CH16 Securing Networks Flashcards
You are installing a new wireless network in your office building and want to ensure it is secure. Which of the following configurations would create the MOST secure wireless network?
a. WPA2 and AES
b. WPA and MAC filtering
c. WEP and TKIP
d. WPA2 and RC2
a. WPA2 and AES
The most secure wireless network configuration utilizes WPA2 with AES encryption. WPA2 is the most secure wireless encryption standard, as it has replaced both WPA and WEP. AES is an extremely strong encryption algorithm that is used by default in the WPA2 standard.
Your home network is configured with a long, strong, and complex pre-shared key for its WPA2 encryption. You noticed that your wireless network has been running slow, so you checked the list of “connected clients” and see that “Bob’s Laptop” is connected to it. Bob lives downstairs and is the maintenance man for your apartment building. You know that you never gave Bob your password, but somehow he has figured out how to connect to your wireless network. Which of the following actions should you take to prevent anyone from connecting to your wireless network without the WPA2 password?
a. Disable WPS
b. Enable WPA
c. Disable SSID broadcast
d. Disable WPA2
- Disable WPS
WPS was created to ease the setup and configuration of new wireless devices by allowing the router to automatically configure them after a short eight-digit PIN was entered. Unfortunately, WPS is vulnerable to a brute-force attack and is easily compromised. Therefore, WPS should be disabled on all wireless networks. If Bob was able to enter your apartment and press the WPS button, he could have configured his laptop to use your wireless network without your WPA2 password.
Which of the following is the LEAST secure wireless security and encryption protocol?
a. AES
b. WPA
c. WPA2
d. WEP
d. WEP
Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN. It is the oldest form of wireless security and the weakest form. WEP can be cracked with brute force techniques in less than 5 minutes with a normal end-user computer.
Which of the following is the LEAST secure wireless security and encryption protocol?
a. WPA
b. WEP
c. WPA3
d. WPA2
b. WEP
OBJ-3.4: Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications that was designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. Wi-Fi protected access version 3 (WPA3) has replaced WPA2 as the most secure wireless encryption method. WPA3 uses the simultaneous authentication of equals (SAE) to increase the security of preshared keys. WPA3 provides the enhanced open mode that encrypts transmissions from a client to the access point when using an open network. WPA3 Enterprise mode supports the use of AES with the Galois/counter mode protocol (GCMP-256) for the highest levels of encryption.
Dion Training has an open wireless network called “InstructorDemos” for its instructors to use during class, but they do not want any students connecting to this wireless network. The instructors need the “InstructorDemos” network to remain open since some of their IoT devices used during course demonstrations do not support encryption. Based on the requirements provided, which of the following configuration settings should you use to satisfy the instructor’s requirements and prevent students from using the “InstructorDemos” network?
a. NAT
b. MAC filtering
c. QoS
d. Signal strength
b. MAC filtering
OBJ-3.4: Since the instructors need to keep the wireless network open, the BEST option is to implement MAC filtering to prevent the students from connecting to the network while still keeping the network open. Since the instructors would most likely use the same devices to connect to the network, it would be relatively easy to implement a MAC filtering based on the list of devices that are allowed to use the open network and reject any other devices not listed by the instructors (like the student’s laptops or phones). Reducing the signal strength would not solve this issue since students and instructors are in the same classrooms. Using Network Address Translation and Quality of Service will not prevent the students from accessing or using the open network.
The management at Steven’s work is concerned about rogue devices being attached to the network. Which of the following solutions would quickly provide the most accurate information that Steve could use to identify rogue devices on a wired network?
a. Reviewing a central administration tool like an endpoint manager
b. A physical survey
c. A discovery scan using a port scanner
d. Router and switch-based MAC address reporting
d. Router and switch-based MAC address reporting
OBJ-1.4: The best option is MAC address reporting from a source device like a router or a switch. If the company uses a management system or inventory process to capture these addresses, then a report from one of these devices will show what is connected to the network even when they are not currently in the inventory. This information could then be used to track down rogue devices based on the physical port connected to a network device.
What tool is used to collect wireless packet data?
a. John the Ripper
b. Nessus
c. Netcat
d. Aircrack-ng
d. Aircrack-ng
OBJ-3.4: Aircrack-ng is a complete suite of wireless security assessment and exploitation tools that includes monitoring, attacking, testing, and cracking of wireless networks. This includes packet capture and export of the data collected as a text file or pcap file.
John the Ripper is a password cracking software tool.
Nessus is a vulnerability scanner.
Netcat is used to create a reverse shell from a victimized machine back to an attacker.
