Intro to Network Security sixth ed chapter 8

ad hoc mode

A WLAN functioning without an AP

access point (AP)

A centrally located WLAN connection device that can send and receive information.

ad hoc topology

A configuration in which networks can be created "on the fly" as needed.

Extensible Authentication Protocol (EAP)

A framework for transporting authentication protocols that defines the format of the messages.

rogue AP system detection

A means for identifying rogue AP devices.

Media Access Control (MAC) address filtering

A method for controlling access to a WLAN based on the device's MAC address.

wireless replay attack

A passive attack in which the attacker captures transmitted wire- less data, records it, and then sends it on to the original recipient without the attacker's presence being detected.

near field communication (NFC)

A set of standards used to establish communication between devices in very close proximity.

IEEE 802.1x

A standard, originally developed for wired networks, that provides a greater degree of security by implementing port-based authentication.

wireless local area network (WLAN)

A wire- less network designed to replace or supplement a wired local area network (LAN). Commonly called Wi-Fi.

radio frequency identification (RFID)

A wire- less set of standards used to transmit information from paper-based tags to a proximity reader.

disassociation attack

A wireless attack in which false de-authentication or disassociation frames are sent to an AP that appear to come from another client device, causing the client to disconnect.

open method

A wireless network mode in which no authentication is required.

Bluetooth

A wireless technology that uses short-range radio frequency (RF) transmissions and provides rapid ad hoc device pairings.

evil twin

An AP set up by an attacker to mimic an authorized AP and capture transmissions, so a user's device will unknowingly connect to this evil twin instead of the authorized AP

thin AP

An AP that does not contain all the management and configuration functions.

controller APs

An AP that is managed through a dedicated wireless LAN controller (WLC)

Protected EAP (PEAP)

An EAP method designed to simplify the deployment of 802.1x by using Microsoft Windows logins and passwords.

EAP-FAST

An Extensible Authentication Protocol that securely tunnels any credential form for authen- tication (such as a password or a token) using TLS.

EAP-TTLS

An Extensible Authentication Protocol that securely tunnels client password authentica- tion within Transport Layer Security (TLS) records.

EAP-TLS

An Extensible Authentication Protocol that uses digital certificates for authentication.

standalone APs

An access point (AP) that does not require another device for management

bluesnarfing

An attack that accesses unauthorized information from a wireless device through a Bluetooth connection.

bluejacking

An attack that sends unsolicited messages to Bluetooth-enabled devices.

certificate-based authentication

An authentication method in which each supplicant cable lock computer must have a digital certificate as proof of its identity.

captive portal AP

An infrastructure that is used on public access WLANs that uses a standard web browser to provide information, and gives the wireless user the opportunity to agree to a policy or present valid login credentials to provide a higher degree of security.

Wi-Fi Protected Setup (WPS)

An optional means of configuring security on wireless local area networks primarily intended to help users who have little or no knowledge of security to quickly and easily implement security on their WLANs. Due to design and implementation flaws, WPS is not considered secure.

rogue AP

An unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks.

enterprise method

Authentication for the WPA2 Enterprise model.

fat APs

Autonomous AP in which everything is self-contained in a single device.

jamming

Intentionally flooding the radio frequency (RF) spectrum with extraneous RF signal "noise" that creates interference and prevents communications from occurring.

Temporal Key Integrity Protocol (TKIP)

The WPA and WPA2 encryption technology.

Wi-Fi Direct

The Wi-Fi Alliance implementation of WLAN ad hoc mode

Service Set Identifier (SSID)

The alphanumeric user-supplied network name of a WLAN.

preshared key (PSK)

The authentication model used in WPA that requires a secret key value to be entered in the AP and all approved wireless devices prior to communicating.

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)

The encryption protocol used for WPA2 that specifies the use of a general-purpose cipher mode algorithm providing data privacy with AES.

Wi-Fi Protected Access (WPA)

The original set of protections from the Wi-Fi Alliance designed to address both encryption and authentication.

Wi-Fi Protected Access 2 (WPA2)

The second generation of WPA security from the Wi-Fi Alli- ance that addresses authentication and encryption on WLANs and is currently the most secure model for Wi-Fi security.

Which of these technologies is NOT found in a wireless router? a. Access point b. Router c. Dynamic host configuration protocol (DHCP) server d. Firewall

a. Access point

Which of these Bluetooth attacks involves accessing unauthorized information through a Bluetooth connection? a. Bluesnarfing b. Bluejacking c. Bluecreeping d. Bluestealing

a. Bluesnarfing

Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to first agree to an Acceptable Use Policy (AUP) before continuing. What type of AP has he encountered? a. Captive portal b. Web-based portal c. Rogue portal d. Authenticated portal

a. Captive portal

A wireless LAN controller (WLC) was recently installed, and now Kelsey needs to purchase several new APs to be managed by it. Which type of AP should he purchase? a. Controller AP b. Standalone AP c. Fat AP d. Any type of AP can be managed by a WLC.

a. Controller AP

Which technology is predominately used for contactless payment systems? a. Near field communication (NFC) b. Wireless local area network (WLAN) c. Bluetooth d. Radio Frequency ID (RFID)

a. Near field communication (NFC)

Which of these is NOT a risk when a home wireless router is not securely configured? a. Only a small percentage of the total traffic can be encrypted. b. An attacker can steal data from any folder with file sharing enabled. c. User names, passwords, credit card numbers, and other information sent over the WLAN could be captured by an attacker. d. Malware can be injected into a computer connected to the WLAN.

a. Only a small percentage of the total traffic can be encrypted.

Elijah was asked by a student intern to explain the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP? a. It is the transport protocol used in TCP/IP for authentication. b. It is a framework for transporting authentication protocols. c. It is a subset of WPA2. d. It is a technology used by IEEE 802.11 for encryption.

b. It is a framework for transporting authentication protocols.

What is the primary weakness of wired equivalent privacy (WEP)? a. It functions only on specific brands of APs. b. Its usage creates a detectable pattern. c. It slows down a WLAN from 104 Mbps to 16 Mbps. d. Initialization vectors (IVs) are difficult for users to manage.

b. Its usage creates a detectable pattern.

Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable? a. Push-button method b. PIN method c. Piconet method d. NFC method

b. PIN method

WPA replaces WEP with _____. a. WPA2 b. Temporal Key Integrity Protocol (TKIP) c. cyclic redundancy check (CRC) d. Message Integrity Check (MIC)

b. Temporal Key Integrity Protocol (TKIP)

Which of these is NOT a type of wireless AP probe? a. Wireless device probe b. WNIC probe c. Dedicated probe d. AP probe

b. WNIC probe

AES-CCMP is the encryption protocol standard used in _____ . a. WPA b. WPA2 c. IEEE 802.11 d. NFC

b. WPA2

Which of the following is NOT a wireless peripheral protection option? a. Update or replacing any vulnerable device b. Switch to a more fully tested Bluetooth model c. Install a network sensor to detect an attack d. Substitute a wired device

c. Install a network sensor to detect an attack

Why is a rogue AP a security vulnerability? a. It uses the weaker IEEE 80211i protocol. b. It conflicts with other network firewalls and can cause them to become disabled. c. It allows an attacker to bypass network security configurations. d. It requires the use of vulnerable wireless probes on all mobile devices.

c. It allows an attacker to bypass network security configurations.

Which of these is a vulnerability of MAC address filtering? a. APs use IP addresses instead of MACs. b. The user must enter the MAC. c. MAC addresses are initially exchanged unencrypted. d. Not all operating systems support MACs.

c. MAC addresses are initially exchanged unencrypted.

What is a difference between NFC and RFID? a. NFC is based on wireless technology while RFID is not. b. RFID is faster than NFC. c. RFID is designed for paper-based tags while NFC is not. d. NFC devices cannot pair as quickly as RFID devices.

c. RFID is designed for paper-based tags while NFC is not.

Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust? a. Frequency band b. Channel selection c. RFID spectrum d. Channel width

c. RFID spectrum

Which of these is NOT a limitation of turning off the SSID broadcast from an AP? a. Turning off the SSID broadcast may prevent users from being able to freely roam from one AP coverage area to another. b. Some versions of operating systems favor a network that broadcasts an SSID over one that does not. c. Users can more easily roam from one WLAN to another. d. The SSID can easily be discovered, even when it is not contained in beacon frames, because it still is transmitted in other management frames sent by the AP.

c. Users can more easily roam from one WLAN to another.

The primary design of a(n) _____ is to capture the transmissions from legitimate users. a. rogue access point b. WEP c. evil twin d. Bluetooth grabber

c. evil twin

Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend? a. EAP-TLS b. EAP-TTLS c. EAP-SSL d. EAP-FAST

d. EAP-FAST