Securing Networks Flashcards
Radio Frequency Interference: RFI
Don´t learn
A disturbance that can affect electrical circuits, devices, and cables due to AM/FM transmissions or cell towers
RFI causes more problems for wireless networks
Crosstalk
Don´t learn
Don´t learn
Occurs when a signal transmitted on one copper wire creates an undesired effect on another wire
UTP is commonly used more often than STP
Data Emanation
Data emanation is a form of electronic eavesdropping. When data travels within a computer or through the network wires, an electromagnetic field is generated. By reading the magnetic field, unauthorized users can get the confidential data.
Protected Distribution System: PDS
Don´t learn
Secured system of cable management to ensure that the wired network remains free from eavesdropping, tapping, data emanations, and other threats
Service Set Identifier: SSID
Uniquely identifies the network and is the name of the WAP used by the clients
Disable the SSID broadcast in the exam
Rogue Access Point
An unauthorized WAP or Wireless Router that allows access to the secure network
Evil Twin
A rogue WAP with the same SSID as your valid one
Pre-Shared Key
A pre-shared key (PSK) is a super-long series of seemingly random letters and numbers generated when a device joins a network through a Wi-Fi access point (AP). The process begins when a user logs into the network using the SSID (name of the network) and password (sometimes called a passphrase).
The SSID and password (8-63 characters) are then used to create the PSK, which is then used in conjunction with other information to create an even more complex encryption key to protect data sent over the network.
Don´t learn
Wired Equivalent Privacy: WEP
Original 802.11 wireless security standard that claims to be as secure as a wired network
WEP’s weakness is its 24-bit IV (Initialization Vector)
Wifi Protected Access: WPA
Don´t learn
Replacement for WEP which uses TKIP, Message Integrity Check (MIC), and RC4 encryption
WPA was flawed, so it was replaced by WPA2
WPA2 (Wi-Fi Protected Access 2)
WPA2 is considered the best wireless encryption available
Wifi Protected Setup: WPS
Don´t learn
Automated encryption setup for wireless networks at a push of a button, but is severely flawed and vulnerable
Always disable WPS
Wifi Jamming
Intentional radio frequency interference targeting your wireless network to cause a denial of service condition
Wireless site survey software and spectrum analyzers can help identify jamming and interference
AP Isolation (AP is access point)
Creates network segment for each client when it connects to prevent them from communicating with other clients on the network
War Driving
Act of searching for wireless networks by driving around until you find them
Attackers can use wireless survey or open source attack tools
War Chalking
Act of physically drawing symbols in public places to denote the open, closed, and protected networks in range
IV Attack, initialization vector (IV) attack
An is an attack on wireless networks. It modifies the IV of an encrypted wireless packet during transmission. Once an attacker learns the plaintext of one packet, the attacker can compute the RC4 key stream generated by the IV used.
This happened with WEP and makes it easy to crack
Wifi Disassociation Attack
Attack that targets an individual client connected to a network, forces it offline by deauthenticating it, and then captures the handshake when it reconnects
Used as part of an attack on WPA/WPA2
Brute Force Attack
Occurs when an attacker continually guesses a password until the correct one is found
Brute force will always find the password…eventually!
WPA3
Wi-Fi Protected Access 3 (WPA3) was introduced in 2018 to strengthen WPA2
WPA3 has an equivalent cryptographic strength of 192-bits in WPA3 - Enterprise Mode
Largest improvement in WPA3 is the removal of the Pre-Shared Key (PSK) exchange
WPA3 Personal:
Uses CCMP-128 as the minimum encryption required for secure connectivity
WPA3 Enterprise:
Uses AES-256 encryption with a SHA-384 hash for integrity checking
WPA3: Simultaneous Authentication of Equals (SAE)
A secure password-based authentication and password-authenticated key agreement method
Simultaneous Authentication of Equals (SAE) provides forward secrecy
WPA3: Perfect Forward Secrecy (AKA: Forward Secrecy)
A feature of key agreement protocols (like SAE) that provides assurance that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised
The AP and the client use a public key system to generate a pair of long-term keys
The AP and the client exchange a one-time use session key using a secure algorithm like Diffie-Hellman
The AP sends the client messages and encrypts them using the session key created in Step 2
Client decrypts the messages received using the same one-time use session key
The process repeats for every message being sent, starting at Step 2 to ensure forward secrecy
Don´t learn
Penetration Testing: Rules of Engagement
Don´t learn
Important document:
Defines purpose & scope
Makes everyone aware of test parameters
Type of testing & schedule:
Physical breach, internal test, external test
Working hours, after 6PM, etc
Rules:
IP address ranges
Emergency contacts
How to handle sensitive info
Don´t learn VPN: SSL VPN
Don´t learn Uses SSL/TLS No big VPN clients No digital cert requirement or shared passwords Unlike IPsec Very small client or within browser