Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

NetSec > Chapter 7: Wireless Network Security > Flashcards

Chapter 7: Wireless Network Security Flashcards

Wireless Network Security

1
Q

What are some security concerns with wireless networks?

A
  1. Channel: wireless networks typically involves broadcast communications which is more susceptible to eavesdropping and jamming. Active attacks that exploit vulnerabilities in communications protocols.
  2. Mobility: wireless devices are more portable and mobile
  3. Resources: wireless devices have sophisticated OS but limited memory and processing resources that can counter threats.
  4. Accessibility: wireless devices may be left unattended, increases vulnerability to physical attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some wireless network security threats?

A
  1. Accidental association: Wireless LANS in close proximity may create overlapping transmission ranges resulting in users accidentally connecting to the wrong LAN.
  2. Malicious association: wireless device configured to appear legitimate, that enables the stealing of user credentials.
  3. Ad hoc networks: peer-to-peer networks between wireless computers with no access point in between. Security threat due to a lack of a central point of control.
  4. Nontraditional networks: i.e. barcode readers or PDAs, pose a security risk in terms of eavesdropping and spoofing.
  5. ID theft (MAC spoofing): eavesdropping to identify the MAC address of a computer with network privileges.
  6. MITM
  7. DoS
  8. Network Injection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the principal threats to wireless transmission and what two types of countermeasures are appropriate?

A

Threat: eavesdropping, alteration/insertion of messages, disruption.

Signal-hiding: make it more difficult to locate the wireless access point. Turning off service set identifier (SSID) broadcasting by wireless access points: cryptic names to SSID, reduce signal strength, placing access points away from windows and exterior walls, directional antennas, signal-shielding techniques.

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the principal threats to wireless access points and what types of countermeasures are appropriate?

A

Threats: unauthorised access.

IEEE 802.1X standard for port-based network access control.

Countermeasures:
1. Encryption

  1. Antivirus, anti spyware, firewalls
  2. Turning off identifier broadcasting. (Used so other devices can know about the network and connect to it)
  3. Change the identifier on the router from the default.
  4. Change the routers pre-set password
  5. Allow only approved computers to access the network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are some security concerns regarding mobile devices?

A
  1. Lack of physical security controls: mobile devices under the control of the user. Can be used in environments that are not secure leading to higher risk of theft or tampering
  2. Use of un-trusted mobile devices. Personal mobile devices assumed not to be trustworthy as security mechanisms adhering to company policy may be non-existent.
  3. Use of un-trusted networks: traffic with an off-site premise segment. Such as remote access to company network from home.
  4. Unknown or un-trusted applications
  5. Interaction with other systems. The synchronisation of data with different services and systems.
  6. Un-trusted content. QR code scanning for more information.
  7. GPS. Can be used to target devices for attacks to access restricted systems or networks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is traffic security?

A

All traffic should be encrypted and travel by secure means. SSL, IPv6, VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is barrier security?

A

Security mechanisms to protect the network from unauthorised access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The IEEE 802.11 standard has 8 terms with abbreviations, what are these terms?

A

Access Point

Basic Service Set

Coordination Function

Distribution System

Extended Service Set

MAC protocol data unit

MAC service data unit

Station

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the three layers in the IEEE 802 architecture?

A

Bottom to top

  1. Physical
  2. Media access control
  3. Logical link control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the function of the MAC layer?

A
  1. Controls access to the transmission medium
  2. Receives data from the LLC in the form of a MSDU.

On transmission: assemble data into a frame (MPDU) with address and error-detection fields.

On reception: disassemble frame, and perform address recognition and error detection.

Detects errors and discards frames containing errors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the function of the physical layer?

A
  1. Encodes/decodes signals
  2. Bit transmission/reception
  3. Specification of the transmission medium
  4. Defined frequency bands and antenna characteristics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the function of the logical link control layer?

A

Responsible for detecting errors using the CRC and recovering from the errors by retransmitting damaged frames.

Optionally: keeps track of which frames where successful and retransmits unsuccessful ones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does AP stand for?

A

Access Point: provides access to the network via wireless connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does BSS stand for?

A

Basic Service Set: a set of stations controlled by a single coordination function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a coordination function?

A

Coordination Function: logical function that determines when stations in the BSS are allowed to transmit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does DS stand for?

A

Distribution System: a system that interconnects BSSs and integrated LANs to create an ESS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What does ESS stand for?

A

Extended Service Set: interconnected BSSs and integrated LANs that appear as a single BSS to the LLC layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does MPDU stand for?

A

MAC protocol data unit: unit of data exchanged between to peer MAC entities using the services of the physical layer

19
Q

What does MSDU stand for?

A

MAC service data unit: info delivered as a unit between MAC users

20
Q

What is a station?

A

Any device conforming to IEEE 802.11

21
Q

What is the general format of the MPDU?

A

MAC control: protocol control info

Dest. MAC address

Source MAC address

^MAC header

MSDU

MAC trailer = CRC: cyclic redundancy check, an error-detecting code. Sender and receiver calculate the value to check if it matches.

22
Q

What two services are involved in the distribution of messages?

A

Distribution
Integration

23
Q

What is the distribution service involved in the distribution of messages?

A

It is the primary service used by stations to exchange MPDUs when the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS

24
Q

What is the integration service involved in the distribution of messages?

A

It enables transfer of data between a station on an IEEE 802.11 LAN and a station on an integrated IEEE 802.x LAN.

Integrated meaning a wired LAN.

25
Q

What is an association-related service?

A

Provides information about stations within the ESS.

Before the distribution service can deliver or accept data from a station, the station need to be associated.

26
Q

There are three services related to fullfuling the requirement that a DS need to know the identity of the AP in order to deliver messages, which three services are they and what do they do?

A

Association: Establishes an initial association between a station and an AP. Before a station can transmit or receive frames on a wireless LAN, its identity and address must be known.

Re-association: Enables an established association to be transferred from one AP to another, allowing a mobile station to move from one BSS to another.

Disassociation: A notification from either a station or an AP that an existing association is terminated. A station should give this notification before leaving an ESS or shutting down.

27
Q

What was the issue with the original IEEE 802.11 Standard?

A

The security features for privacy and authentication were weak.

Wired Equivalent Privacy (WEP) was used for privacy and contained major weaknesses.

Wi-Fi Protected Access (WPA) was introduced to rectify these weaknesses.

28
Q

What does RSN stand for?

A

The Robust Security Network which is the final form of the IEEE 802.11i standard

29
Q

What services does RSN specify and what do they do?

A

Authentication: a protocol is used to define an exchange between a user and an AS that provides mutual authentication and generates temporary keys.

Access control:
1. enforces the use of the authentication function
2. routes messages
3. facilitates key exchange

Privacy with message integrity: MAC-level data are encrypted along with a message integrity code.

30
Q

What five phases of operation does the RSN have?

A
  1. Discovery
  2. Authentication
  3. Key generation and distribution
  4. Protected data transfer
  5. Connection termination
31
Q

What does the discovery phase do?

A

It enables a STA and an access point to

  1. recognise each other
  2. agree on security capabilities
  3. establish an association for future communication
32
Q

What security capabilities can be agreed upon during the discovery phase?

A
  1. Confidentiality and MPDU integrity protocols (dictated by the AP since all STAs must use the same ones.
  2. Authentication method
  3. Key management approach
33
Q

What is a cipher suite and what options are available?

A

The specification of confidentiality and integrity protocols and the chosen key length

Available options:

  1. WEP, allows backward compatibility
  2. TKIP
  3. CCMP
  4. Vendor-specific methods
34
Q

What is the AKM suite and what options are available?

A

Authentication and key management suite.

Authentication means
Means for deriving the root key from which other keys are generated.

Available options:

  1. IEEE 802.1X
  2. Pre-shared key
  3. Vendor-specific methods
35
Q

What three exchanges occur in the discovery phase?

A

Network and security capability discovery: STAs discover the network that it can communicate with.

Open system authentication: provides backwards compatibility. The station and the AP exchange identifiers.

Association: agree on security capabilites

36
Q

What does the authentication phase do?

A

It enables mutual authentication between STA and AS located in the DS.

Authentication is designed to allow only authorised stations to use the network and provide the STA with assurance that it is communication with a legitimate network.

Uses EAP.

Communicates on the control channel until authentication has been confirmed, then it can use the data channel.

37
Q

The authentication phase consists of three phases, what are they?

A

Connect to AS: the STA requests a connection to an associated AP.

EAP exchange: flow between STA and AP typically employs the EAPOL. Flow between AP and AS uses RADIUS.

Secure key delivery: when authentication has been established the AS generates am master session key (MSK) aka, the AAA key. All keys needed by the STA for secure communication with its AP are generated using the MSK. Relies on EAP for secure delivery of the key.

38
Q

What does STA mean?

A

Supplicant

39
Q

What does the key management phase do?

A

Cryptographic keys are generated and distributed to STAs.

Two types of keys:
1. pairwise keys
2. group keys

40
Q

What is the difference between a group key and a pairwise key?

A

A group key is used for multicast communication where on STA sends MPDUs to multiple other STAs.

A pairwise key is used for communication between a pair of devices, usually a STA and an AP.

41
Q

What does the protected data transfer phase do?

A

It defines two schemes for protecting data transmitted in MPDUs:

  1. TKIP: temporal key integrity protcol
  2. CCMP: Counter Mode-CBC MAC Protocol
42
Q

What is the TKIP?

A

It is designed to only require software changes to devices that implement WEP and it provides two services.

Message integrity: adds a message integrity code (MIC) to the 802.11 MAC frame after the data field. The MIC is generated by an algorithm, called Michael, that computes a 64-bit value using as input the source and destination MAC address values and the Data field, plus key material.

Data confidentiality: Data confidentiality is provided by encrypting the MPDU plus MIC value using RC4.

43
Q

What is the CCMP?

A

CCMP is intended for newer IEEE 802.11 devices that are equipped with the hardware to support this scheme. CCMP provides two services:

Message integrity: CCMP uses the cipher block chaining message authentication code (CBC-MAC).

Data confidentiality: CCMP uses the CTR block cipher mode of operation with AES for encryption.

The same 128-bit AES key is used for both integrity and confidentiality.

44
Q

What is the IEEE 802.11i PRF?

A

The pseudorandom function. It is used, for example, to expand pairwise keys and to generate GTK.

It is built on the use of HMAC-SHA-1.

NetSec (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions