1.6 Securing Wireless Networks

Question 1

Created in 1997, the evolving standards that gives us the methods by which we create wireless local area networks.

Answer 1

IEEE802.11

Question 2

Most of the amendments to 802.11 have focused on the following.

Answer 2

Performance, frequency range, speed/bandwidth, and security.

Question 3

The most recent approved 802.11 amendment, incorporated in the standard in 2016. Aggregated bandwidth of 1 Gbps and operates in the 5GHz frequency range. what many people look for today when purchasing new laptops smartphones and access points.

Answer 3

802.11ac

Question 4

Not officially ratified at the moment, this is the next iteration of 802.11 amendments. Initial support suggests the possibility of aggregated bandwidth of 11 Gbps. Also known as the high efficiency amendment.

Answer 4

802.11ax

Question 5

New sets of naming conventions proposed by the Wi-Fi alliance

Answer 5

Wi-Fi generational names

Question 6

Wi-Fi 6 refers to this 802.11 amendment

Answer 6

802.11ax

Question 7

Attackers can use these to be within range of a wireless network from further away.

Answer 7

High Gain amplifiers and antennas

Question 8

802.11 amendment that tries to address some of the security shortcomings.

Answer 8

802.11i

Question 9

This directly translates to the number of possible keys that can be used in cryptographic operations

Answer 9

key length

Question 10

These restrictions limited the key length of WEP to 40 bits

Answer 10

United States export restrictions

Question 11

With the RC4 cipher it is critical that this does not repeat

Answer 11

Keys, keying material

Question 12

This was the security undoing of WEP

Answer 12

Improper key generation. Repeating of the 24 bit initialization vector (IV) that led to potential uncovering of the pre-shared key.

Question 13

Used by some cryptographic implementations to try and add uniqueness to each encryption operation. This becomes part of the encryption key.

Answer 13

Initialization vectors - IVs

Question 14

Keyspace for WEP initialization vectors

Answer 14

2^24

Question 15

A nonprofit organization founded in 1999. goals of the organization were to provide standardization around interoperability, reliability, and the consistency of hardware that leveraged 802.11 technologies.

Answer 15

Wi-Fi alliance

Question 16

This deprecated protocol is an improvement to how the encryption keys for the underlying RC4 stream cipher are generated

Answer 16

TKIP - temporal key integrity protocol

Question 17

These checks help to make packet forgery and replay attacks more difficult

Answer 17

Integrity checks

Question 18

The Wi-Fi alliance will only certify a device for Wi-Fi 6 if the device supports this encryption protocol

Answer 18

WPA3

Question 19

WPA3 will support up to this key length for it’s AES based encryption

Answer 19

192 bit key length

Question 20

Once this is uncovered, an adversary might be able to decrypt any and all of the encrypted communication on the WLAN

Answer 20

Pre-shared key

Question 21

The newer handshake with WPA3 where pre shared keys are only used to authenticate to the network, and no longer to drive session keys for encrypted communication.

Answer 21

Dragonfly

Question 22

What a wireless access point uses to notify clients on changes in communication, such as channel usage.

Answer 22

management frames

Question 23

these devices are managers of the wlan. They are responsible for maintaining which channels to use for communication, handling clients connecting and disconnecting, and enforcing which security mechanisms to use.

Answer 23

Wireless access points

Question 24

A DoS attack where an adversary can impersonate an access point and transmit a spoofed management frame, disconnecting all connected clients.

Answer 24

Spoof of a disassociate request.

Question 25

Included in WPA3, this is designed to provide encryption on open, insecure networks.

Answer 25

OWE - opportunistic wireless encryption

Question 26

Type of attack when an adversary convinces technology to use older protocols or software.

Answer 26

Downgrade attack

Question 27

A type of attack where an adversary leverages peripheral knowledge of a system in order to infer something important about this system.

Answer 27

Side channel attack or timing attack.

Question 28

Attack where an adversary uses computational timing differences to determine information about a system.

Answer 28

Timing attack

Question 29

a situation where an individual, without permission, would bring their own wireless access point to work and connect it to the organization’s wired Network just so they can have their own wireless.

Answer 29

Rogue access point

Question 30

an attack where a fake access point is installed with the same name as the legitimate access point, and clients are tricked into communicating with the fake instead of the real access point.

Answer 30

Evil Twin AP or Masquerading AP

Question 31

This network access control method is an excellent way to mitigate the risk of a rogue AP, by preventing the rogue AP from being granted full access to the internal network.

Answer 31

802.1X

Question 32

This network access control method can restrict access to a network.

Answer 32

802.1X

Question 33

Two best prevention methods for evil twin rogue AP attacks.

Answer 33

Early detection. Certificates for mutual authentication to alert and users they are not connecting to a legitimate AP

Question 34

A way to describe and measure how well devices are able to hear each other.

Answer 34

SNR - signal to noise ratio

Question 35

A network that exists in close physical proximity to our person. Short distance, limited range.

Answer 35

PAN - personal area networks

Question 36

These are the standards for personal area networking

Answer 36

IEEE802.15

Question 37

This group governs the standards for Bluetooth, promoting standardization, interoperability, ease of use, product certification.

Answer 37

Bluetooth SIG - special interest group

Question 38

Chips that are usually soldered onto the motherboard of your device to provide functionality.

Answer 38

SoC - system on chip

Question 39

This technology is a low-cost, low bandwidth, potentially battery powered alternative to Bluetooth.

Answer 39

Zigbee

Question 40

This PAN technology is designed to work within a physical proximity of only one to two inches

Answer 40

NFC - near field communications

Question 41

This PAN technology is most commonly used as a method to uniquely identify an object and potentially to track its location.

Answer 41

RFID

Question 42

These are the biggest advancements in 5G technology

Answer 42

Low latency (< 1ms), high bandwidth (multi Gigabit), and support for large numbers of connected clients (high density).