WiFi and Cloud Security

Question 1

What is WPA?

Answer 1

Wired Equivalent Privacy.

Used Rivest Cipher4(RC4) which had key size of 40 to 256 bits.

Question 2

What did WPA have a problem with?

Answer 2

Forgeries

Question 3

What was developed to strengthen WPA?

Answer 3

WEP: Wifi protected Access
TKIP: Temporal Key Integrity Protocol

Question 4

What did WPA2 allow for the use of?

Answer 4

Stream Cipher (AES CCMP) for encryption so required dedicated hardware.

Question 5

Why was TKIP used?

Answer 5

Backward compatibility by using a MIC.

MIC and Authentication allowed for the reduction of spoofing attacks.

Question 6

What are the two modes of WPA2?

Answer 6

Personal

Enterprise

Question 7

How does WPA2 Personal Work?

Answer 7

Uses a pre shared key and therefore doesn’t require separate user authentication.

Question 8

How does WPA2 Enterprise work?

Answer 8

Uses EAP for authentication.

Question 9

What is EAP?

Answer 9

Extensible Authentication Protocol.

Has multiple levels such as:
EAP-TLS,
EAP-TTLS (Tunneled TLS)
Protected EAP versions - some with token cards or an identity module.

Question 10

How is WPA2 Personal authentication done?

Answer 10

Access Point generate a pre shared key from a plaintext password and shares it with the client.

Question 11

How is WPA Enterprise authentcation done?

Answer 11

AP provides access control to the authentication server (RADIUS).

The AP has 2 logical ports, service and authentication (PAE).

Authentication port is always open and service is opened after successful authentication using EAPoL(EAP over LAN)

Question 12

What is a PAE?

Answer 12

Port Access Entity

Question 13

How does WPA2 KeyGen work?

Answer 13

2 sets of 2 handshakes to ensure fresh key generation and distribution.

4-Way handshake is for Pairwise Transient Key (PTK) and Group Transient Key (GTK).

Question 14

How does the Four way handshake work for WPA2 KeyGen?

Answer 14

4 EAPoL messages sent between client and AP to confirm client knowns Pairwise Master Key.

PMK then is used to generate PTK which is fresh for each transaction

Question 15

What are the vulnerabiltiies of WPA2?

Answer 15

Susceptible to DOS.

Deauthentication can happen by forcing the client to reauthenticate

Can spoof MAC Addresses

Disassociation when the client with multiple disassociate with some of them.

Question 16

What is RFID?

Answer 16

Radio Frequency Identification.

Tags used to monitor the movement of goods.

Question 17

What are the attacks that can occur on RFID tags?

Answer 17

Can be eavesdropped, spoofed or even DoS’d

Question 18

What are some protections that can be put on RFID tags?

Answer 18

Can be shielded with Faraday Cages to prevent scanning.

Can be hashed for integrity

Question 19

What are the security issues faced by cloud computing?

Answer 19

Many users, OS, Servers, Clients...
Many transactions using VM's and Virtual networks
Separation of VM, VN
Storage Issues
Services Level Agreements

Question 20

What is cloud computing?

Answer 20

Non geolocation specific service made up of servers, VM’s and Virtual Networks providing rented applications and memory.

Question 21

What are the service models of cloud computing?

Answer 21

Infrastructure as as Service (IaaS)

Software as a Service (SaaS)

Platform as a Service (PaaS)

Question 22

What are different controls that should be put in place on cloud platforms?

Answer 22

Firewall and IDS
AntiVirus
Authentication
Access Control
Application/ Web
Monitoring/ Response

Defence in Depth principle should be applied

Question 23

What are the CSA’s top threats to cloud?

Answer 23

Data breaches
Misconfiguration and poor change control
Lack of security architecture and strategy
Weak IAM
Account Hijcaking
Insider threats
Insecure API's and Interfaces
Weak control place

Question 24

What are the required security steps for Cloud Platforms?

Answer 24

Reinforce internal security
Demand transparency
Consider legal and commercial implication
Authentication
Compliance
Data segregation
Disaster Recovery

Question 25

What is virtualisation?

Answer 25

Core of the cloud, VMs and VNs are generated from different technologies to create hosts and networks on top of existing infrastructure

Question 26

What is isolation?

Answer 26

Major technique for security, can contain all processing and traffic without it leaking onto physical system

Question 27

What is a slice?

Answer 27

Can be created through a topology.

Isolated network ontop of existing infrastructure.

There can be many.

Question 28

What were the findings of Ristenpart et. al?

Answer 28

Co-resident instances (Geographically close instances) had lowest RTTs.

Lag between launching of isntances

Question 29

What are the implications of using ‘aaS’ models

Answer 29

One vulnerability or malware can be shared amongst user population and can increase with the size of the population.

Question 30

What are the top risks when using cloud services?

Answer 30

Compliance
Loss of Governance
Cloud service termination/failure
Cloud Provider Acquisition
Isolation Failure
CP insider threat...