Chapter 7 Securing Wireless LANs

Question 1

What is the wireless encryption standard that was part of the original 802.11 standard and used the RC4 encryption algorithm?

Answer 1

Wireless Equivalent Privacy (WEP)

Question 2

What were the security vulnerabilities associated with WEP?

Answer 2

WEP had significant security vulnerabilities, making it easy to crack.

Question 3

What encryption standard replaced WEP and introduced stronger security measures?

Answer 3

Wi-Fi Protected Access (WPA)

Question 4

What encryption algorithm did WPA use, and what were its improvements over WEP?

Answer 4

WPA used RC4 encryption but implemented stronger security measures, such as pre-shared keys, making it more secure than WEP.

Question 5

What is the most popular wireless encryption standard for over a decade?

Answer 5

WPA2

Question 6

What encryption algorithm did WPA2 introduce, and how did it improve security over WPA?

Answer 6

WPA2 introduced the Advanced Encryption Standard (AES) instead of RC4, offering stronger security and backward compatibility with older devices.

Question 7

What is the latest wireless encryption standard that provides enhanced security features?

Answer 7

WPA3

Question 8

What are some features of WPA3 that enhance security?

Answer 8

WPA3 disallows outdated protocols, implements protected management frames, and introduces Simultaneous Authentication of Equals (SAE) for secure connections between devices.

Question 9

What does RFID stand for, and what is its typical range?

Answer 9

RFID stands for Radio Frequency Identification, and its range is approximately 5 meters (16 feet).

Question 10

How are RFID tags powered, and what are some common applications?

Answer 10

RFID tags are activated by proximity to a scanning device that emits power. Common applications include inventory control, pet locators, and embedded passports.

Question 11

What is NFC, and how does it differ from RFID?

Answer 11

NFC stands for Near Field Communication and is a subset of RFID. NFC has a much closer range of about 5 centimeters (1.5 inches) and is commonly used for contactless payments and data sharing.

Question 12

What are some uses of NFC tags, and how can they be programmed?

Answer 12

NFC tags can be programmed to contain various data, such as Wi-Fi network information. They can be used for personal applications like sharing network credentials with guests or for other data-sharing purposes.

Question 13

What is the range of Bluetooth devices, and how do they need to be paired?

Answer 13

Bluetooth devices have varying ranges depending on their class, with Class 1 having a range of up to 100 meters (328 feet) and Class 2 having a range of about 10 meters (30 feet). Bluetooth devices need to be paired to establish trust and enable data transfer between them.

Question 14

What are some common uses of Bluetooth, and what are potential attacks associated with it?

Answer 14

Bluetooth is used for applications like wireless headphones, smartphone connections to car stereos, and file sharing between devices. Potential attacks include Bluejacking and Bluesnarfing, which involve unsolicited messages and capturing Bluetooth network traffic, respectively.

Question 15

What is Wi-Fi coverage, and how is it measured?

Answer 15

Wi-Fi coverage refers to the range of Wi-Fi signals from the transmission source. It is measured in decibel milliwatts (dBm), where higher values indicate stronger signal strength and better performance.

Question 16

How can atmospheric conditions affect wireless transmissions?

Answer 16

Atmospheric conditions like snow, rain, or sandstorms can potentially affect Wi-Fi signals and cause disruptions in wireless communications.

Question 17

What is a cantenna, and what is its purpose?

Answer 17

A cantenna is a homemade high-gain antenna that can extend the range of Wi-Fi signals. It is typically made using items like a Pringles can or an empty juice can and can improve connectivity to a wireless network.

Question 18

What are the potential issues with channel overlapping in Wi-Fi networks?

Answer 18

Channel overlapping occurs when two wireless networks in close proximity use the same channel. This can cause interference and lead to unreliable Wi-Fi connections. It is important to configure Wi-Fi networks on unique channels to avoid overlap.

Question 19

How can Wi-Fi site surveys help optimize Wi-Fi performance?

Answer 19

Wi-Fi site surveys involve mapping out the coverage area, identifying access points, and analyzing signal strength and potential issues like channel overlapping. This helps in optimizing performance, identifying dead zones, and extending coverage where needed.

Question 20

What are some tools that can be used for Wi-Fi site surveys?

Answer 20

Tools like NetSpot can be used for Wi-Fi site surveys. These tools scan the environment, discover visible access points, and provide information on signal strength and coverage areas, allowing for analysis and optimization of Wi-Fi networks.

Question 21

What is the purpose of a heat map in a Wi-Fi site survey tool?

Answer 21

A heat map visually represents signal strength in different areas of a Wi-Fi network. Red, orange, and yellow indicate stronger signal strength, while light blue and darker blue represent weaker signal areas. Heat maps help identify areas with poor signal strength and guide the placement of additional access points for better coverage.

Question 22

How can malicious users exploit Wi-Fi site surveys?

Answer 22

Malicious users can conduct Wi-Fi site surveys to gather information about nearby wireless networks that may not be adequately secured. This information can be used for unauthorized access or to exploit vulnerabilities in the network’s security measures.

Question 23

What is war chalking?

Answer 23

War chalking is a technique where open wireless networks are discovered, and their locations are marked on the sidewalk using chalk. It was a way to map out the availability of open networks in urban areas.

Question 24

What is war driving, and how is it related to Wi-Fi discovery?

Answer 24

War driving involves driving around with a scanning device, such as a laptop or smartphone, to detect and map out wireless networks. It helps in identifying the location and configuration of Wi-Fi networks within range. War flying is a similar technique using drones equipped with Wi-Fi capabilities.

Question 25

What is an evil twin in the context of Wi-Fi attacks?

Answer 25

An evil twin is a maliciously created Wi-Fi access point that mimics a legitimate network, often with the same name (SSID). It tricks users into connecting to it, giving the attacker unauthorized access to their network traffic.

Question 26

What are beacon frames in Wi-Fi networks?

Answer 26

Beacon frames are periodically transmitted by Wi-Fi access points to announce their presence and provide information about the network, such as SSID, signal strength, and configuration details. These frames can be intercepted and analyzed by attackers.

Question 27

What is the purpose of Wi-Fi site surveys for attackers and legitimate technicians?

Answer 27

Wi-Fi site surveys help in mapping out Wi-Fi coverage, identifying dead zones, and optimizing network performance. Attackers may conduct site surveys to gather information about vulnerable networks, while technicians use them to troubleshoot and improve network performance.

Question 28

How can open and WEP-encrypted Wi-Fi networks be exploited?

Answer 28

Open Wi-Fi networks and those using WEP encryption can be easily exploited by attackers. Open networks allow unauthorized access, while WEP encryption can be cracked within seconds using freely available tools, exposing network traffic to potential attackers.

Question 29

What is deauthentication (DSN dictation), and how is it used in Wi-Fi attacks?

Answer 29

Deauthentication is an attack technique where an attacker kicks a client off a Wi-Fi network, causing them to disconnect. This can be used to capture initial authentication information or to launch denial-of-service attacks by repeatedly disconnecting users.

Question 30

How can tools like Airodump-ng be used for Wi-Fi discovery?

Answer 30

Tools like Airodump-ng in Linux can be used to scan for wireless networks and gather information about access points. They provide details such as MAC addresses, channels, encryption types, and signal strengths of the detected networks.

Question 31

What is Wi-Fi coverage?

Answer 31

Wi-Fi coverage refers to the range or distance at which Wi-Fi signals can be received from the original transmission source.

Question 32

How is signal strength measured in Wi-Fi networks?

Answer 32

Signal strength is measured in decibel milliwatts (dBm).

Question 33

What does a lower dBm value indicate in terms of Wi-Fi signal strength?

Answer 33

A lower dBm value, such as -30 dBm, indicates a stronger Wi-Fi signal and a better connection.

Question 34

How can environmental conditions affect wireless transmissions?

Answer 34

Environmental conditions like snow, rain, or sandstorms can potentially interfere with wireless transmissions and degrade the Wi-Fi signal quality.

Question 35

What is an access point in the context of Wi-Fi networks?

Answer 35

An access point is a device that allows wireless devices to connect to a wired network and access Wi-Fi connectivity.

Question 36

What is an evil twin in the context of Wi-Fi networks?

Answer 36

An evil twin is a malicious Wi-Fi access point that imitates a legitimate network, tricking users into connecting to it and potentially compromising their data.

Question 37

What are beacon frames in Wi-Fi networks?

Answer 37

Beacon frames are periodic broadcast messages sent by access points to announce their presence and provide information about the network, such as network name and configuration details.

Question 38

What is deauthentication in the context of Wi-Fi network attacks?

Answer 38

Deauthentication is a technique used by attackers to force a connected client off a Wi-Fi network, usually to capture authentication traffic and attempt to crack the network’s passphrase.

Question 39

Why is it important to obtain proper authorization before performing network assessments or tests?

Answer 39

Obtaining proper authorization ensures that you are legally and ethically allowed to assess or test a network, protecting the privacy and security of others and avoiding any legal consequences.

Question 40

What is a recommended authentication protocol to enhance Wi-Fi security?

Answer 40

IEEE 802.1X (Radius authentication) is recommended for stronger authentication instead of using a pre-shared key.

Question 41

What are some variations of EAP (Extensible Authentication Protocol)?

Answer 41

Variations include EAP-FAST (uses a shared secret), EAP-TLS (requires server and client certificates), EAP-TTLS (requires a server certificate), and PEAP (also requires a server certificate).

Question 42

How can you enhance Wi-Fi security by changing default credentials?

Answer 42

Change the default credentials used to manage the access point/router to prevent unauthorized access.

Question 43

How can you increase Wi-Fi security by hiding the SSID?

Answer 43

Disable SSID broadcast to make the network name invisible to potential attackers, requiring users to manually enter the network name to connect.

Question 44

How does MAC address filtering contribute to Wi-Fi security?

Answer 44

Enable MAC address filtering to only allow specified MAC addresses to connect to the network, providing an additional layer of access control.

Question 45

What is WPA3 Enterprise, and why is it recommended?

Answer 45

WPA3 Enterprise combines IEEE 802.1X authentication with WPA3 encryption, offering enhanced security features for Wi-Fi networks.

Question 46

How can you control the wireless signal range to enhance Wi-Fi security?

Answer 46

: Adjust the wireless signal range to cover only the required area, preventing the signal from reaching beyond the intended boundaries.

Question 47

What is a captive portal, and how does it improve Wi-Fi security?

Answer 47

A captive portal is a landing page that requires users to authenticate or accept terms of use before accessing the internet via the Wi-Fi network, providing an additional layer of user verification.