Chapter 8 - Wireless Network Security

Question 1

Bluetooth

Answer 1

A wireless technology that uses short-range radio frequency (RF) transmissions and provides rapid ad hoc device pairings.

Question 2

Ad hoc topology

Answer 2

A configuration in which networks can be created “on the fly” as needed.

Question 3

Bluejacking

Answer 3

An attack that sends unsolicited messages to Bluetooth-enabled devices.

Question 4

Bluesnarfing

Answer 4

An attack that accesses unauthorized information from a wireless device through a Bluetooth connection.

Question 5

Near field communication (NFC)

Answer 5

A set of standards used to establish communication between devices in very close proximity.

Question 6

Radio frequency identification (RFID)

Answer 6

A wireless set of standards used to transmit information from paper-based tags to a proximity reader.

Question 7

Wireless local area network (WLAN)

Answer 7

A wireless network designed to replace or supplement a wired local area network (LAN). Commonly called Wi-Fi.

Question 8

Access point (AP)

Answer 8

A centrally located WLAN connection device that can send and receive information.

Question 9

Ad hoc mode

Answer 9

A WLAN functioning without an AP.

Question 10

Rogue AP

Answer 10

An unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks.

Question 11

Evil twin

Answer 11

An AP set up by an attacker to mimic an authorized AP and capture transmissions, so a users device will unknowingly connect to this evil twin instead of the authorized AP.

Question 12

Wireless replay attack

Answer 12

A passive attack in which the attacker captures transmitted wireless data, records it, and then sends it on to the original recipient without the attackers presence being detected.

Question 13

Jamming

Answer 13

Intentionally flooding the radio frequency (RF) spectrum with extraneous RF signal “noise” that creates interference and prevents communications from occurring.

Question 14

Disassociation attack

Answer 14

A wireless attack in which false de-authentication or disassociation frames are sent to an AP that appear to come from another client device, causing the client to disconnect.

Question 15

Wi-Fi protected setup (WPS)

Answer 15

An optional means of configuring security on wireless local area networks primarily intended to help users who have little or no knowledge of security to quickly and easily implement security on their WLANs. Due to design and implementation flaws, WPS is not considered secure.

Question 16

Wired Equivalent Privacy (WEP)

Answer 16

An IEEE 802.11 security protocol designed to ensure that only authorized parties can view transmitted wireless information. WEP accomplishes this confidentiality by encrypting the transmissions.

Question 17

Media access control (MAC) address filtering

Answer 17

A method for controlling access to a WLAN based on the devices MAC address.

Question 18

Service Set Identifier (SSID)

Answer 18

The alphanumeric user-supplied network name of a WLAN.

Question 19

Wi-Fi protected access (WPA)

Answer 19

The original set of protections from the Wi-Fi Alliance designed to address both encryption and authentication.

Question 20

Temporal Key Integrity Protocol (TKIP)

Answer 20

The WPA and WPA2 encryption technology.

Question 21

Open method

Answer 21

A wireless network mode in which no authentication is required.

Question 22

Preshared key (PSK)

Answer 22

The authentication model used in WPA that requires a secret key value to be entered in the AP and all approved wireless devices prior to communicating.

Question 23

Wi-Fi Protected Access 2 (WPA2)

Answer 23

The second generation of WPA security from the Wi-Fi Alliance that addresses authentication and encryption on WLANs and is currently the most secure model for Wi-Fi security.

Question 24

Counter mode with cipher block chaining message authentication code protocol (CCMP)

Answer 24

The encryption protocol used for WPA2 that specifies the use of a general-purpose cipher mode algorithm providing data privacy with AES.

Question 25

IEEE 802.1x

Answer 25

A standard, originally developed for wired networks, that provides a greater degree of security by implementing port-based authentication.

Question 26

Certificate-based authentication

Answer 26

An authentication method in which each supplicant computer must have a digital certificate as proof of identity.

Question 27

Extensible authentication protocol (EAP)

Answer 27

A framework for transporting authentication protocols that defines the format of the messages.

Question 28

Protected EAP (PEAP)

Answer 28

An EAP method designed to simplify the deployment of 802.1x by using Microsoft Windows logins and passwords.

Question 29

Rogue AP system detection

Answer 29

A means for identifying rogue AP devices.

Question 30

Wireless probe

Answer 30

A special sensor that monitors the airwaves for traffic in order to detect rogue AP’s.

Question 31

Fat APs

Answer 31

Autonomous AP in which everything is self-contained in a single device.

Question 32

Thin AP

Answer 32

An AP that does not contain all the management and configuration functions.

Question 33

Standalone APs

Answer 33

An access point (AP) that does not require another device for management.

Question 34

Controller APs

Answer 34

An AP that is managed through a dedicated wireless LAN controller (WLC).

Question 35

Captive portal AP

Answer 35

An infrastructure that is used on public access WLANs that uses a standard web browser to provide information, and gives the wireless user the opportunity to agree to a policy or present valid login credentials to provide a higher degree of security.