Volume 2 - Chapter 3: Securing Wireless Networks Flashcards

1
Q

Describe the function of a Message Integrity Check (MIC)

A

Similar to a frame’s FCS.

When an AP receives a frame it compares the MIC inside the frame to what it thinks the MIC should be. If they match, then the data has not be tampered with.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What wireless authentication standard matches the following?:

  1. Uses an RC4 Ciper Algorithm
  2. Supports a key of 40 to 104 bits
A

Wired Equivilent Privacy (WEP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What year was WEP defined, and in what IEEE standard?

A

The original 802.11 standard in 1999.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What wireless authentication standard allows the use of multiple authentication methods?

A

Extensible Authentication Procotol (EAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In regards to 802.1X, describe the function of the supplicant.

A

The supplicant represents the client that is requesting network access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In regards to 802.1X, describe the function of the authenticator.

A

The authenticator is the device that is providing access to the network

For wireless, typically a WLC
For wired, typically a switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In regards to 802.1X, describe the function of the authentication server.

A

The device that contains the network credentials and will determine network access for the supplicant based on its policies or user database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What wireless authentication standard matches the following?:

  1. Developed by Cisco
  2. Created as a replacement for WEP
  3. Uses dynamic encryption keys that change frequently
A

Lightweight EAP (LEAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What wireless authentication standard matches the following?:

  1. Protects credentials using a PAC
  2. Negotiates a TLS tunnel to securely authenticate the end user
  3. Requires the use of a RADIUS server
A

EAP Flexsible Authenticate by Secure Tunneling
(EAP-FAST)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What wireless authentication standard matches the following?:

  1. A certificate presented by the AS to authenticate to the supplicant
  2. Negotiates a TLS tunnel to securely authenticate the end user
  3. Requires the use of a RADIUS server
A

Protected EAP (PEAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What client authentication methods are available when using PEAP?

A

MSCHAPv2 (Microsoft Challenge Authentication Protocol version 2)

GTC (Generic Token Card) - Physical hardware token

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What wireless authentication standard matches the following?:

  1. A certificate presented by the supplicant to authenticate to the AS
  2. Negotiates a TLS tunnel to securely authenticate the end user
  3. Requires the use Public Key Infrastructure (PKI)
A

EAP Transport Layer Security
(EAP-TLS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe how certificates differ in regards to PEAP versus EAP-TLS.

A

With PEAP, the certificate present on the AS is used to authenticate to the supplicant. The suppliant uses other methods to authenticate the AS.

With EAP-TLS, the suppliant is also required to have a valid signed certificate to authenticate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the 3 main wireless privacy/integrity methods?

A

Temporal Key Integrity Protocol (TKIP)

Counter/CBC-MAC Protocol (CCMP)

Galios/Counter Mode Protocol (GCMP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What wireless privacy/integrity algorithm was developed to improve the security of the WEP authentication protocol?

A

Temporal Key Integrity Protocol (TKIP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the two algorithms used by CCMP?

A

AES Counter Mode Encryption

Cipher Block Chaining Message Authentication Code (CBC-MAC)

17
Q

How can you tell if a device uses CCMP for its privacy/integrity method?

A

The device will support WPA2

18
Q

What are the two algorithms used by GCMP?

A

AES Counter Mode Encryption

Galios Message Authentication Code (GMAC)

19
Q

How can you tell if a device uses GCMP for its privacy/integrity method?

A

The device will support WPA3

20
Q

What organization provides industry certifications for wireless security?

A

The Wi-Fi Alliance.

21
Q

What are the 3 certifications currently offered by the Wi-Fi alliance?

A

WPA
WPA2
WPA3

22
Q

Describe the function of Protected Managment Frames (PMF) in regards to WPA3

A

WPA3 supports PMF to secure frames between the AP and clients for management functions.

This prevents tampering with the operation of the BSS.

23
Q

Which Wi-Fi Alliance certification(s) allow authentication using pre-shared keys?

A

WPA, WPA2, & WPA3

24
Q

Which Wi-Fi Alliance certification(s) allow authentication using 802.1X?

A

WPA, WPA2, & WPA3

25
Q

Which Wi-Fi Alliance certification(s) support encryption and MIC using TKIP?

A

Only WPA

26
Q

Which Wi-Fi Alliance certification(s) support encryption and MIC using AES and CCMP?

A

WPA and WPA2

27
Q

Which Wi-Fi Alliance certification(s) support encryption and MIC using AES and GCMP?

A

Only WPA3

28
Q
A