Chapter 11 - 04 - Discuss and Implement Wireless Network Security Measures - 02_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Placement of a Wireless AP QO Guidelines for AP mounting: ¥" Place APs in central locations v" Install an AP on the ceiling v" Avoid placing APs too high on ceilings v" Avoid mounting an AP on a wall as it may restricts its 360° coverage v Avoid installing APs in corridors v' Avoid installing APs above suspended ceilings v Use locks and a plastic sarel enclosure to secure the AP from theft v Avoid enclosing the AP in a metal cage v Keep the AP away from metal objects [.. e Copyright © by Placement EC AL All Rights Reserved. Reproduction is Strictly Prohibited. of a Wireless AP Choosing an appropriate location for an AP is very important as it plays a vital role in achieving a high network performance, coverage, and speed. Many organizations have their APs placed across their interior spaces. Every AP requires installation at a specific location and angle since their installation at random locations will restrict the network performance. In addition, the coverage area needs to be planned wisely. Overlap is good. Care must be taken to not create dead-zones. Module 11 Page 1459 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Corridor Deployment Recommended AP Not Recommended * AP AP*® * AP * AP ¢ AP. AP ® Device - * AP * AP = Device [ AP AP * AP * AP AP APsl AP APs = Device e b Ape) apo CAP ®AP SAP eAP eAP ®Davice eap (B a Figure 11.14: Placement of wireless AP The following guidelines help in choosing the appropriate locations for APs and to achieve maximum coverage, performance, and speed: = Place APs in central locations = |Install an AP on the ceiling = Avoid placing APs too high on ceilings = Avoid mounting an AP on a wall as it may restricts its 360° coverage = Avoid installing APs in corridors = Avoid installing APs above suspended ceilings = Use locks and a plastic sarel enclosure to secure the AP from theft = Avoid enclosing the AP in a metal cage = Keep the AP away from metal objects Module 11 Page 1460 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Placement Antenna Q Exam 212-82 of a Wireless el Guidelines for antenna placement: v ; Use the trial-and-error method to select an appropriate location and direction v’ Place the AP antenna in a perpendicular direct ion v Avoid keeping the antenna at an angle of 45° v' Point the antenna gain towards users v" Know the antenna radiation patterns v" Do not place obstructions or objects that interfe re with the function of the antenna \ i Q \ / \ e et Motal Filing i } v’ The use of external antennas as integrated antenn as has a limitation d T Dead $pot Sosd i Dead Spot kit Copyright © by Placement of a Wireless Antenna L All Rights Reserved. Reproductionis Strictly Prohibited. Placement of an antenna depends on the type, angle, and location of the AP, and the coverage required. Guidelines for the Placement of a Wireless Ante nna * Use the trial-and-error method to select an appropriate location and direction. * Place the AP antennain a perpendicular direc tion. * Avoid keeping the antenna at an angle of 45° * Point the antenna gain towards users * Know the antenna radiation patterns * Do not place obstructions or objects that inter fere with the function of the antenna The use of external antennas as integrated ante nnas has a limitation * * * Tilt the antennas downwards when installed on the ceiling Use omnidirectional antennas pointing downward s for attenuating the signals traveling up to the AP * * Avoid using simple dipole antennas as an optimal solution Usesingle frequency antenna elements rathe r than dual tuned elements Module 11 Page 1461 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohib ited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Figure 11.15: Placement of a wireless antenna Module 11 Page 1462 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. & \M\) B Certified Cybersecurity Technician Wireless Network Security @ Exam 212-82 Disable SSID Broadcasting If the SSID is broadcast, announce its presence everyone to attempt to. connect to the wireless the AP will and name, allowing authenticate and network The SSID broadcast should be disabled.In this scenario, an AP will only broadcast its presence, but not its name This discourages unauthorized association requests to the network and permits connections from legitimate users to the wireless network who have the correct SSID LINKSYS' ACwinio of Cnco Syaterns, ive. Femame veran o4 300 S T —— Wireless I WesewNewathame S I.‘-'mfl}?tll:afln /RTSIG,8 s RS — I Reset Security [Sore Seoms ] ot s | Disable SSID Broadcasting A wireless network SSID can either be broadcast or hidden. By broadcasting the SSID, anyone can find and access it. If the SSID is hidden, the user has to know the exact SSID in order to connect to the wireless network. Security professionals should always disable SSID broadcasting on their devices. = SSID Broadcast in the Enabled State By enabling the SSID broadcast, the wireless router will broadcast its presence and name. When scanning for available wireless connections, if the SSID is broadcast, the name and presence of the network will be identified. It may be locked with a password, but anyone will be able to see it. = SSID Broadcast in the Disabled State If the SSID broadcast is disabled, then the wireless router will broadcast its presence, but will not display the name. Instead “unnamed network” will be displayed as a connection present within a user’s range. The user can connect to the wireless network after naming it and providing it with the correct authentication credentials. Module 11 Page 1463 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Firmware Version: v8.00.0 Wireless-G Broadband Router Wireless Setup Access Wireless Basic Wireless Seftings Restrictions Applications & Gaming Administration WRT54G Status | |Mixed Wireless Network Name (SSID): \WRT54Gv8 Wireless Channel: Wireless SSID Broadcast: '6-2437GHz Enable Wireless Network Mode: If you wish to exclude Wireless-G cients, choose B-Only Mode. If v | Wireless Network Mode: you would like fo disable wireless access, choose Disable v i i? Disable Status : SES Inactive Reset Security | Cancel Changes Cisco SysTems Figure 11.16: Disabling SSID broadcasting Module 11 Page 1464 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.