3 Flashcards
What are some best practices for securing your home network?
Change default wireless administrator passwords, use proper encryption (e.g., WPA or WPA2), consider hiding SSID, utilize MAC address filtering, and configure firewall settings.
What is a Wi-Fi pineapple and how is it used?
A Wi-Fi pineapple is a network security tool that can also act as a rogue access point for conducting man-in-the-middle attacks. It can broadcast a fake SSID to intercept wireless traffic from connected devices.
How can you access DHCP logs to identify connected devices?
DHCP logs on routers provide information about devices that connect to the network. However, these logs are perishable. Investigators may also review event logs on suspects’ computers for DHCP-related activities.
What is the significance of the default IP address 192.168.1.1?
It is the default IP address of many routers, allowing users to access router settings and view connected devices by entering it into a web browser.
What are some methods for accessing router settings?
Users can access router settings by entering the default IP address (e.g., 192.168.1.1) into a web browser or by connecting a computer directly to the router via an Ethernet cable and accessing the settings through a browser.
What is DHCP, and how does it function in network configuration?
DHCP (Dynamic Host Configuration Protocol) dynamically assigns IP addresses and other network configuration parameters to devices on a network, such as computers, tablets, and smartphones, automatically managing IP addresses within a network.
What information can be found in Windows event logs related to network activity?
Windows event logs contain information about network-related events, including DHCP events, which can be accessed using Event Viewer. These logs provide details such as event IDs, source files, dates, and other relevant data for network investigation.
What role does encryption play in wireless security?
Encryption protocols such as WPA, WPA2, and WPA3 are essential for securing wireless networks by encrypting data transmitted between devices and routers, protecting against unauthorized access and interception of sensitive information.
How do rogue access points pose a security risk?
Rogue access points can be set up by hackers or internal employees to intercept wireless traffic, potentially exposing sensitive data. They can mimic legitimate networks, tricking users into connecting to them and compromising network security.
What are the potential vulnerabilities associated with WEP encryption?
WEP (Wired Equivalent Privacy) encryption has known security vulnerabilities, making it susceptible to attacks such as packet injection, fake authentication, FMS attack, KoreK attack, ChopChop attack, Fragmentation attack, and PTW attack.
What are the key features and improvements introduced in WPA3 compared to WPA2?
WPA3 offers enhanced security features, including protection against offline dictionary attacks, support for forward secrecy, stronger encryption, and Wi-Fi Easy Connect for simplified device connections.
What are some of the security risks associated with public Wi-Fi hotspots?
Public Wi-Fi hotspots are often unsecured, exposing users to risks such as interception of sensitive data, man-in-the-middle attacks, and unauthorized access to devices. Users should avoid using public Wi-Fi for sensitive activities.
How can MAC address filtering enhance wireless network security?
MAC address filtering allows network administrators to manually add MAC addresses for authorized devices, preventing unauthorized devices from connecting to the network. However, it can be impractical for large networks with many devices.
What role does a firewall play in wireless network security?
A firewall, whether built into a router or a separate device, helps prevent unauthorized access to a network and mitigates security risks by filtering incoming and outgoing network traffic. It should be properly configured and monitored.
What is SSID cloaking, and how does it contribute to network security?
SSID cloaking involves hiding the network’s SSID (Service Set Identifier) from being broadcasted, making it more difficult for unauthorized users to discover and connect to the network. However, it may not provide complete security and can be bypassed by determined attackers.
