6.3 Install and configure wireless security settings Flashcards
WPA
(Wi-Fi Protected Access) An improved encryption scheme for protecting Wi-Fi communications, designed to replace WEP.
CCMP
(Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) An encryption protocol used for wireless LANs that addresses the vulnerabilities of the WEP protocol.
TKIP
(Temporal Key Integrity Protocol) A mechanism used in the first version of WPA to improve the security of wireless encryption mechanisms, compared to the flawed WEP standard.
EAP
(Extensible Authentication Protocol) A wireless authentication protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication.
PEAP
(Protected Extensible Authentication Protocol) Similar to EAP-TLS, PEAP is an open standard developed by a coalition made up of Cisco Systems, Microsoft, and RSA Security.
EAP-FAST
(EAP Flexible Authentication via Secure Tunneling) An EAP method that is expected to address the shortcomings of LEAP.
EAP-TLS
(EAP Transport Layer Security) An EAP method that requires a client-side certificate for authentication using SSL/ TLS.
IEEE 802.1x
Refers to the set of standards that define communication for wireless LANs
RADIUS federation
RADIUS federation means that multiple organizations allow access to one another’s users by joining their RADIUS servers into a RADIUS hierarchy or mesh.
PSK vs. Enterprise vs. open
Pre-Shared Key: means using a passphrase to generate the key that is used to encrypt communications.
Open authentication: means that the client is not required to authenticate.
WPS
(Wi-Fi Protected Setup) An insecure feature of WPA and WPA2 that allows enrollment in a wireless network based on an 8-digit PIN.
Captive portals
A web page that a client is automatically directed to when connecting to a network, usually through public Wi-Fi.
