Chapter 8
Protected EAP (PEAP)
A common EAP protocol designed to simplify the deployment of 802.1x by using microsoft windows logins and passwords.
Evil twin
AP set up by an attacker designed to mimic an authorized AP.
802.3
IEEE standard which set specifications for Ethernet local area network technology.
Temporal Key Integrity Protocol (TKIP)
The WPA and WPA2 encryption technology. functions as a wrapper around WEP.
Wi-Fi Protected Access 2 (WPA2)
The second generation of WPA security from the Wi-Fi alliance that addresses authentication and encryption on WLANs and is currently the most secure model of WiFi security.
Extensible authentication protocol (EAP)
a framework for transporting authentication protocols that defines the format of the messages
rogue AP system detection
a means for identifying rogue AP devices which continuously monitor the RF airspace.
Wi-Fi Protected Setup (WPS)
a means of configuring security on wireless local area networks.
Near field communication
a set of standards used to establish communication between devices in very close proximity.
preshared key (PSK)
a value that has been previously shared using a secure communication channel between two parties.
open method
a wireless network in which no authentication in required, such as a local coffee shop.
thin AP
an AP that does not contain all the management and configuration functions.
controller AP
an AP that is managed through a dedicated wireless LAN controller (WLC).
standalone AP
an access point that does not require another device for management.
Bluesnarfing
an attack that accesses unauthorized information from the wireless device through a bluetooth connection.
Bluejacking
attack which sends unsolicited messages to bluetooth enabled devices.
fat APs
autonomous AP in which everything is self-contained in a single device (manage wireless authentication, encryption, and other functions)
Access point
centrally location WLAN connection device that can send and receive information.
Institute of Electrical and Electronics Engineers
dating to 1884, set standards for networking.
Wi-Fi Protected Access(WPA)
designed to fit into WEP engine without requiring extensive hardware upgrades or replacements.Addresses both encryption and authentication.
wireless local area network
designed to replace or supplement a wired local area network
ad hoc mode
devices can only communicate between themselves and cannot connect to another network.
Captive portal AP
infrastructure that uses a standard web browser to provide information, and gives the wireless user the opportunity to agree to a policy or present valid login credentials.
IEEE 802.1x
port-based authentication blocks all traffic on a port-by-port basis until the client is authenticated using credentials stored on an authentication server.
CCMP (counter mode with cipher block chaining message authentication code protocol)
the encryption protocol used for WPA2
Media Access control (MAC) address filtering
the most common type of wireless access control, implemented by permitting instead of preventing.
certificate-based authentication
the most secure form of IEEE 802.1x in which each supplicant computer must have a digital certificate as proof of its identity.
rogue access point
unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks
Radio frequency identification
used to transmit information between employee identification badges, inventory tags, book labels, and other papaer-based tags.
Service Set Identifier (SSID)
user-supplied network name of a wireless network
Bluetooth
wireless technology that uses short-range RF transmissions and provides rapid device pairing.