Wireless Network Security Quiz

Questions and Answers

What is a method used for monitoring network traffic?

Employing a firewall to block all incoming connections

Deploying distributed denial-of-service attacks

Inserting a packet sniffer directly into the data stream

Using a switch with port mirroring (correct)

What is the function of a network tap?

To bypass firewall restrictions for faster access

To encrypt all transmitted data traffic

To prevent unauthorized access to the network

To monitor traffic between two network devices (correct)

Which of the following correctly describes Wi-Fi Protected Access (WPA)?

An obsolete encryption method requiring a static key

A personal security protocol for protecting wireless networks (correct)

An enterprise-level security model for wired networks

A proprietary VPN technology used for internet security

What distinguishes enterprise wireless security from personal wireless security?

Personal security requires less complex authentication methods

What was a key aspect of the initial IEEE 802.11 standard?

Included security controls for protecting wireless transmissions

What organization began developing standards for computer networking in the early 1980s?

Institute of Electrical and Electronics Engineers

Which of the following vulnerabilities is associated with open system authentication?

Lack of authentication

What is the maximum speed that the initial IEEE 802.11 WLAN standard supported?

1-2 million bits per second

Which security model succeeded WEP in wireless networks?

WPA2

Which term refers to the process used to check for errors in data transmission within wireless security?

Cyclic Redundancy Check

Which of the following is NOT a feature of WPA2 security?

Static keys

What is the primary role of a Pseudorandom number generator (PRNG) in wireless security?

Generating keys

What critical aspect of wireless networks does controlling access primarily focus on?

Restricting unauthorized user access

What is a significant drawback of Open System Authentication?

It is susceptible to unauthorized access without user verification.

Which security protocol is known for its weaknesses and has been largely replaced by more secure standards?

WEP

What primary limitation does MAC Address Filtering present?

It can be easily spoofed by attackers.

What feature of WPA2 Personal Security enhances its reliability compared to WEP?

It combines both a passphrase and a stronger encryption technique.

Which statement accurately describes WPA Personal Security?

It improves upon WEP by offering enhanced encryption.

What does IEEE 802.11i specifically enhance compared to earlier wireless security protocols?

It implements a standard framework for security across devices.

What is one of the primary security features of WPA2 in enterprise environments?

It supports individual authentication through a RADIUS server.

Which of the following best describes a major improvement of WPA2 over WPA?

It implements the AES encryption standard.

What is a defining characteristic of a thin access point?

It does not include authentication and encryption functions.

What is one advantage of using wireless VLANs?

They help to segment traffic and increase security.

To enhance security, organizations often set up how many wireless VLANs?

Two, one for employee access and one for guest access.

Which tool is used for auditing the airwaves for rogue access points?

Wireless protocol analyzer

What does a wireless probe do in the context of network security?

It monitors the RF frequency for unauthorized access points.

What is typically included in the management of thin access points?

All management is performed centrally through the wireless switch.

Which type of probe is NOT typically mentioned in rogue access point discovery tools?

Signal repeater probe

What is the primary role of a wireless switch in an enterprise wireless network?

To handle authentication and encryption for access points.

Study Notes

Wireless Network Security

• Wireless security protocols aim to protect wireless LANs (WLANs) from unauthorized access and malicious activity.
• Basic IEEE 802.11 wireless security protects WLANs.
• Vulnerabilities exist in open-system authentication, Wired Equivalent Privacy (WEP), and device authentication.
• WPA and WPA2 personal security models provide enhanced protection compared to older standards.
• Enterprise wireless security often involves different security models than personal use security.

IEEE 802.11 Wireless Security Protections

• The Institute of Electrical and Electronics Engineers (IEEE) created the 802.11 standard for WLAN architecture.
• Early work, Project 802, began in the 1980s.
• The 802.11 WLAN standard operates at speeds of 1 and 2 million bits per second (Mbps).
• IEEE 802.11 revisions include a, b, g, and n.

Controlling Access

• Controlling access to a Wireless Local Area Network (WLAN) limits device access to the access point (AP).
• By restricting access to the AP, only authorized devices connect and join the network.
• The IEEE 802.11 standard does not specify access control methods.
• Media Access Control (MAC) address filtering is a common access control method implemented by most wireless AP vendors.
• MAC address filtering typically permits or denies access based on MAC addresses.

Controlling Access (continued)

• Wired Equivalent Privacy (WEP) aims to protect transmitted data from unauthorized viewing.
• WEP encryption is designed to meet efficiency, exchangeability, and security.
• WEP uses secret keys (minimum 64-bit). Available key options include 64-bit, 128-bit, and passphrase.
• APs and devices can store up to four shared secret keys.
• A default key is designated from the stored keys.

Controlling Access (continued)

• WEP uses an initialization vector (IV) and a secret key to encrypt data.
• The WEP encryption process involves several steps, including XOR operations and a pseudorandom number generator (PRNG).

Controlling Access (continued)

• WLANs cannot limit access by walls or doors.
• Open system authentication relies on matching service set identifiers (SSIDs).
• The easiest way to find the SSID is by not doing anything.
• Exploiting beaconing frames can reveal SSIDs.
• A wireless device can attempt to associate with a network after receiving a beacon frame.
• Issues can arise when the SSID is not broadcasted. Problems can arise with roaming. Devices running Microsoft Windows XP might be particularly vulnerable.
• The SSID can be discovered in various network management frames sent by the AP, even when not explicitly included in beacon frames. Configuration preventing the display of the SSID does not completely solve the problem.
• Wireless security can be improved by using multiple access points.

MAC Address Filtering Weaknesses

• MAC addresses are often exchanged in clear text or unencrypted formats.
• Attackers can observe MAC addresses to join the network.
• Managing many MAC addresses can create challenges for security administrators.
• MAC address filtering does not offer temporary guest access unless the MAC address is manually entered.

WEP

• The WEP protocol uses a 64-bit or 128-bit encryption key.
• An initialization vector (IV) combines with the secret key to encrypt packets.
• Short default key lengths in WEP decrease its security strength.
• Anything that creates easily detectable patterns in cryptography should be avoided.
• WEP's IVs can repeat in a short time frame, making it susceptible to attacks.

WEP (continued)

• Collisions occur when two packets use the same initialization vector (IV) but have different data.
• A keystream attack exploits the repetition of IVs in WEP.
• The attack determines the keystream by analyzing two packets with the same IV.

Personal Wireless Security

• WPA and WPA2 security from the Wi-Fi Alliance have been commonly adopted for personal devices.
• The security measures involved in WPA and WPA2 ensure encryption and authentication.
• WPA consists of two components: preshared key (PSK) and temporal key integrity protocol (TKIP).

WPA Personal Security

• The Wireless Ethernet Compatibility Alliance (WECA), renamed to Wi-Fi Alliance, promotes wireless network technology.
• Wi-Fi Protected Access (WPA) was designed to protect both present and future wireless devices, addressing both authentication and encryption.
• WPA uses PSK authentication.
• When using PSK, a passphrase generates the encryption key.
• The PSK is not used directly for encryption but serves as a seed for mathematically generating the keys.
• WPA uses Temporal Key Integrity Protocol (TKIP).
• TKIP uses a 128-bit key, per-packet keys, and strong security measures.

WPA Personal Security (continued)

• WPA also uses message integrity checks (MICs) in place of WEP's cyclic redundancy checks (CRCs) to prevent data tampering.

WPA2 Personal Security

• Wi-Fi Protected Access 2 (WPA2) was introduced in September 2004.
• WPA2 enhances the security and encryption of data over previous standards.
• WPA2 uses preshared key (PSK) authentication.
• PSK keys are frequently changed.
• The period for changing the keys is known as the rekey interval.
• WPA2 PSK key management is prone to weaknesses like manual key distribution, which lack security. WPA2 PSK keys are weak if not complex.
• A PSK is 64 bits. Passphrases can contain 8-63 characters, but shorter phrases are more vulnerable.
• WPA2 uses AES-CCMP encryption.
• CCMP employs Counter Mode with CBC-MAC; AES is the encryption algorithm.

WPA2 Personal Security (continued)

• The security mechanisms in WPA2 Enterprise ensure high data security.
• Authentication is achieved using IEEE 802.1x, and encryption is handled by AES-CCMP.

Enterprise Wireless Security

• Enterprise wireless security options often involve the IEEE 802.11i standard, or WPA and WPA2 models.
• Thin access point APs do not handle authentication and encryption; the switch handles those activities.
• Wireless LANs (VLANs) can segment network traffic for security.

Enterprise Wireless Security Devices

• Wireless protocol analyzers are used in detecting rogue access points.
• Specialized wireless probes detect rogue access points by monitoring the radio frequencies. Different types of wireless probes, such as access point probes or dedicated probes, are available.
• VLANs improve security by segmenting network traffic into separate virtual networks.

Network Vulnerabilities

• Network vulnerabilities are categorized as either media-based or device-based.
• Media-based vulnerabilities include monitoring network traffic patterns.
• A network tap or port mirroring can capture network traffic for monitoring or troubleshooting.

Description

This quiz covers the key concepts of wireless network security, focusing on protocols designed to protect Wireless LANs (WLANs). It discusses the vulnerabilities in wireless security standards such as WEP, as well as the advancements in WPA and WPA2 models. Test your understanding of IEEE 802.11 standards and access control in WLANs.