Wireless Network

Question 1

IBSS

Answer 1

Independent Basic Service Set

Contains only devices/clients with no AP

Ad-hoc WLAN

Question 2

BSS

Answer 2

Basic Service Set

One AP connected to Network

Question 3

ESS

Answer 3

Extended Service Set

Multiple APs to provide coverage

Question 4

DSSS

Answer 4

Direct-Sequence Spread Spectrum

▪ Modulates data over an entire range of frequencies using a series of signals known as chips
▪ More susceptible to environmental interference
▪ Uses entire frequency spectrum to transmit

Question 5

FHSS

Answer 5

Frequency-Hopping Spread Spectrum (FHSS)
▪ Devices hop between predetermined frequencies
▪ Increases security as hops occur based on a common timer

Question 6

OFDM

Answer 6

Orthogonal Frequency Division Multiplexing (OFDM)
▪ Uses slow modulation rate with simultaneous transmission of data over 52 data streams
▪ Allows for higher data rates while resisting interference between data streams

Question 7

RFI

Answer 7

Radio Frequency Interference (RFI)

▪ Caused by using similar frequencies to WLAN ▪ Common sources of interference:

● Other wifi devices (overlapping channels)

● Cordless phones and baby monitors (2.4 GHz)

● Microwave ovens (2.4 Ghz)

● Wireless security systems (2.4 GHz)

● Physical obstacles (Walls, appliances, cabinets)

● Signal strength (Configurable on some devices)

Question 8

CSMA/CA

Answer 8

Carrier Sense Multiple Access/Collision Avoidance
▪ WLAN uses CSMA/CA to control access to medium, where wires Ethernet uses CSMA/CD
▪ Listens for transmission to determine if safe to transmit

● If channel is clear, transmits Request to Send (RTS)

● Device waits for acknowledgment

● If received an RTS, responds with Clear to Send (CTS)

● If not received, device starts random back off timer

Question 9

WEP

Answer 9

Wired Equivalent Privacy ▪ Original 802.11 wireless security standard

● Claimed to be as secure as wired networks

▪ Static 40-bit pre-shared encryption key

● Upgraded to 64-bit and 128-bit key over time ▪ Uses 24-bit Initialization Vector (IV)

● Sent in clear text

Question 10

WPA

Answer 10

Wi-Fi Protected Access (WPA) ▪ Replaced WEP and its weaknesses ▪ Temporal Key Integrity Protocol (TKIP)

● 48-bit Initialization Vector (IV) instead of 24-bit IV

● Rivest Cipher 4 (RC4) used for encryption ▪ Uses Message Integrity Check (MIC)

● Confirms data was not modified in transit ▪ Enterprise Mode WPA

● Users can be required to authenticate before exchanging keys

● Keys between client and AP are temporary

Question 11

WPA2

Answer 11

CCMP for authentication
AES for encryption
- 128-bit key or above

Question 12

802.1x

Answer 12

Network Authentication 802.1x
▪ Each wireless user authenticates with their own credentials
▪ Used also in wired networks

Question 13

EAP

Answer 13

Extensible Authentication Protocol (EAP)
▪ Authentication performed using 802.1x
▪ EAP-FAST
● Flexible Authentication via Secure Tunneling
▪ EAP-MD5
▪ EAP-TLS

Question 14

NAC

Answer 14

Network Admission Control (NAC)
▪ Permits or denies access to the network based on characteristics of the device instead of checking user credentials
▪ Conducts a posture assessment of client

● Checks the OS and antivirus version of client