reliable.
• Untrusted Networks: Potential security risks on unreliable networks.
• Application Usage: Risks from untrusted application usage.
• Interaction with Other Systems: Security issues from mobile device interactions with other systems.

Mobile Device Strategy

• Traffic Encryption: Using SSL or IPsec VPN tunnels.
• Mobile Device Configuration: Security mechanisms to comply with organization policy.
• Application/Database Server: Providing secure application access.
• Firewall: Limiting data and application access to ensure network security.
• Authentication/Access Control Server: Verifying and restricting access to authorized devices and users.
• Authentication and Access Control: Using protocols for verification and access levels.

Categories of Principal Mobile Device Security Elements

• Device Security: Practices like auto-lock, password protection for passwords, software updates, antivirus, and firewall protection.
• Client/Server Traffic Security: Encrypting traffic with protocols like SSL and VPNs.
• Barrier Security: Employing firewalls and intrusion detection systems.

IEEE 802.11 Wireless LAN

• Terminology: Definitions and explanation of terms like access point (AP), basic service set (BSS), coordination function, distribution system (DS), extended service set (ESS), MAC protocol data unit (MPDU), MAC service data unit (MSDU), and station.
• Protocol Stack: Describes the layers of the protocol stack for wireless networks.
• MPDU Format: Illustrates the structure of a MAC Protocol Data Unit (MPDU), showing MAC control, destination and source MAC addresses and a CRC.

IEEE 802.11 Wireless LAN Services

• Services: Explains the different services provided by IEEE 802.11 such as Association, Authentication and Deauthentication.
• Transition Types: Describes no-transition and transition between BSSs and ESS.

IEEE 802.11i Wireless LAN Security

• Standards: Discussion of the security standards for 802.11i, including Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and WPA2.
• Network Security: Robust Security Network, protocol stack overview.
• Wireless LAN Security: Details on how to secure a wireless network and threats.
• Wireless LAN Security - Standards: WPA and WPA2 secure implementations.
• Wireless LAN Security Protocol Stack: General protocol stack description.
• Wireless LAN Security - Services overview: Explains different network service function.
• Wireless LAN Security - Algorithms: Details of the algorithms.
• Wireless LAN Security - Phases of Operation: Details on Phases: Discovery, Authentication, Key Management, Data transfer and connection termination.
• Wireless LAN Security - Discovery phase: Discussion of confidentiality and authentication methods for discovery.
• Wireless LAN Security - Authentication (Open System Authentication): Explanation of the open system authentication process, showcasing an initial interaction.
• Wireless LAN Security Access Control Detail on IEEE 802.1X access control
• Wireless LAN Security - Key Management: Discusses cryptographic key exchange procedures, and different types of keys (group master key, pairwise master key, pairwise transient key).
• Wireless LAN Security - Protected Data Transfer: The temporal key integrity protocol and counter mode CBC MAC protocol.
• Wireless LAN Security - Pseudorandom function: Use of HMAC–SHA–1 for pseudorandom bit stream generation.