1- Wireless WiFi Security Flashcards
Protection of wireless WiFi Security
Enable MAC filtering and encryption
Disable SSID and DHCP
Enable Media Access control (MAC) filtering
It allows access to only selected devices, any other device trying to access the network will be rejected
Enable encryption
Encryption protects data in transit and not data on the devices. The tow types of encryption are WEP and WAP 2.
WAP2 is the strongest encryption standard for wireless connection.
Why disable SSID
SSID makes network visible to all
why DHCP should be disabled
Dynamic Host Configuration Protocol (DHCP) automatically assigns IP addresses to anyone connected to the network. With DHCP disabled, static IP addresses must be used which reduces the
risk of unauthorized access.
Common attack methods to Wireless Network
War driving, war walking, war chalking.
war driving
Hackers drive around to sniff wireless network
Auditor uses the same technique to test wireless security
war walking
Hackers walk around ( hotel, mall, public area) to sniff wireless network
war chalking
War chalking is the drawing of symbols in public places to advertise an open Wi-Fi network. These symbols are subsequently used by others to exploit weak wireless networks
(1)Which of the following should be disabled to increase security of wireless network against
unauthorized access?
A. MAC (Media Access Control) address filtering
B. Encryption
C. WPA-2 (Wi-Fi Protected Access Protocol)
D. SSID (service set identifier) broadcasting
Answer: D. SSID (service set identifier) broadcasting
Explanation:
A Service Set Identifier (SSID) is the network name broadcasted by a router and it is visible for all
wireless devices. When a device searches the area for wireless networks it will detect the SSID.
Disabling SSID broadcasting adds security by making it more difficult for unauthorized users to find
the network. For better security controls, MAC filtering & WPA-2 should be enabled (and not
disabled).
(2)Which of the following technique is more relevant to test wireless (Wi-Fi) security of an organization?
A. WPA-2
B. War dialling
C. War driving
D. Social Engineering
Answer: C. War driving
Explanation:
‘War Driving’ technique is used by hacker for unauthorised access to wireless infrastructure. War
driving is a technique in which wireless equipped computer is used to locate and gain access to
wireless networks. Same is done by driving or walking in and around building. ‘War Driving’ is also
used by auditors to test wireless. WPA-2 is an encryption standard and not a technique to test the
security. War dialling is a technique for gaining access to a computer or a network through the
dialling of defined blocks of telephone numbers.
(3) Which of the following should be a concern to an IS auditor reviewing a wireless network?
A. System hardening of all wireless clients.
B. SSID (service set identifier) broadcasting has been enabled.
C. WPA-2 (Wi-Fi Protected Access Protocol) encryption is enabled.
D. DHCP (Dynamic Host Configuration Protocol) is disabled at all wireless access poin
Answer: B. SSID (Service Set IDentifier) broadcasting has been enabled.
Explanation:
Disabling SSID broadcasting adds security by making it more difficult for unauthorized users to find
the network.
(4)Dynamic Host Configuration Protocol (DHCP)is disabled at all wireless access points. Which of
the following statement is true when DHCP is disabled for wireless networks?
A. increases the risk of unauthorized access to the network.
B. decreases the risk of unauthorized access to the network.
C. automatically provides an IP address to anyone.
D. it disables SSID (Service Set Identifier).
Answer: B. decreases the risk of unauthorized access to the network.
Explanation:
Dynamic Host Configuration Protocol (DHCP) automatically assigns IP addresses to anyone
connected to the network. With DHCP disabled, static IP addresses must be used and hence risk of
unauthorized access can be reduced. Option C is incorrect because DHCP does not provide IP
addresses when disabled. Option D is incorrect because disabling of the DHCP will not
automatically disables SSID.
(5) Best method to ensure confidentiality of the data transmitted in a wireless LAN is to:
A. restrict access to predefined MAC addresses.
B. protect the session by encrypting with use of static keys.
C. protect the session by encrypting with use dynamic keys.
D. initiate the session by encrypted device.
Answer: C. protect the session by encrypting with use dynamic keys.
Explanation:
In any given scenario, confidentiality of the data transmitted in a wireless LAN is BEST protected, if
the session is encrypted using dynamic keys (as compared to static keys). When using dynamic
keys, the encryption key is changed frequently, thus reducing the risk of the key being compromised
and the message being decrypted. Option A & D will not ensure data confidentiality during transit.
Encryption of the data on the connected device addresses the confidentiality of the data on the
device, not the wireless session. When using dynamic keys, the encryption key is changed
frequently, thus reducing the risk of the key being compromised and the message being decrypted.
Limiting the number of devices that can access the network does not address the issue of encrypting
the session.
(6)Usage of wireless infrastructure for use of mobile devices within the organization, increases risk
of which of the following attacks?
A. Port scanning
B. Social Engineering
C. Piggybacking
D. War driving
Answer: D. War driving
Explanation:
‘War Driving’ technique is used by hacker for unauthorised access to wireless infrastructure. War
driving is a technique in which wireless equipped computer is used to locate and gain access to
wireless networks. Same is done by driving or walking in and around building. A war driving attuses a wireless Ethernet card, set in promiscuous mode, and a powerful antenna to penetrate wireless systems from outside.
