IS577 Chapter 8

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

RFID spectrum

Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust? RFID spectrum Frequency band Channel width Channel selection

Ad hoc mode

Networks that are not using AP operate in what mode?

Bluejacking

What is an attack that sends unsolicited messages to Bluetooth-enabled devices?

WNIC probe

Which of these is NOT a type of wireless AP probe? dedicated probe WNIC probe AP probe wireless device probe

WPA WPA2

what are the foundations of wireless security today?

Infrastructure mode

A WLAN using an AP is operating in what mode?

Controller AP

A wireless LAN controller (WLC) was recently installed, and now Kelsey needs to purchase several new APs to be managed by it. Which type of AP should he purchase? Controller AP Standalone AP Any type of AP can be managed by a WLC. Fat AP

WPA2

AES-CCMP is the encryption protocol standard used in _____. IEEE 802.11 WPA2 NFC WPA

passive

Are most RFID tags passive or active?

NFC uses

Automobiles, entertainment, office, retail stores, and transportation are all examples of what?

128-bit

Both CCMP and TKIP use what bit encryption?

NFC attack

Eavesdropping, Data theft, Man-in-the-Middle attack, and device theft are all what type of attack?

It is a framework for transporting authentication protocols

Elijah was asked by a student intern to explain the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP? - It is a framework for transporting authentication protocols - It is a subset of WPA2 - It is the transport protocol used in TCP/IP for authentication - It is a technology used by IEEE 802.11 for encryption

captive portal

Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to first agree to an Acceptable Use Policy (AUP) before continuing. What type of AP has he encountered? authenticated portal web-based portal captive portal rogue portal

Preshared key (PSK)

How is authentication for WPA Personal accomplished?

24

In WEP, the initialization vector is how many bits?

AP

In WEP, the secret key is shared between wireless client device and _____?

hard edge

In a network, a well-defined boundary protects data and resources. This boundary is known as a?

Wi-Fi Protected Setup (WPS)

It is a wireless network security standard that tries to make connections between a router and wireless devices faster and easier.

EAP-FAST

Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend? (Slide 43) EAP-SSL EAP-TTLS EAP-FAST EAP-TLS

SSID

Not advertising the _______ provides a weak degree of security and has these limitations: 1. ______can be discovered when transmitted in other frames 2. May prevent users from being able to freely roam from one AP coverage area to another 3. It's not always possible to turn off ______ beaconing

Signal Strength Settings

Some APs allow adjustment of the power level at which the LAN transmits. What is this called?

Spectrum Selection

Some APs provide the ability to adjust frequency spectrum settings. What is this called?

WPA2

The 2nd generation of WPA is known as?

Wi-Fi Direct

The Wi-Fi Alliance has created a similar technical specification called?

WPS

The following are all flaws of what? * There is no lockout limit for entering pins? * The last PIN character is only a checksum * The wireless router reports the validity of the 1st and 2nd halves of the PIN separately

wireless attacks

The following are all types of what kind of attack? Rogue access points, evil twins, intercepting wireless data, wireless replay attacks, denial of service attacks.

Access Point (AP)

The following are functions of what? * Acts as a "base station" for wireless network * Acts as a bridge between wireless and wired networks

Access Point (AP)

The following are major parts of what component? * Antenna & radio tx/rx send and receive wireless signals * Wired network interface allows it to connect by cable to standard wired network * Access Point (AP) functions

Protect a wireless network

The following are steps for what? * Detect rogue access points * Choose the best type of AP to match the needs of the network * Manage APs through a WLC * Use a captive portal AP * Access point power level adjustment * Antenna positioning?

WPA

The following are vulnerabilities of what? * Key management - Key sharing is done manually without security protection - keys must be changed on a regular basis - keys must be disclosed to guest users * Passphrases - PSK passphrases of fewer than 20 characters are subject to cracking

blurred edges

The introduction of WLANs in enterprises has changed hard edges to what?

evil twin

The primary design of a(n) _____ is to capture the transmissions from legitimate users. WEP evil twin rogue access point Bluetooth grabber

RFID Attacks

Unauthorized tag access, fake tags, and eavesdropping are all what type of attacks?

Temporal Key Integrity Protocol (TKIP)

WPA replaces WEP with _____. Temporal Key Integrity Protocol (TKIP) Message Integrity Check (MIC) WPA2 Cyclic Redundancy Check (CRC)

Captive Portal APs

What AP uses standard web browser to provide information and gives the wireless user the opportunity to agree to a policy or present valid login credentials.

Controller APs

What APs are managed through a dedicated wireless LAN controller (WLC)?

Push-button method

What WPS method has a user push buttons and security configuration takes place?

PIN method

What WPS method utilizes a PIN printed on a sticker of the wireless router or displayed through a software wizard?

PIN method Push-button method

What are 2 common WPS methods?

Fat APs

What are autonomous APs that have intelligence required to manage wireless authentication, encryption, and other functions for the wireless devices they serve?

Signal strength settings Spectrum selection antennas wireless peripheral protection

What are some AP configuration and device options?

WPA2 Personal WPA2 Enterprise

What are the 2 modes of WPA2?

Wireless device probe Desktop probe Access point probe Dedicated probe

What are the four types of wireless probes that can monitor airwaves for traffic?

IEEE 802.11i WPA WPA2

What are the wireless security solution standards used today?

Addresses exchanged in unencrypted format Managing large number of addresses is challenging

What are vulnerabilities of MAC address filtering?

Wireless replay attack

What attack is also known as a man-in-the-middle attack?

Wireless replay attack

What attack is also known as hijacking and the attacker captures trasnmitted wireless data, records it, and then sends it on to its original recipient without the attackers presence being detected.

Wireless denial of service attack

What attack uses RF jamming, spoofing, and manipulating duration field values?

Bluetooth attacks NFC attacks RFI systems Wireless LAN attacks

What attacks can be directed against wireless data systems?

WEP

What can only used 64-bit or 128-bit numbers to encrypt? The Initialization Vector is only 24 of those bits?

CBC-MAC

What component of CCMP provides data integrity and authentication?

Wireless client NIC adapter

What component performs the same functions as a wired adapter, and has an antenna that sends and receives signals through the airwaves?

NFC devices

What devices are used in contactless payment systems?

Message Integrity Check (MIC)

What does TKIP include to prevent MITM attacks

RFID tags

What does not have their own power supply and does not require a power supply?

Standard for wireless networks

What is IEEE 802.11

Protected EAP (PEAP)

What is a common EAP protocol?

Active NFC device

What is a device that can read information as well as transmit data?

Passive NFC device

What is a device that contains information that other devices can read but does not read or receive any information?

RFID is designed for paper-based tags while NFC is not

What is a difference between NFC and RFID? - NFC devices cannot pair as quickly as RFID devices. - RFID is designed for paper-based tags while NFC is not. - NFC is based on wireless technology while RFID is not. - RFID is faster than NFC.

Extensible Authentication Protocol (EAP)

What is a framework for transporting authentication protocols?

MAC address filtering

What is a method used to control WLAN access

Near Field Communication (NFC)

What is a set of standards primarily for smartphones and smartcards used to communicate with devices in close proximity?

WLC

What is a single device that can be configured and settings are automatically distributed to all controller APs

Radio Frequency Identification (RFID)

What is a wireless technology similar to NFC?

Bluetooth

What is a wireless technology that provides Personal Area Network (PAN) technology?

Bluetooth

What is a wireless technology that provides rapid device pairing?

Bluetooth

What is a wireless technology that uses short range radio-frequency (RF) transmissions?

Evil twin

What is an AP set up by an attacker? It attempts to mimic an authorized AP and allows attackers to capture transmissions from users to __________ AP.

WEP

What is an IEEE 802.11 security protocol designed to ensure that only authorized parties can view transmissions?

Bluesnarfing

What is an attack that accesses unauthorized information from a wireless device through a Bluetooth connection?

site survey

What is an in-depth examination and analysis of a wireless LAN site?

WPS

What is an optional means of configuring security on WLANS?

Rogue AP

What is an unauthorized AP that allows an attacker to bypass network security and open the network and its users to attack?

Rogue access point

What is an unauthorized access point that allows an attacker to bypass network security configurations?

Radio frequency identifier (RFID)

What is commonly used to transmit information between employee identification badges, inventory tags, book labels, and other paper-based tags that can be detected by a proximity reader?

Wireless LAN (WLAN)

What is designed to replace or supplement a wired LAN?

AP types

What is divided into the following: Fat vs. Thin Controller vs. Standalone Captive portal APs

Piconet

What is established when 2 bluetooth devices come within range of each other?

Wired Equivalent Privacy (WEP)

What is is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN

Wi-Fi Protected Access (WPA)

What is is a security standard for users of computing devices equipped with wireless internet connections, or Wi-Fi. It improved upon and replaced the original Wi-Fi security standard, Wired Equivalent Privacy (WEP).

Intercepting wireless data

What is it called when an attacker can pick up the RF signal from an open or misconfigured AP?

Generation 2

What is the current version of RFID standards known as?

Counter Mode with Cipher Block Chaining Message Authentication (CCMP)

What is the encryption protocol used for WPA2?

Its usage creates a detectable pattern.

What is the primary weakness of wired equivalent privacy (WEP)? - Initialization vectors (IVs) are difficult for users to manage. - Its usage creates a detectable pattern. - It slows down a WLAN from 104 Mbps to 16 Mbps. - It functions only on specific brands of APs.

Near field communication (NFC)

What is the set of standards used to establish a connection between devices in close proximity?

Service Set Identifier (SSID)

What is the user-supplied network name of a wireless network, and is usually broadcast so that any device can see it?

MAC address filtering

What is used by nearly all wireless AP vendors, permits or blocks device based on MAC address

Residential WLAN gateway

What is used by small offices or home users to connect to the internet? Their features include AP, firewall, router, DHCP server, and others.

IEEE 802.11g

What preserves stable and widely accepted features of 802.11b and increases data transfer rates similar to 802.11a?

EAP-FAST

What protocol securely tunnels any credential form for authentication (such as password or a token) using TLS.

DAP-TTLS

What protocol securely tunnels client password authentication within the TLS records?

EAP-TLS

What protocol uses digital certificates for authentication?

IEEE 802.1x

What specification implements port-based authentication?

IEEE 802.11a

What specifies the maximum rate speed of 54 Mbps using the 5GHz spectrum?

IEEE 802.11ac

What wireless spec was ratified in early 2014 and has data rates over 7 Gbps?

Thin APs

Which APs do not contain all the management and configuration functions found in fat APs?

Bluejacking

Which bluetooth attack is considered more annoying than harmful?

Install a network sensor to detect an attack

Which of the following is NOT a wireless peripheral protection option? Substitute a wired device Switch to a more fully tested Bluetooth model Update or replacing any vulnerable device Install a network sensor to detect an attack

It is most commonly used in an enterprise setting

Which of the following is NOT true of a wireless router? - It combines multiple features into a single hardware device. - It is also called a "residential WLAN gateway". - It often includes features of an access point (AP). - It is most commonly used in an enterprise setting .

Bluesnarfing

Which of these Bluetooth attacks involves accessing unauthorized information through a Bluetooth connection? Bluecreeping Bluestealing Bluesnarfing Bluejacking

PIN method

Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable? PIN method Push-Button method NFC method piconet method

Users can more easily roam from one WLAN to another.

Which of these is NOT a limitation of turning off the SSID broadcast from an AP? - Turning off the SSID broadcast may prevent users from being able to freely roam from one AP coverage area to another. - The SSID can easily be discovered, even when it is not contained in beacon frames, because it still is transmitted in other management frames sent by the AP. - Users can more easily roam from one WLAN to another. - Some versions of operating systems favor a network that broadcasts an SSID over one that does not.

Only a small percentage of the total traffic can be encrypted.

Which of these is NOT a risk when a home wireless router is not securely configured? - An attacker can steal data from any folder with file sharing enabled. - User names, passwords, credit card numbers, and other information sent over the WLAN could be captured by an attacker. - Malware can be injected into a computer connected to the WLAN. - Only a small percentage of the total traffic can be encrypted.

MAC addresses are initially exchanged unencrypted.

Which of these is a vulnerability of MAC address filtering? The user must enter the MAC. Not all operating systems support MACs. APs use IP addresses instead of MACs. MAC addresses are initially exchanged unencrypted.

near field communication (NFC)

Which technology is predominately used for contactless payment systems? near field communication (NFC) wireless local area network (WLAN) Radio Frequency ID (RFID) Bluetooth

IEEE 802.11n

Which wireless spec was ratified in 2009 and provided improvements to speed, coverage area, resistence to interference and strong security?

It allows an attacker to bypass many of the network security configurations.

Why is a rogue AP a security vulnerability? - It conflicts with other network firewalls and can cause them to become disabled. - It allows an attacker to bypass network security configurations. - It uses the weaker IEEE 80211i protocol. - It requires the use of vulnerable wireless probes on all mobile devices.


Set pelajaran terkait

Women and Gender History Midterm

View Set

Chapter 51: Alterations in the Endocrine syste

View Set

CITI - Privacy and Confidentiality - SBE

View Set

Chapter 11 11.6.8 Practice Questions

View Set

HUN2201- Chapter 6 (Study Guide)

View Set

Spanish- Prueba 4 (imperfect tense)

View Set

CRIM LAW I CH 2 - ACTUS REUS AND MENS REA

View Set

Ch. 5: Mental Health Care in the Community

View Set

Strayer Chapter 12 Vocab & Big Picture Questions

View Set