Chapter 5 - Protecting Wireless Networks

Question 1

Tell me the details on the 5 types of wireless protocols.
What are their letters? Bandwidth? Frequency?

5 -169,170

Answer 1

a - 54Mbps, 5 GHz
b - 11 Mbps, 2.4 GHz, also called Wi-Fi
g - 54 Mbps, 2.4 GHz
i - WPA2
n - 600Mbps, 5 GHz and 2.4 GHz

Question 2

Why was WEP weak?

5-171

Answer 2

because of the encryption algorithms it used, RC4

Question 3

What was developed to strengthen WEP?

5-171

Answer 3

Temporal Key Integrity Protocol

Question 4

Tell me the difference between WPA and WPA2.

5-172

Answer 4

WPA uses RC4 and TKIP.

WPA2 uses CCMP (uses AES) and uses the entire 802.11i standard.

Question 5

What is WTLS? What does it provide?

5-173

Answer 5

Wireless Transport Layer Security, is the security layer of the Wireless Application Protocol. It provides authentication, encryption, and data integrity.
Inside, it has a handshake protocol, alert protocol, application protocol, change cipher spec protocol, and record protocol.

Question 6

Tell me about the three levels of security in WAP.

5-174

Answer 6

Anonymous - virtually anyone can connect
Server - workstation must authenticate against the server.
Two-Way (client and server) - requires both ends of the connection to authenticate to confirm validity

Question 7

You have a mobile environment using WAP security. Tell me about the 4 technologies used to provide services between the client pc and the WAP server.

5-175

Answer 7

Wireless Session Protocol - session info
Wireless Transaction Protocol - similar to TCP and UDP
Wireless Transport Layer Security - security layer of WAP
Wireless Datagram Protocol - common interface

Question 8

This antenna has a 360 degree pattern and you’ll want to put it in the middle of the area to be covered.

5-178

Answer 8

omnidirectional

Question 9

This antenna focuses the signal into one direction.

5-178

Answer 9

directional antenna

Question 10

How much of an increase in dB does it take to double your output power?

5-178

Answer 10

3 dB

Question 11

Tru/False: Access Points have MAC filtering turned on by default.

5-178

Answer 11

false

Question 12

MAC filtering is synonymous with what?

5-178

Answer 12

network lock

Question 13

Explain to me how a captive portal works.

5-180

Answer 13

requires users to agree to some condition before they use the network or internet

Question 14

What is EAP? What are the 5 types?

5-181

Answer 14

Extensible Authentication Protocol

TLS, PSK, MD5, LEAP and PEAP

Question 15

TTLS adds a layer of security against what kinds of attacks?

5-181

Answer 15

man in the middle attacks

eavesdropping

Question 16

Tell me two times when you would use NFC.

5-182

Answer 16

near field communication is used in RFID and Wi-Fi

Question 17

You have a WPS, Wi-Fi Protected Setup. What kind of attack is it susceptible to?

5-182

Answer 17

brute force

Question 18

Why was LEAP created?

5-182

Answer 18

a quick fix for problems with WEP

Question 19

How does LEAP work? What is it susceptible to?

5-182

Answer 19

requires mutual authentication

dictionary attacks

Question 20

Why is PEAP the better option over EAP-TTLS?

5-183

Answer 20

because it establishes an encrypted channel between the server and the client.

Question 21

what is cloaking?

5-183

Answer 21

turning off the SSID broadcast

Question 22

You are intentionally interfering with a signal. what is this called?

5-185

Answer 22

jamming

Question 23

You’ve discovered a weak access point and are leaving signals that point it out. what is this called?

5-186

Answer 23

war chalking

Question 24

A rogue access point will be involved in what kind of attack?

5-186

Answer 24

evil twin

Question 25

What’s the difference between bluejacking and bluesnarfing?

5-187

Answer 25

bluejacking-sending unsolicited message over a bluetooth connection

bluesnarfing-gaining unauthorized access through a bluetooth connection.

Question 26

what is site surveying?

5 - 185

Answer 26

initially meant deermining whether a proposed location was free from interference.

now it means: primary method used to gather information about a wireless network, and virtually all wireless netwoks are vulnerable to site surveys