M5: Protocols and Encryption Flashcards
What is the third iteration of WPA wireless security?
WPA3
What protocol is built on the wpa2 protocol and is intended to replace it?
wpa3
What are the following benefits features of?
*simplified wireless security past wpa2
* stronger authentication past wpa2
*powerful encryption past wpa2
*stable business continuity past wpa2
*enhanced security methods past wpa2
*replacement for legacy protocols past wpa2
*Protected Management Frames (PMF) requirement for enterprise networks
WPA3 Protocol
What are the two versions offered of WPA3?
Personal, enterprise
Which version of WPA3 is intended for individual users and home wifi networks, which addresses common cybersecurity weaknesses that affect consumers’ wireless devices, simplifies wifi security for users?
WPA3-Personal
What feature of WPA3-Personal gives users the ability to set passwords that are easier for the user to remember?
Natural password selection
What feature of WPA3-Personal makes it so users do not need to change the way they connect to wifi to benefit from WPA3’s improved security?
Increased ease of use
What feature of Wpa3-Personal makes it so if a password is stolen, Wpa3 can continue to protect data that is transmitted?
Forward secrecy
What feature of wpa3-personal improves upon the wpa2-personal pre-shared key (psk) handshake protocol?
Simultaneous Authentication of Equals, SAE
What uses PSK to generate a Pairwise Master Key? PMK
SAE, Simultaneous Authentication of Equals
What uses password based authentication and is shared between a wi-fi access point and a wireless device?
PMK, pairwise master key
in SAE, what do the pair use a complex multistage process to prove to one another that they possess?
The PMK, pairwise master key
What does the complex handshake in SAE do?
Makes it hard to intercept packets in order to extract an identifiable authentication key.
What has occurred if the wireless device passes the authentication staging gain access to the secured wifi network in SAE?
The SAE transaction is successful
What reduces the probability of successful dictionary and bruteforce attacks?
SAE authentication.
Which cyber attacks include cracking short, weak, and commonly used passwords?
dictionary, brute force
What feature corrects a weakness exploited by cybercriminals who could perform key reinstallation attacks (KRACKs) when in close proximity to a wifi user?
SAE, simultaneous authentication of equals
What type of attack can decrypt data and expose passwords, credit card information, photos, chats, emails, and more, which simultaneous authentication of equals protects against.
KRACKs, key reinstallation attacks
what version of wpa3 is intended for business networks with multiple users
wpa3-Enterprise
what protocol addresses the wpa2-Enterprise weaknesses that cybercriminals have been able to exploit?
Wpa3-Enterprise
What does AES stand for?
Advanced encryption standard
What standard uses GCMP-256-bit encryption?
AES Galois/Counter Mode Protocol GCMP-256
What standard replaces the wpa2 128-bit AES-Counter Mode Protocol (CCMP), Cipher Block chaining message authentication code (cbc-mac)?
AES with GCMP-256-bit encryption
What strong security protocol makes it harder for cybercriminals to perform Meddler-in-the-MIddle attacks?
GCMP-256-bit encryption
What Encryption standard Improves upon the wpa2 wireless Encryption standard of 802.1x Open Authentication and Extensible Authentication Protocol (EAP)?
opportunistic wireless encryption, OWE
At what WPA protocol does EAP require additional support to help it encrypt and authenticate logging credentials?
Wpa2
in what wpa protocol does OWE replace EAP with a solution that encrypts and authenticates all wireless traffic?
WPA3
What wpa protocol replaces wifi passwords by assigning a unique key to each device that has permission to access the network? Repairing the experience wifi users have in open, public networks. Restaurants, coffee shop, mall, etc
WPA3 OWE
How does WPA3 improve upon the wpa2 wifi protected setup (wps) encryption technology between wireless devices and routers?
WPA wifi Device Provisioning Protocol (DPP)
What WPA protocol uses QR codes or NFC tags to grant passwordless wifi access to wireless devices?
DPP
What WPA3 protocol creates Hash code from a secret key, which is sent with each message passed between a wifi access point and user’s device.
384-bit Hashed message Authentication Mode (HMAC) with Secure Hash Algorithm (SHA)
in HMAC with SHA, what is compared to make sure they match?
The hash code from the origin of the message and the hash code from the receiver of the message
in HMAC with SHA, what does a discrepance between two hashes indicate?
the message was compromised or corrupted.
In WPA3, what is a key managment and authentication feature that is used for faster performance, and is supported by most browsers, replacing WPA2 4-way handshake?
Elliptic Curve Diffie-Hellman exchange (ECDHE) and elliptic curve digital signature algorithm (ECDSA)
what will the tach industry need to do forever in order to stay ahead of evolving tools used by cybercriminals?
develop more complex encryption algorithms.
New features including:
natural password selection
increased ease of use
forward secrecy
simultaneous authentication of equals
are features of what version of WPA?
WPA3-Personal
Features including:
Galois/Counter Mode Protocol (GCMP-256)
Opportunistic Wireless Encryption (OWE)
Wi-Fi Device Provisioning Protocol (DPP)
384-bit Hashed Message Authentication Mode (HMAC) with Secure Hash Algorithm (SHA)
Elliptic Curve Diffie-Hellman Exchange (ECDHE) and Elliptic Curve Digital Signature Algorithm (ECDSA)
Are examples of which WPA?
WPA3-Enterprise