3.4 Install & configure wireless security settings Flashcards

1
Q

Wireless cryptography: why wireless network should be secured ?

A

It can contain confidential information: wireless do not mean open to everyone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Wireless cryptography: how to secure a wireless network ?

A
  • Authenticate the users before granting access: username, password, MFA
  • Encrypt the wireless data: WPA2, WPA3
  • Verify the integrity of all communication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Wireless cryptography: why wireless network should be encrypted ?

A

Because all wireless computers are radio transmitetrs and receivers so anyone can listen in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Wireless cryptography: how to encrypt wireless network ?

A

Everyone that use the network have an encryption key to send and receive the data. Only the people with the right key can transmit and listen.
There are 2 types of encryption: WPA2 & WPA3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Wireless cryptography: what is WPA2 ?

A

Wifi Protected Access II (WPA2) uses an encryption called CCMP block cipher mode. CCMP uses a nb of != protocols to provide the security needed for wireless network such as data encryption with AES and message integrity check

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Wireless cryptography: what is WPA2 ?

A

Wifi Protected Access II (WPA2) uses an encryption called CCMP block cipher mode. CCMP uses a nb of != protocols to provide the security needed for wireless network such as data encryption with AES and message integrity check with CBC-MAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Wireless cryptography: what is WPA3 ?

A

Wifi Protected Access 3 (WPA) is the updated version of WPA2 introduced in 2018. It changes the encryption a little bit by using GCMP block cipher mode which is a stronger encryption than WPA2. Confidentiality is provided with AES and integrity with GCMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Wireless cryptography: why there was an update from WPA2 to WPA3 ?

A

Because WPA2 has a Pre-shared Key (PSK) bruteforce issue. Attacker could capture the hash and bruteforce it with the PSK. Once you have the PSK, you have access to everyone’s wireless key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Wireless cryptography: what was changed from WPA2 to WPA3 ?

A

WPA3 changes the PSK authentication process by:
- including mutual auth (you + the access point authenticate you)
- SAE : creating shared session key without sending that key across the network
- no more 4 way handshakes, no hashes so no bruteforce
- secret key changes at each session
-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Wireless cryptography: what is SAE?

A

A diffie-hellman derived key exchange with an auth component

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Wireless auth metods: why auth is important ?

A

Because we need to ensure that people authenticating to the wireless network are truly authorized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Wireless auth metods: what are the != auth methods?

A

Credentials:
- shared password (also named Pre-shared Key (PSK)),
- centralized auth: for ex using the AD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Wireless auth metods: why configuration of wireless auth is important ?

A

Because you can choose the security level: none, WPA2, WPA3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Wireless auth metods: what is a captive portal ?

A

A method to provide auth using a separate login screen from your browser and then use username/password to use the wifi

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Wireless auth metods: what is WPS ?

A

Wifi Protected Setup (WPS) allows easy setup of a mobile device by using PIN, push a button on the access point, NFC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Wireless auth metods: is WPS secure ?

A

No and has been hack in 2011. It is better to disable it

17
Q

Wireless auth protocols: what are the differents protocol being used for auth ?

A
  • ## EAP
18
Q

Wireless auth protocols: what is EAP ?

A

Extensible Authentication Protocol (EAP) provides extensibility for authentication methods for commonly used protected network access technologies, such as IEEE 802.1X-based wireless access, IEEE 802.1X-based wired access, and Point-to-Point Protocol (PPP)

19
Q

Wireless auth protocols: what is IEEE 802.1X?

A

An IEEE standard for port-based network access control on wired and wireless access points.

20
Q

Wireless auth protocols: how does EAP work?

A

The EAP authentication exchange proceeds as follows:
1) The authenticator (the server) sends a Request to authenticate the peer (the client).
2) The peer sends a Response packet in reply to a valid Request. 3) The authenticator sends an additional Request packet, and the peer replies with a Response.

21
Q

Wireless auth protocols: what is EAP-FAST ?

A

EAP Flexible Authentication via Secure Tunneling is a way to make sure that the auth server and the peer can communicate over a secure TLS tunnel

22
Q

Wireless auth protocols: what is PEAP ?

A

Protected Extensible Authentication Protocol is also a protected EAP using TLS tunnel but it use a digital certificate

23
Q

Wireless auth protocols: what are the others secured EAP protocol?

A
  • EAP-TLS
  • EAP-TTLS
  • Raduis federation
24
Q

Installing Wireless Networks: how to install a wireless network?

A

1- Do a site survey to determine the existing wireless landscape and identify existing access points
2- Check GHz: Avoid interference between access point by ensuring they are not using the same frequencies
3- Access point placement: ensure max coverage, avoid interference,

25
Q

Installing Wireless Networks: what is the purpose of wireless survey tools ?

A

Can use it during the survey site phase to help identify the wireless signal coverage, potential interference, spectrum analysis etc

26
Q

Installing Wireless Networks: what is the purpose of wireless packet analysis tools ?

A

Monitore the wireless network (ex: wireshark)