Volume 2 - Chapter 3: Securing Wireless Networks Flashcards
Describe the function of a Message Integrity Check (MIC)
Similar to a frame’s FCS.
When an AP receives a frame it compares the MIC inside the frame to what it thinks the MIC should be. If they match, then the data has not be tampered with.
What wireless authentication standard matches the following?:
- Uses an RC4 Ciper Algorithm
- Supports a key of 40 to 104 bits
Wired Equivilent Privacy (WEP).
What year was WEP defined, and in what IEEE standard?
The original 802.11 standard in 1999.
What wireless authentication standard allows the use of multiple authentication methods?
Extensible Authentication Procotol (EAP)
In regards to 802.1X, describe the function of the supplicant.
The supplicant represents the client that is requesting network access.
In regards to 802.1X, describe the function of the authenticator.
The authenticator is the device that is providing access to the network
For wireless, typically a WLC
For wired, typically a switch
In regards to 802.1X, describe the function of the authentication server.
The device that contains the network credentials and will determine network access for the supplicant based on its policies or user database.
What wireless authentication standard matches the following?:
- Developed by Cisco
- Created as a replacement for WEP
- Uses dynamic encryption keys that change frequently
Lightweight EAP (LEAP)
What wireless authentication standard matches the following?:
- Protects credentials using a PAC
- Negotiates a TLS tunnel to securely authenticate the end user
- Requires the use of a RADIUS server
EAP Flexsible Authenticate by Secure Tunneling
(EAP-FAST)
What wireless authentication standard matches the following?:
- A certificate presented by the AS to authenticate to the supplicant
- Negotiates a TLS tunnel to securely authenticate the end user
- Requires the use of a RADIUS server
Protected EAP (PEAP)
What client authentication methods are available when using PEAP?
MSCHAPv2 (Microsoft Challenge Authentication Protocol version 2)
GTC (Generic Token Card) - Physical hardware token
What wireless authentication standard matches the following?:
- A certificate presented by the supplicant to authenticate to the AS
- Negotiates a TLS tunnel to securely authenticate the end user
- Requires the use Public Key Infrastructure (PKI)
EAP Transport Layer Security
(EAP-TLS).
Describe how certificates differ in regards to PEAP versus EAP-TLS.
With PEAP, the certificate present on the AS is used to authenticate to the supplicant. The suppliant uses other methods to authenticate the AS.
With EAP-TLS, the suppliant is also required to have a valid signed certificate to authenticate.
What are the 3 main wireless privacy/integrity methods?
Temporal Key Integrity Protocol (TKIP)
Counter/CBC-MAC Protocol (CCMP)
Galios/Counter Mode Protocol (GCMP)
What wireless privacy/integrity algorithm was developed to improve the security of the WEP authentication protocol?
Temporal Key Integrity Protocol (TKIP).