Chapter 7 Securing Wireless LANs Flashcards

1
Q

What is the wireless encryption standard that was part of the original 802.11 standard and used the RC4 encryption algorithm?

A

Wireless Equivalent Privacy (WEP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What were the security vulnerabilities associated with WEP?

A

WEP had significant security vulnerabilities, making it easy to crack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What encryption standard replaced WEP and introduced stronger security measures?

A

Wi-Fi Protected Access (WPA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What encryption algorithm did WPA use, and what were its improvements over WEP?

A

WPA used RC4 encryption but implemented stronger security measures, such as pre-shared keys, making it more secure than WEP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the most popular wireless encryption standard for over a decade?

A

WPA2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What encryption algorithm did WPA2 introduce, and how did it improve security over WPA?

A

WPA2 introduced the Advanced Encryption Standard (AES) instead of RC4, offering stronger security and backward compatibility with older devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the latest wireless encryption standard that provides enhanced security features?

A

WPA3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are some features of WPA3 that enhance security?

A

WPA3 disallows outdated protocols, implements protected management frames, and introduces Simultaneous Authentication of Equals (SAE) for secure connections between devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does RFID stand for, and what is its typical range?

A

RFID stands for Radio Frequency Identification, and its range is approximately 5 meters (16 feet).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How are RFID tags powered, and what are some common applications?

A

RFID tags are activated by proximity to a scanning device that emits power. Common applications include inventory control, pet locators, and embedded passports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is NFC, and how does it differ from RFID?

A

NFC stands for Near Field Communication and is a subset of RFID. NFC has a much closer range of about 5 centimeters (1.5 inches) and is commonly used for contactless payments and data sharing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are some uses of NFC tags, and how can they be programmed?

A

NFC tags can be programmed to contain various data, such as Wi-Fi network information. They can be used for personal applications like sharing network credentials with guests or for other data-sharing purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the range of Bluetooth devices, and how do they need to be paired?

A

Bluetooth devices have varying ranges depending on their class, with Class 1 having a range of up to 100 meters (328 feet) and Class 2 having a range of about 10 meters (30 feet). Bluetooth devices need to be paired to establish trust and enable data transfer between them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are some common uses of Bluetooth, and what are potential attacks associated with it?

A

Bluetooth is used for applications like wireless headphones, smartphone connections to car stereos, and file sharing between devices. Potential attacks include Bluejacking and Bluesnarfing, which involve unsolicited messages and capturing Bluetooth network traffic, respectively.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Wi-Fi coverage, and how is it measured?

A

Wi-Fi coverage refers to the range of Wi-Fi signals from the transmission source. It is measured in decibel milliwatts (dBm), where higher values indicate stronger signal strength and better performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can atmospheric conditions affect wireless transmissions?

A

Atmospheric conditions like snow, rain, or sandstorms can potentially affect Wi-Fi signals and cause disruptions in wireless communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a cantenna, and what is its purpose?

A

A cantenna is a homemade high-gain antenna that can extend the range of Wi-Fi signals. It is typically made using items like a Pringles can or an empty juice can and can improve connectivity to a wireless network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the potential issues with channel overlapping in Wi-Fi networks?

A

Channel overlapping occurs when two wireless networks in close proximity use the same channel. This can cause interference and lead to unreliable Wi-Fi connections. It is important to configure Wi-Fi networks on unique channels to avoid overlap.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How can Wi-Fi site surveys help optimize Wi-Fi performance?

A

Wi-Fi site surveys involve mapping out the coverage area, identifying access points, and analyzing signal strength and potential issues like channel overlapping. This helps in optimizing performance, identifying dead zones, and extending coverage where needed.

20
Q

What are some tools that can be used for Wi-Fi site surveys?

A

Tools like NetSpot can be used for Wi-Fi site surveys. These tools scan the environment, discover visible access points, and provide information on signal strength and coverage areas, allowing for analysis and optimization of Wi-Fi networks.

21
Q

What is the purpose of a heat map in a Wi-Fi site survey tool?

A

A heat map visually represents signal strength in different areas of a Wi-Fi network. Red, orange, and yellow indicate stronger signal strength, while light blue and darker blue represent weaker signal areas. Heat maps help identify areas with poor signal strength and guide the placement of additional access points for better coverage.

22
Q

How can malicious users exploit Wi-Fi site surveys?

A

Malicious users can conduct Wi-Fi site surveys to gather information about nearby wireless networks that may not be adequately secured. This information can be used for unauthorized access or to exploit vulnerabilities in the network’s security measures.

23
Q

What is war chalking?

A

War chalking is a technique where open wireless networks are discovered, and their locations are marked on the sidewalk using chalk. It was a way to map out the availability of open networks in urban areas.

24
Q

What is war driving, and how is it related to Wi-Fi discovery?

A

War driving involves driving around with a scanning device, such as a laptop or smartphone, to detect and map out wireless networks. It helps in identifying the location and configuration of Wi-Fi networks within range. War flying is a similar technique using drones equipped with Wi-Fi capabilities.

25
Q

What is an evil twin in the context of Wi-Fi attacks?

A

An evil twin is a maliciously created Wi-Fi access point that mimics a legitimate network, often with the same name (SSID). It tricks users into connecting to it, giving the attacker unauthorized access to their network traffic.

26
Q

What are beacon frames in Wi-Fi networks?

A

Beacon frames are periodically transmitted by Wi-Fi access points to announce their presence and provide information about the network, such as SSID, signal strength, and configuration details. These frames can be intercepted and analyzed by attackers.

27
Q

What is the purpose of Wi-Fi site surveys for attackers and legitimate technicians?

A

Wi-Fi site surveys help in mapping out Wi-Fi coverage, identifying dead zones, and optimizing network performance. Attackers may conduct site surveys to gather information about vulnerable networks, while technicians use them to troubleshoot and improve network performance.

28
Q

How can open and WEP-encrypted Wi-Fi networks be exploited?

A

Open Wi-Fi networks and those using WEP encryption can be easily exploited by attackers. Open networks allow unauthorized access, while WEP encryption can be cracked within seconds using freely available tools, exposing network traffic to potential attackers.

29
Q

What is deauthentication (DSN dictation), and how is it used in Wi-Fi attacks?

A

Deauthentication is an attack technique where an attacker kicks a client off a Wi-Fi network, causing them to disconnect. This can be used to capture initial authentication information or to launch denial-of-service attacks by repeatedly disconnecting users.

30
Q

How can tools like Airodump-ng be used for Wi-Fi discovery?

A

Tools like Airodump-ng in Linux can be used to scan for wireless networks and gather information about access points. They provide details such as MAC addresses, channels, encryption types, and signal strengths of the detected networks.

31
Q

What is Wi-Fi coverage?

A

Wi-Fi coverage refers to the range or distance at which Wi-Fi signals can be received from the original transmission source.

32
Q

How is signal strength measured in Wi-Fi networks?

A

Signal strength is measured in decibel milliwatts (dBm).

33
Q

What does a lower dBm value indicate in terms of Wi-Fi signal strength?

A

A lower dBm value, such as -30 dBm, indicates a stronger Wi-Fi signal and a better connection.

34
Q

How can environmental conditions affect wireless transmissions?

A

Environmental conditions like snow, rain, or sandstorms can potentially interfere with wireless transmissions and degrade the Wi-Fi signal quality.

35
Q

What is an access point in the context of Wi-Fi networks?

A

An access point is a device that allows wireless devices to connect to a wired network and access Wi-Fi connectivity.

36
Q

What is an evil twin in the context of Wi-Fi networks?

A

An evil twin is a malicious Wi-Fi access point that imitates a legitimate network, tricking users into connecting to it and potentially compromising their data.

37
Q

What are beacon frames in Wi-Fi networks?

A

Beacon frames are periodic broadcast messages sent by access points to announce their presence and provide information about the network, such as network name and configuration details.

38
Q

What is deauthentication in the context of Wi-Fi network attacks?

A

Deauthentication is a technique used by attackers to force a connected client off a Wi-Fi network, usually to capture authentication traffic and attempt to crack the network’s passphrase.

39
Q

Why is it important to obtain proper authorization before performing network assessments or tests?

A

Obtaining proper authorization ensures that you are legally and ethically allowed to assess or test a network, protecting the privacy and security of others and avoiding any legal consequences.

40
Q

What is a recommended authentication protocol to enhance Wi-Fi security?

A

IEEE 802.1X (Radius authentication) is recommended for stronger authentication instead of using a pre-shared key.

41
Q

What are some variations of EAP (Extensible Authentication Protocol)?

A

Variations include EAP-FAST (uses a shared secret), EAP-TLS (requires server and client certificates), EAP-TTLS (requires a server certificate), and PEAP (also requires a server certificate).

42
Q

How can you enhance Wi-Fi security by changing default credentials?

A

Change the default credentials used to manage the access point/router to prevent unauthorized access.

43
Q

How can you increase Wi-Fi security by hiding the SSID?

A

Disable SSID broadcast to make the network name invisible to potential attackers, requiring users to manually enter the network name to connect.

44
Q

How does MAC address filtering contribute to Wi-Fi security?

A

Enable MAC address filtering to only allow specified MAC addresses to connect to the network, providing an additional layer of access control.

45
Q

What is WPA3 Enterprise, and why is it recommended?

A

WPA3 Enterprise combines IEEE 802.1X authentication with WPA3 encryption, offering enhanced security features for Wi-Fi networks.

46
Q

How can you control the wireless signal range to enhance Wi-Fi security?

A

: Adjust the wireless signal range to cover only the required area, preventing the signal from reaching beyond the intended boundaries.

47
Q

What is a captive portal, and how does it improve Wi-Fi security?

A

A captive portal is a landing page that requires users to authenticate or accept terms of use before accessing the internet via the Wi-Fi network, providing an additional layer of user verification.