5.1- Wireless WiFi Security (Doshi) Flashcards
Protection of wireless WiFi Security
Enable MAC filtering and encryption
Disable SSID and DHCP
Enable Media Access control (MAC) filtering
It allows access to only selected devices, any other device trying to access the network will be rejected
Why would you Enable encryption?
(1) Encryption protects data in transit and not data on the devices.
(2) The two types of encryption are WEP and WAP 2.
(3) WAP2 is the strongest encryption standard for wireless connection.
Why would you disable SSID?
SSID makes network visible to all
Why DHCP should be disabled?
Dynamic Host Configuration Protocol (DHCP) automatically assigns IP addresses to anyone connected to the network. With DHCP disabled, static IP addresses must be used which reduces the risk of unauthorized access.
Common attack methods to Wireless Network
War driving, war walking, war chalking.
War driving
Hackers drive around to sniff wireless network
Auditor uses the same technique to test wireless security
War walking
Hackers walk around ( hotel, mall, public area) to sniff wireless network
War chalking
War chalking is the drawing of symbols in public places to advertise an open Wi-Fi network. These symbols are subsequently used by others to exploit weak wireless networks.
Which of the following should be disabled to increase security of wireless network against unauthorized access?
A. MAC (Media Access Control) address filtering
B. Encryption
C. WPA-2 (Wi-Fi Protected Access Protocol)
D. SSID (service set identifier) broadcasting
D. SSID (service set identifier) broadcasting
A Service Set Identifier (SSID) is the network name broadcasted by a router and it is visible for all wireless devices. When a device searches the area for wireless networks it will detect the SSID.
Disabling SSID broadcasting adds security by making it more difficult for unauthorized users to find the network. For better security controls, MAC filtering and WPA-2 should be enabled (and not disabled).
Which of the following technique is more relevant to test wireless (Wi-Fi) security of an organization?
A. WPA-2
B. War dialling
C. War driving
D. Social Engineering
C. War driving
‘War Driving’ technique is used by hacker for unauthorized access to wireless infrastructure. War driving is a technique in which wireless equipped computer is used to locate and gain access to wireless networks. Same is done by driving or walking in and around building. ‘War Driving’ is also used by auditors to test wireless. WPA-2 is an encryption standard and not a technique to test the security. War dialling is a technique for gaining access to a computer or a network through the dialling of defined blocks of telephone numbers.
Which of the following should be a concern to an IS auditor reviewing a wireless network?
A. System hardening of all wireless clients.
B. SSID (service set identifier) broadcasting has been enabled.
C. WPA-2 (Wi-Fi Protected Access Protocol) encryption is enabled.
D. DHCP (Dynamic Host Configuration Protocol) is disabled at all wireless access poin
B. SSID (Service Set IDentifier) broadcasting has been enabled.
Disabling SSID broadcasting adds security by making it more difficult for unauthorized users to find the network.
Dynamic Host Configuration Protocol (DHCP)is disabled at all wireless access points. Which of the following statement is true when DHCP is disabled for wireless networks?
A. increases the risk of unauthorized access to the network.
B. decreases the risk of unauthorized access to the network.
C. automatically provides an IP address to anyone.
D. it disables SSID (Service Set Identifier).
B. decreases the risk of unauthorized access to the network.
Dynamic Host Configuration Protocol (DHCP) automatically assigns IP addresses to anyone connected to the network. With DHCP disabled, static IP addresses must be used and hence risk of unauthorized access can be reduced.
Option C is incorrect because DHCP does not provide IP addresses when disabled.
Option D is incorrect because disabling of the DHCP will not automatically disables SSID.
Best method to ensure confidentiality of the data transmitted in a wireless LAN is to:
A. restrict access to predefined MAC addresses.
B. protect the session by encrypting with use of static keys.
C. protect the session by encrypting with use dynamic keys.
D. initiate the session by encrypted device.
C. protect the session by encrypting with use dynamic keys.
In any given scenario, confidentiality of the data transmitted in a wireless LAN is BEST protected, if the session is encrypted using dynamic keys (as compared to static keys). When using dynamic keys, the encryption key is changed frequently, thus reducing the risk of the key being compromised and the message being decrypted. Option A and D will not ensure data confidentiality during transit.
Encryption of the data on the connected device addresses the confidentiality of the data on the device, not the wireless session. When using dynamic keys, the encryption key is changed frequently, thus reducing the risk of the key being compromised and the message being decrypted. Limiting the number of devices that can access the network does not address the issue of encrypting the session.
Usage of wireless infrastructure for use of mobile devices within the organization, increases risk of which of the following attacks?
A. Port scanning
B. Social Engineering
C. Piggybacking
D. War driving
D. War driving
‘War Driving’ technique is used by hacker for unauthorized access to wireless infrastructure. War driving is a technique in which wireless equipped computer is used to locate and gain access to wireless networks. Same is done by driving or walking in and around building. A war driving att uses a wireless Ethernet card, set in promiscuous mode, and a powerful antenna to penetrate wireless systems from outside.
