ch7 Beyond the Basic LAN Flashcards
Wireless Access Points are made with an identifying __, which can be __ in the case of a single WAP or ___ if the network has more than one of them
Service Set Identifier (SSID); Basic; Extended
when a Client sends a request to a WAP, that client is added to the WAP’s ___
Associated List
does the 802.11 standard contain any encryption of authentication?
no
___ was the first system developed to give basic authorization and encryption to 802.11, using the ___ protocol
Wired Equivalency Privacy (WEP); RC4
the 802.11i standard uses ___ for authentication and ___ for encryption
802.1x; AES
because most network hardware initially couldn’t handle the 802.11i standard, the ___ was developed for the transition, but has since been renamed ___
Temporal Key Integrity Protocol (TKIP); Wireless Protected Access (WPA)
it is sometimes possible to carry out a Replay Attack after someone logs into a wireless network by retrieving the ___ and extracting their password. This process is also known as ___
Session Key; SSL stripping
___ is when a server requires that users use secure protocols for their entire session
HTTP Strict Transport Security (HSTS)
if someone plugs their personal wireless access point into a LAN this is called a ___, but if they change its SSID to match yours, then it’s an ___
Rogue Access Point; Evil Twin
to boot people off a wireless network (so they are forced to login to an evil twin) either an illegal device called a ___ is used, or the command ___
802.11 Jammer; deauth
to harden a wireless network against attack, it is important to know all ___ and maintain ___
MAC and IP addresses for everything connected; patches and updates
for good WiFi coverage across a large flat area, use a ___ antenna; for a more 3D area use a ___ antenna; for a narrow but long distance use a ___ antenna and for just one side of a wall use a ___ antenna
Dipole; OMNI; Directional; Patch Graphic
to improve WiFi signal bandwidth, you could try changing the ___ from 2.4 GHz to 5 GHz, or adjust the ___
Band; Channel Width
___ means mimicking a different set of hardware than exists on a machine, whereas ___ means creating a new computer with it’s own OS but the same hardware
emulation; virtualization
three advantages of virtualization are:
consolidation of hardware; easier system recovery; convenience of IT research
a ___ allows you to see the different virtual machines, and can be either Type ___, launched on boot and independent of the OS, or type ___, which runs on top of the OS
Hypervisor; 1; 2
three threats to a virtualized network are:
Malware, VM Sprawl; VM Escape
the following three steps should be taken to harden a virtualized network:
cleaning data remnants; good policies; keeping patches updated
while not appropriate for wireless networks in general ___ is great for securing an HVAC system control
MAC Filtering
a ___ holds an application and all the files it depends on, isolating them from the rest of the system
Container
in ___, a 3rd party owns all the hardware, but makes it available through virtual machines
Infrastructure as a Service (IaaS)
in ___, a 3rd party supplies everything needed for software development via virtual machines
Platform as a Service (PaaS)
in ___, a 3rd party owns the software you need, making it available for use online via a subscription
Software as a Service (SaaS)
a good practice for hardening wireless networks is to enable ___ so devices can’t see each other on the network
AP Isolation
with WPA2 protected systems, it is particularly important to use ___
long complex passwords
Client’s can notice and report ___ and ___ on a wireless network to help with security
unfamiliar SSID’s; unexpected requirements to login again
virtual computers are often best deployed as ___
Virtual Desktop Integration (VDI)
the Internet of Things is a collections of ___
Static Hosts
a ___ system is used to control devices, usually over a WAN, spread out over a large geographic area
Secure Control and Data Acquisition (SCDA)
___, although it doesn’t have encryption, tends to be secure because of the close proximity/contact between devices required
Near Field Communication (NFC)
when a company issues cellphones to it’s employees that are not for personal use, this is a ___ deployment
Corporate Owned, Business Only (COBO)
when a company issues cellphones, but employees have a degree of control over how they are configured this is a ___ deployment
Corporate Owned, Personally Enabled (COPE)
when a company provides cellphones, but employees can choose from a list this is a ___ deployment
Choose Your Own Device (CYOD)
when employees in a company can use their own phones with company software this is a ___ deployment
Bring Your Own Device (BYOD)
when users load software onto a cellphone from an unofficial source, this is called ___
sideloading
when a user is given a cellphone from a major carrier and changes to al alternative carrier to save money, this is called ___ and is a problem for companies because ___
carrier unlocking; the company may be unable to track the activity of the phone
when a user gains administrative access and installs custom firmware on a cellphone, this is called ___, or on an iPhone ___, and makes the phone vulnerable to ___
rooting; jailbreaking; malware
cellphone firmware ___ updates can become expensive due to data usage, and can be turned off
over the air
the best way to secure data on a cellphone when it is lost is with ___
Remote wipe
outside lighting, signage and security guards are examples of ___ physical security controls
deterrent
fences and barricades are examples of ___ physical security controls
Preventative
screen filters for desktop computers are examples of ___ physical security controls
Preventative
alarms and cameras are examples of ___ physical security controls
Detective
Infrared cameras are useful for protecting computer equipment because they ___
can detect heat spots
securing an HVAC remote monitoring system would mean making sure vendors use ___ or ___ to connect
VPN; 802.1x
always use ___ for fire suppression in server rooms
FM-200
