Chapter 11 - 04 - Discuss and Implement Wireless Network Security Measures - 02_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

Placement of a Wireless AP

QO Guidelines for AP mounting:
¥" Place APs in central locations

v" Install an AP on the ceiling
v" Avoid placing APs too high on ceilings
v" Avoid mounting an AP on a wall as it may restricts its
360° coverage

v Avoid installing APs in corridors
v' Avoid installing APs above suspended ceilings

v Use locks and a plastic sarel enclosure to secure the
AP from theft

v Avoid enclosing
the AP in a metal cage [.. e

v Keep the AP away from metal objects

Copyright © by EC AL All Rights Reserved. Reproduction
is Strictly Prohibited.

Placement of a Wireless AP

Choosing an appropriate location for an AP is very important as it plays a vital role in achieving
a high network performance, coverage, and speed. Many organizations have their APs placed
across their interior spaces. Every AP requires installation at a specific location and angle since
their installation at random locations will restrict the network performance. In addition, the
coverage area needs to be planned wisely. Overlap is good. Care must be taken to not create
dead-zones.

Module 11 Page 1459 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

Corridor Deployment

Recommended Not Recommended
AP * AP AP*®

* AP * AP
* AP *¢ AP. AP * AP * AP
=® Device = Device

[ AP
AP * AP APsl
APl

AP AP AP
«AP APs Ape)
®= Device CAP ®AP SAP eAP eAP eap B(B
- e
= b apo ®®Davice
Davice a

Figure 11.14: Placement of wireless AP

The following guidelines help in choosing the appropriate locations for APs and to achieve
maximum coverage, performance, and speed:
= Place APs in central locations
= |Install an AP on the ceiling
= Avoid placing APs too high on ceilings
= Avoid mounting an AP on a wall as it may restricts its 360° coverage
= Avoid installing APs in corridors
= Avoid installing APs above suspended ceilings
= Use locks and a plastic sarel enclosure to secure the AP from theft
= Avoid enclosing the AP in a metal cage
= Keep the AP away from metal objects

Module 11 Page 1460 EG-Council
Certified Cybersecurity Technician Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
 Certified Cybersecurity Technician
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security Exam 212-82
Wireless Network Security

Placement ofof a aWireless
Placement Wireless
Antenna
Antenna
= ]
\ |
| \
/ el
é 1 -
*F% \
Q Guidelines for antenna placement:
Q Guidelines for antenna placement: ] ; \ \ \\ / / \
v Use the trial-and-error method to select an
v" Use the trial-and-error appropriate location
method to select an appropriate location and
and -i s
direction e
direction QQ *"v'\’
et
v’ Place the AP antenna in a perpendicular direct Metal
MotalFiling
Filing
v" Place the AP antenna in a perpendicular direction
ion ei
v Avoid keepin the antenna at an angle of
}} d DesdDead Spot$pot
v" Avoid keeping g the 45°
antenna at an angle of 45° =
v' Point the antenna gain towards users
v' Point the antenna gain towards users
v" Know the antenn radiation patterns
v' Know the antennaa radiation patterns TT i
Sosd i
v" Do not place obstructions or objects that interfe
v" Do not place obstructions or objects that interferere with
with the
the function
function
of the antenna
of the antenna Dead
Dead Spot
Spot
v’ The use of external antennas as integrated antenn
v The as has
use of external antennas as integrated antennas has a a limitation
limitation b
kit

Copyright © by L L AlAll Rights Reserved. Reproductionis Strictly Prohibited.
Rights Reserved. Reproductionis Strictly Prohibited.

Placement of
Placement of aa Wireless
Wireless Antenna
Antenna
Placemen of an antenna depends on the type,
Placementt of an antenna depends angle, and location
angle, location of the AP,
AP, and
and the
the coverage
coverage required.
required.
Guidelines
Guidelines for the
for the Placement
Placement of a Wireless
Wireless Antenna
Antenna
*= Use
Use the
the trial -and-error meth
trial-and-error od to selec
method selectt an appr
appropriate location and direc
direction.
opriate locat ion and tion.
*= Place the AP ante
Place the AP antenna nnainin a perp endicular direc
perpendicular direction.
tion.
*= Avoi
Avoidd keeping the
keeping the ante nna atat an angle of 45°
antenna
*= Point
Point the
the ante nna gain
antenna gain towa rds users
towards users
*= Know
Know the
the ante nna radia
antenna tion patt
radiation erns
patterns
** Do
Do not
not place
place obst ructions oror objec
obstructions ts that
objects that inter
interfere with the
the func
function
fere with tion ofof the
the ante
antenna
nna
** The use of exter nal ante
The use of external nnas asas inte
antennas grated ante
integrated antennas has a a limit
limitation
nnas has ation
** Tilt
Tilt the
the antennas down
antennas wards when
downwards when insta
installed
lled onon the
the ceili
ceiling
ng
** Use
Use omni directional ante
omnidirectional nnas point
antennas ing down
pointing downwards for atte
attenuating the signa
signals traveling
wards for nuating the ls trave ling
up to the AP
up to the AP
*
= Avoid
Avoid using
using simple dipol
simple e ante
dipole nnas asas anan optim
antennas optimal solution
al solut ion
* = Uses
Use ingl e freq
single uency ante
frequency nna elem
antenna ents rathe
elements rather than dual
dual tune
tuned elements
r than d elements

Module 11 Page 1461
Module 11 Page 1461 Certified
Certified Cybers Cybersecurity Technician
ecurity Techni Copyright © by EG-Council
cian Copyri ght © by EG-Council
All AllRights
RightsReserv
Reserved. Reproduction
ed. Reprod is Strictly Prohibited.
uction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

Figure 11.15: Placement of a wireless antenna

Module 11 Page 1462 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

l Disable SSID Broadcasting
° °

B *
| IfIf the
the SSID
SSID isis broadcast,
broadcast, the AP
the AP will
will
] announce its presence and name, allowing m
LINKSYS'
\M\)

ACwinio of Cnco Syaterns, ive. Femame veran o4 300
é everyone to attempt to authenticate and S
&

B. S
Wirsless T
G Broadband Router ——
WHTMG
H connect to the wireless network Wi
- Wireless
ireless

i
H
! @ The SSID
The SSID broadcast
broadcast should
should bebe disabled.
disabled.InIn I
——— [
i this scenario, an AP will only broadcast its WesewNewathame
WesewNewakhame /RTSIG,8
’: presence, but not its name S
o,
I.‘-'mfl}?tll:afln
s
RS —
I.-vm‘“cn.aun Crabie * Oisabie II

1
i
- This discourages unauthorized association oo v
Reset Security
E requests to the network and permits
¢ connections from legitimate users to the
! wireless network who have the correct SSID
:
[Sore
m’ Seoms ] _Cnulcrungn
ot s |
I

Disable SSID Broadcasting
A wireless network SSID can either be broadcast or hidden. By broadcasting the SSID, anyone
can find and access it. If the SSID is hidden, the user has to know the exact SSID in order to
connect to the wireless network. Security professionals should always disable SSID broadcasting
on their devices.
= SSID Broadcast in the Enabled State

By enabling the SSID broadcast, the wireless router will broadcast its presence and
name. When scanning for available wireless connections, if the SSID is broadcast, the
name and presence of the network will be identified. It may be locked with a password,
but anyone will be able to see it.
= SSID Broadcast in the Disabled State

If the SSID broadcast is disabled, then the wireless router will broadcast its presence,
but will not display the name. Instead “unnamed network” will be displayed as a
connection present within a user’s range. The user can connect to the wireless network
after naming it and providing it with the correct authentication credentials.

Module 11 Page 1463 Certified Cybersecurity Technician Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

LINKSYS®
A Division of Cisco Systems, Inc. Firmware Version: v8.00.0

Wireless-G Broadband Router WRT54G

Wireless
Wil’eleSS. Access Applications
Status
Setup Wireless
Restrict ions
Restrictions Gaming
&& Gaming Administration
Administration Status

Basic Wireless Seftings |

Wireless Network
Wireless Network Mode: If you
Wireless
Wireless Netviork
Network Mode: |Mixed v | wish
e to exclude
e b Wireless-G it
Mode:
cients, choose B-Only"'Mode. If
Wireless Network Name
\WRT54Gv8
you like fofo disable wireless
would like
you would wireless
(SSID):
(SSID): |WRT54Gv8 ,
access, choose
choose Disable.
Disable
Wireless Channet
Wireless Channel: (6-2437GHz
'6-2437GHz v ie
Wireless SSID Broadcast: Enable
Enable '*®
i? Disable
Disable

Status : SES Inactive

Reset Security |

CiscoSysTems
Cisco SysTems

Cancel Changes
Figure 11.16: Disabling SSID broadcasting

Module 11 Page 1464 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.