WLAN Security Flashcards
802.11 Security Basics?
Data Privacy
Authentication, Authorization, And Accounting
Segmentation
Monitoring and Policy
Data Privacy?
Encryption
- RC4 Cipher
- AES (Advanced Encryption Standard)
MAC Service Data Unit
(AAA)?
Authentication
Authorization
Accounting
Authentication?
Identify and Credential Verification, who and what?
Authorization?
Granting Access,
What can you do?
Accounting?
Tracking the use of resources
Rule of AAA?
Authentication is required before association and authorization can be allowed
Segmentation?
Based Upon Traffic Type
Based Upon Client Type
Based Upon Authentication or Authorization
LANs
WANs
VLANs
Monitoring
Monitoring gives vision into Network performance and Security
Monitoring may use?
WIDS
WIPS
Policy?
Policy defines how computer systems must be implemented
- Specific WiFi policies must be created
- Traditional wired policies are not sufficient
- Should be written and adaptable as technology changes
Legacy 802.11 Security?
Allows legacy client access
Uses older security measures
Is specified in the 802.11 standard as amended
Can be the weak spot of the network
Types of Security of 802.11
Legacy Authentication
Static WEP Encryption
MAC Filters
SSID Cloaking/Hiding
Legacy Authentication?
Open system or shared key authentication Wired Equivalent Privacy Pre-shared keys Weak when compared to more modern methods Still used for legacy devices
Open System Authentication?
Two way exchange between the client radio and the access point
- The client sends and authentication request
- The access point then sends an authentication response
Does not require any credential
Anybody can have association
Shared Key Authentication?
Four-way authentication frame handshake
Four-Way authentication frame handshake?
The client station sends an authentication request to the access point
The access point sends a cleartext challenge to the client station in an authentication response
The client station encrypts the cleartext challenge and sends it back to the access point in the body of another authentication request frame.
The access point decrypts the station’s response and compares it to the challenge text
Static WEP Encryption?
Uses a 24bit Initialization Vector
Can use either a 40 bit or 104 bit encryption key
WEP Provides?
Data Integrity
Confidentiality
Access Control
Data Integrity?
A data integrity checksum known as the integrity check value is computed on a data before encryption and used to prevent data from being modified
Confidentiality?
The primary goal of confidentiality was to provide data privacy by encrypting the data before transmission
Access Control?
For WEP this is a crude form of authorization
Client stations that do not have the same matching static WEP key as an access point are refused to access to network resources
WEP Encryption Process?
RC4 - Rivest Cipher
WEP Weaknesses?
IV Collisions Attack
Weak Key Attack
Reinjection Attack
Bit-flipping Attack
Easily cracked using freeware
Not allowed in CDE
Other Security Measures?
MAC Filters
SSID Cloaking
In and of themselves these measures are not sufficient
Can be a part of a layered approach
MAC Filters?
Block or Allow clients based upon MAC Address
Easily Bypassed through spoofing
Time consuming to implement
Does not scale well
SSID Cloaking?
Removes the SSID from Beacon frames
Does not stop the SSID from being used in the other frames
May cause Roaming problems
Forces the use of Active scanning in the service set
Robust Security Network?
Two stations must authenticate and associate with each other
Create dynamic encryption keys through a process known at the 4-way Handshake
Components of RSN?
Authentication and Authorization 802.1x/EAP Framework Dynamic Encryption Key Generation 4-Way Handshake WPA/WPA2-Personal TKIP Encryption CCMP Encryption
Authentication And Authorization?
Identity/Credential Verification
- Part of AAA
- Grants Access to network and or resources
Pre-shared key authentication (personal)
- No need for external database
Server-based authentication
- Required AAA server
- May require directory access database server
PSK Authorization?
Standard defines Authentication and Key Management services
During 802.1X authentication, an authentication and key management protocol can be either?
A preshared (PSK) protocol An EAP protocol
Name marketing names for PSK authentication?
WPA/WPA2-Passphrase
WPA/WPA2-PSK
WPA/WPA2-Preshared Key
802.1X/EAP Framework
Based on EAP
Supports Mutiple EAP Types
EAP?
Extensible Authentication Protocol
Port Based Access Control
Three Main Components?
Supplicant
Authenticator
Authentication Server
TKIP?
Temporal Key Integrity Protocol
TKIP Encryption?
Optional encryption for an RSN Use constitutes a Legacy RSN Uses a 48 bit Initialization vector Uses the MIC Adds 20 bits of Overhead to frames
MIC?
Message Integrity Check
CCMP?
Counter-Mode (CM) with Cipher Block Chaining (CBC) Message Authentication Code (MAC) Protocol
CCMP Encryption?
Required for an 802.11 RSN Uses the Rijndael algorithm Uses an 8 byte MIC Stronger than TKIP Requires more robust chipset to function
Traffic Segmentation?
VLANs
- Guest
- Voice
- Data
RBAC
RBAC?
Role-Based Access Control
Role Based Access Control?
Is an approach to restricting system access to authorized users.
3 Main components of an RBAC?
Users
Roles
Permissions
RBAC Permissions can be defined as?
Layer 2 permissions
Layer 3 permissions
Layer 4-7 permissions
Bandwidth permissions
Layer 2 permissions?
MAC Filters
Layer 3 permissions?
Access control lists
Layers 4-7 permissions?
Stateful firewall rules
VPN Wireless Security?
Protocols
Encryption
Protocols of VPN?
Point to Point Tunneling Protocol
Layer L2 Tunneling Protocol
Encryption of VPN?
Microsoft Point-To-Point Encryption
Internet Protocol Security
Guest WLAN Security?
Guest SSID
Guest VLAN
Firewall Policy
Captive Web Portal
Guest SSID?
Multiple corporate SSIDs are broadcasted by the company APs along with a guest SSID
Guest VLAN?
Guest traffic is usually segmented from corporate user traffic in a unique VLAN tied to a unique guest subnet
Guest traffic is often also routed to a demilitarized zone
e.g. MCAT, pharma, bar exam, Spanish, Series 7
Dismiss Search Bar
Search
Flashcards in “WLAN Security”
Firewall Policy?
Guest users are not allowed on private networks because corporate network servers and resources usually reside on the private IP space
Captive Web Portal?
Guest users must normally log in through a captive web portal page before they can proceed to the Internet
Wireless Security Management?
Wireless Attacks
Intrusion Monitoring
Security Policy
Wireless Attacks?
Rogue Wireless Devices Peer-To-Peer Attacks Eavesdropping Encryption Cracking Authentication Attacks MAC Spoofing. ...
Rogue Wireless Devices?
Unsanctioned Devices on the Sanctioned Network
Located Behind Firewalls
Growing Risk
ESS or IBSS Devices
Intrusion Monitoring?
Wireless Intrusion Detection System
Wireless Intrusion Prevention System
Mobile WIDS/WIPS
Spectrum Analysis
Wireless Intrusion Detection?
Server uses: signature analysis protocol analysis behavior analysis rf spectrum analysis
Wireless Security Policy?
General Security Policy
Functional Security Policy
Legislative Compliance
Industry Compliance
General Security Policy?
Statement of Authority Appliance Audience Violation Reporting Procedures Risk Assessment and Threat Analysis Security Auditing
Functional Security Policy?
Policy Essentials
Baseline Practices
Design and Implementation
Monitoring and Response
