Wireless Networking Flashcards
Parameter that defines the wireless network
Service Set Identifier (SSID)
A method that enables you to limit access to your wireless network based on the physical, hard-wired address of the units’ NIC. A handy way of creating a type of “accepted users” list to limit access to your wireless network but works best when you have a small number of users
MAC address filtering
Protocol that attempted to ensure that data is secured while in transmit over the airwaves. This encryption uses a standard 40-bit encryption to scramble data packets. Includes a flaw that makes it extremely vulnerable to attack. All traffic is encrypted with the same key so one user’s traffic isn’t protected from other members of the network
Wired Equivalent Privacy (WEP)
Protocol addresses the weaknesses of WEP and acts as a security protocol upgrade to it. Uses the Temporal Key Integrity Protocol (TKIP). Offers security enhancements over WEP such as an encryption key integrity-checking feature and user authentication through the industry-standard Extensible Authentication Protocol (EAP)
Wi-Fi Protected Access (WPA)
Provides a new encryption key for every sent packet. Protects WPA from many of the attacks that make WEP vulnerable but has since been deprecated as it has flaws of its own
Temporal Key Integrity Protocol (TKIP)
The IEEE 802.11i standard supported by macOS, Linux, and Windows. Uses Advanced Encryption Standard (AES) to provide a secure wireless environment. All current WAPs and wireless clients support this and most routers have a “backwards compatible” mode for the handful of client devices that still use first-gen WPA
Wi-Fi Protected Access 2 (WPA2)
Addresses some security and usability issues, including encryption to protect the data of users on open (public) networks
WPA3
A standard included on most WAPs and clients to make secure connections easier to configure. Works in one of two ways: some devices use a push button and others use a password or code. Downside: a program can repeatedly guess the eight-digit code
Wi-Fi Protected Setup (WPS)
Don’t need a WAP, only requirements are that each wireless node be configured with the same network name (SSID) and that no two nodes use the same IP address (irrelevant if all nodes are using DHCP)
Ad Hoc Mode
Employs one or more WAPs connected to a wired network segment, such ad a corporate intranet, the Internet, or both. Requires that the SSID be configured on all nodes, and additionally on all WAPs.
Infrastructure Mode
Using only a username and a password
Single Factor Authentication
Requires something you have (like a security card), something you are (face/fingerprint scan), and more
Multifactor Authentication
Protocols for authenticating network users and managing what resources they may access
RADIUS and TACACS+
Partially encrypted and uses UDP
Remote Authentication Dial-In User Services (RADIUS)
Fully encrypted and uses TDP. Can handle authentication, authorizing users to access specific resources, and keeping track of the resources used
Terminal Access Controller Access-Control System Plus (TACACS+)
