Wireless Security( Comptia Objective 2.3) Flashcards
1
Q
What is Wireless encryption and what does it mean?
A
- All wireless computers are radio transmitters and receivers( Anyone can listen in)
- The solution for this is we need to Encrypt the Data.
Everyone get’s the password or their own password. - Only people with the password can transmit and listen.( WPA and WPA2)
2
Q
What is WPA encryption?
A
- Wi-Fi Protected Access( WPA)
- Developed in 2002( WPA was the replacement for serious cryptographic weaknesses in WEP( Wired Equivalent Privacy) DON’T USE WEP!
- Needed a short-term bridge between WEP and whatever would be the successor( Run on existing hardware)
- The finalized version of WPA used RC4 with TKIP( Temporal Key Integrity Protocol)
- Initialization Vector(IV) was larger and provided an encrypted hash. Every packet gets a unique 128-bit encryption key.
3
Q
What is Temporal Key Integrity Protocol and what is it used for?
A
- Mixes the keys. Combines the secret root key with the IV.
- Adds a sequence counter( Prevents replay attacks)
- Implements a 64-bit Message integrity check protects against tampering.
- TKIP has it’s own set of vulnerabilities( Deprecated in the 802.11-2012 standard.
4
Q
What are the WPA2 and CCMP standards?
A
- WPA2 certification began in 2004. AES( Advanced Encryption Standard) replaced RC4.
- CCMP( Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) replaced TKIP.
- CCMP Block cipher mode uses AES for data confidentiality. Uses a 128 bit key and a 128-bit block size. Requires additional computing resources.
- CCMP Security Services.
Data confidentiality( AES), authentication, and access control.
5
Q
What are some Wireless Security modes and how are they configured?
A
- Configure the authentication on your wireless access point / wireless router
- Open System( No authentication password is required)
- WPA2-Personal / WPA2-PSK are Encryption standards.
WPA2 with a pre-shared key. Everyone uses the same 256-bit key - WPA2-Enterprise / WPA2-802.1X - Authenticates users individually with an authentication server( i.e., RADIUS, TACACS+)
- You are also able to add additional factors.
6
Q
802.1x uses what kind of Server to confirm correct credentials for users connecting to it?
A
- Authentication Server
- Often users will connect over the internet and then reach a firewall or VPN concentrator which then passes on their login credentials to confirm their username and password are correct before allowing access onto the internal network. These protocols used for this are often RADIUS( Remote Authentication Dial-in User Service) or TACACS
7
Q
How does the RADIUS protocol work?
A
- One of the more common AAA( Authentication, Authorization and Accounting) protocols. Supported on a wide variety of platforms and devices
- Not just dial in
- Centralizes authentication for users.
Uses Routers, switches, firewalls - Server authentication
- Remote VPN Access
- 802.1X network access
8
Q
What is TACACS and what does it do?
A
- Terminal Access Controller Access Control System
- Provides remote authentication protocol
- Created to control access to dial-up lines to ARPANET.
- TACACS+ is the latest version of TACACS. Provides more authentication requests and response codes. Was released as an open standard in 1993.