Chapter 28: Securing Wireless Networks

Question 1

What are the components of a secure wireless connection?

Answer 1

• Encryption
• MIC
• Authentication

Question 2

What do we use to protect the integrity of data in a wireless frame?

Answer 2

MIC (message integrity check)

Question 3

Their were a wireless encryption method that been found to be vulnerable and is not recommended for use, name it!

Answer 3

WEP (Wired Equivalent Privacy)

Question 4

What is used as an authentication framework when 802.1x is used on a WLAN?

Answer 4

EAP (Extensible Authentication Protocol)

Question 5

Which Protocol should you avoid by selecting a method to protect the privacy and integrity of wireless data?

Answer 5

TKIP (Temporal Key Integrity Protocol)

Question 6

What method dies the WPA2 use to ensure the data encryption and integrity?

Answer 6

CCMP (Counter/CBC-MAC Protocol)

Question 7

The Wi-Fi Alliance offers a certification for wireless devices that correctly implement security standards, What is it?

Answer 7

WPA2 (Wi-Fi Protected Access Version 2)

Question 8

Which wireless security configuration uses a pre-shared key?

Answer 8

WPA2 personal mode

WPA3 personal mode

Question 9

How do we ensure message privacy in wireless networks?

Answer 9

By encrypting traffic

Question 10

How does MIC work?

Answer 10

MIC creates a digital Stamp based on the transmitted data and encapsulates the Stamp in the encrypted message. The receiver de-encrypt the message and compares the Stamp with it own calculation to make sure the message has not been altered.

Question 11

Describe the Open Authentication method.

Answer 11

Open authentication is true to its name; it offers open access to a WLAN. The only requirement is that a client must use an 802.11 authentication request before it attempts to associate with an AP. No other credentials are needed.

Question 12

Where is Open Authentication method mainly used?

Answer 12

In public location (Normally the authentication then takes place in a form through a web browser where you can see and accept the terms for use and enter basic credentials)

Question 13

Which encryption protocol does the WEP use?

Answer 13

The RC4 cipher algorithm based on shared key concept.

Question 14

What is enabling 802.1x port-based access control provide?

Answer 14

It limits access to a network media until a client authenticates. This means that a wireless client might be able to associate with an AP but will not be able to pass data to any other part of the network until it successfully authenticates.

Question 15

Where does authentication takes place in case of using 802.1x?

Answer 15

The authentication process occurs at a dedicated authentication server.

Question 16

What are the three entities forming the 802.1x arrangement?

Answer 16

• Supplicant: The client device that is requesting access.
• Authenticator: The network device that provides access to the network (usually a WLC)
• Authentication Server: The device that takes user or client credentials and permits or denies network access based on a user database and policies (usually RADIUS Server)

Question 17

What is LEAP?

Answer 17

Light weight authentication protocol is a cisco proprietary used to counter the weakness in WEP by forcing the client to supply username and password credentials. The encryption method used for challange messages is now found to be vulnerable.

Question 18

How does EAP-FAST work?

Answer 18

EAP-Flexible Authentication by Secure Tunneling passes a PAC (protected access credential) between the AS and the supplicant. The PAC is a form of shared
secret that is generated by the AS and used for mutual authentication. EAP-FAST is a sequence of three phases:
* Phase 0: The PAC is generated or provisioned and installed on the client.
* Phase 1: After the supplicant and AS have authenticated each other, they negotiate a Transport Layer Security (TLS) tunnel.
* Phase 2: The end user can then be authenticated through the TLS tunnel for additional security.
Like other EAP-based methods, a RADIUS server is required. However, the RADIUS server must also operate as an EAP-FAST server to be able to generate PACs, one per user.

Question 19

What is the difference between EAP-FAST and PEAP?

Answer 19

PEAP (Protected EAP) uses a digital certificate on AS instead of PAC to authenticate itself with the supplicant. The client in PEAP must authenticate within the TLS tunnel using one of the following two methods:

• MSCHAPv2: Microsoft Challenge Authentication Protocol version 2
• GTS: Generic Token Card; a hardware device that generates one-time passwords for the user or a manually generated password

Question 20

What is the difference between PEAP and EAP-TLS?

Answer 20

EAP Transport Layer Security (EAPTLS) goes one step further by requiring certificates on the AS and on every client device.

Question 21

Which security features does TKIP adds to WEP?

Answer 21

The Temporal Key Integrity Protocol adds the following:
* MIC: This efficient algorithm adds a hash value to each frame as a message integrity check to prevent tampering.
* Time stamp: A time stamp is added into the MIC to prevent replay attacks that attempt to reuse or replay frames that have already been sent.
* Sender’s MAC address: The MIC also includes the sender’s MAC address as evidence of the frame source.
* TKIP sequence counter: This feature provides a record of frames sent by a unique MAC address, to prevent frames from being replayed as an attack.
* Key mixing algorithm: This algorithm computes a unique 128-bit WEP key for each
frame.
* Longer initialization vector (IV): The IV size is doubled from 24 to 48 bits, making it virtually impossible to exhaust all WEP keys by brute-force calculation.

Question 22

Which is more secure CCMP or TKIP?

Answer 22

CCMP is more secure. TKIP was deprecated in the 802.11-2012

Question 23

Which algorithms does CCMP uses?

Answer 23

The Counter/CBC-MAC Protocol consists of two algorithms:

• AES (Advanced Encryption Standard) counter mode encryption
• Cipher Block Chaining Message Authentication Code (CBC-MAC) used as a message integrity check (MIC)

Question 24

Which is more secure CCMP or GCMP?

Answer 24

GCMP is more secure.

Question 25

Which algorithms does GCMP uses?

Answer 25

The Galois/Counter Mode Protocol (GCMP) is a robust authenticated encryption suite that is more secure and more efficient than CCMP. GCMP consists of two algorithms:

• AES (Advanced Encryption Standard) counter mode encryption
• Galois Message Authentication Code (GMAC) used as a message integrity check (MIC)

Question 26

What is the original WPA based on?

Answer 26

Authentication with Pre-Shared Keys? Yes
Authentication with 802.1x? Yes
Encryption and MIC with TKIP? Yes
Encryption and MIC with AES and CCMP? Yes
Encryption and MIC with AES and GCMP? No

Question 27

What is the WPA2 based on?

Answer 27

Authentication with Pre-Shared Keys? Yes
Authentication with 802.1x? Yes
Encryption and MIC with TKIP? No
Encryption and MIC with AES and CCMP? Yes
Encryption and MIC with AES and GCMP? No

Question 28

What is the WPA3 based on?

Answer 28

Authentication with Pre-Shared Keys? Yes
Authentication with 802.1x? Yes
Encryption and MIC with TKIP? No
Encryption and MIC with AES and CCMP? No
Encryption and MIC with AES and GCMP? Yes

Question 29

What are the main two client authentication modes?

Answer 29

• Personal mode: Pre-Shared Keys

* Enterprise mode: 802.1x