IS577 Chapter 8
RFID spectrum
Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust? RFID spectrum Frequency band Channel width Channel selection
Ad hoc mode
Networks that are not using AP operate in what mode?
Bluejacking
What is an attack that sends unsolicited messages to Bluetooth-enabled devices?
WNIC probe
Which of these is NOT a type of wireless AP probe? dedicated probe WNIC probe AP probe wireless device probe
WPA WPA2
what are the foundations of wireless security today?
Infrastructure mode
A WLAN using an AP is operating in what mode?
Controller AP
A wireless LAN controller (WLC) was recently installed, and now Kelsey needs to purchase several new APs to be managed by it. Which type of AP should he purchase? Controller AP Standalone AP Any type of AP can be managed by a WLC. Fat AP
WPA2
AES-CCMP is the encryption protocol standard used in _____. IEEE 802.11 WPA2 NFC WPA
passive
Are most RFID tags passive or active?
NFC uses
Automobiles, entertainment, office, retail stores, and transportation are all examples of what?
128-bit
Both CCMP and TKIP use what bit encryption?
NFC attack
Eavesdropping, Data theft, Man-in-the-Middle attack, and device theft are all what type of attack?
It is a framework for transporting authentication protocols
Elijah was asked by a student intern to explain the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP? - It is a framework for transporting authentication protocols - It is a subset of WPA2 - It is the transport protocol used in TCP/IP for authentication - It is a technology used by IEEE 802.11 for encryption
captive portal
Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to first agree to an Acceptable Use Policy (AUP) before continuing. What type of AP has he encountered? authenticated portal web-based portal captive portal rogue portal
Preshared key (PSK)
How is authentication for WPA Personal accomplished?
24
In WEP, the initialization vector is how many bits?
AP
In WEP, the secret key is shared between wireless client device and _____?
hard edge
In a network, a well-defined boundary protects data and resources. This boundary is known as a?
Wi-Fi Protected Setup (WPS)
It is a wireless network security standard that tries to make connections between a router and wireless devices faster and easier.
EAP-FAST
Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend? (Slide 43) EAP-SSL EAP-TTLS EAP-FAST EAP-TLS
SSID
Not advertising the _______ provides a weak degree of security and has these limitations: 1. ______can be discovered when transmitted in other frames 2. May prevent users from being able to freely roam from one AP coverage area to another 3. It's not always possible to turn off ______ beaconing
Signal Strength Settings
Some APs allow adjustment of the power level at which the LAN transmits. What is this called?
Spectrum Selection
Some APs provide the ability to adjust frequency spectrum settings. What is this called?
WPA2
The 2nd generation of WPA is known as?
Wi-Fi Direct
The Wi-Fi Alliance has created a similar technical specification called?
WPS
The following are all flaws of what? * There is no lockout limit for entering pins? * The last PIN character is only a checksum * The wireless router reports the validity of the 1st and 2nd halves of the PIN separately
wireless attacks
The following are all types of what kind of attack? Rogue access points, evil twins, intercepting wireless data, wireless replay attacks, denial of service attacks.
Access Point (AP)
The following are functions of what? * Acts as a "base station" for wireless network * Acts as a bridge between wireless and wired networks
Access Point (AP)
The following are major parts of what component? * Antenna & radio tx/rx send and receive wireless signals * Wired network interface allows it to connect by cable to standard wired network * Access Point (AP) functions
Protect a wireless network
The following are steps for what? * Detect rogue access points * Choose the best type of AP to match the needs of the network * Manage APs through a WLC * Use a captive portal AP * Access point power level adjustment * Antenna positioning?
WPA
The following are vulnerabilities of what? * Key management - Key sharing is done manually without security protection - keys must be changed on a regular basis - keys must be disclosed to guest users * Passphrases - PSK passphrases of fewer than 20 characters are subject to cracking
blurred edges
The introduction of WLANs in enterprises has changed hard edges to what?
evil twin
The primary design of a(n) _____ is to capture the transmissions from legitimate users. WEP evil twin rogue access point Bluetooth grabber
RFID Attacks
Unauthorized tag access, fake tags, and eavesdropping are all what type of attacks?
Temporal Key Integrity Protocol (TKIP)
WPA replaces WEP with _____. Temporal Key Integrity Protocol (TKIP) Message Integrity Check (MIC) WPA2 Cyclic Redundancy Check (CRC)
Captive Portal APs
What AP uses standard web browser to provide information and gives the wireless user the opportunity to agree to a policy or present valid login credentials.
Controller APs
What APs are managed through a dedicated wireless LAN controller (WLC)?
Push-button method
What WPS method has a user push buttons and security configuration takes place?
PIN method
What WPS method utilizes a PIN printed on a sticker of the wireless router or displayed through a software wizard?
PIN method Push-button method
What are 2 common WPS methods?
Fat APs
What are autonomous APs that have intelligence required to manage wireless authentication, encryption, and other functions for the wireless devices they serve?
Signal strength settings Spectrum selection antennas wireless peripheral protection
What are some AP configuration and device options?
WPA2 Personal WPA2 Enterprise
What are the 2 modes of WPA2?
Wireless device probe Desktop probe Access point probe Dedicated probe
What are the four types of wireless probes that can monitor airwaves for traffic?
IEEE 802.11i WPA WPA2
What are the wireless security solution standards used today?
Addresses exchanged in unencrypted format Managing large number of addresses is challenging
What are vulnerabilities of MAC address filtering?
Wireless replay attack
What attack is also known as a man-in-the-middle attack?
Wireless replay attack
What attack is also known as hijacking and the attacker captures trasnmitted wireless data, records it, and then sends it on to its original recipient without the attackers presence being detected.
Wireless denial of service attack
What attack uses RF jamming, spoofing, and manipulating duration field values?
Bluetooth attacks NFC attacks RFI systems Wireless LAN attacks
What attacks can be directed against wireless data systems?
WEP
What can only used 64-bit or 128-bit numbers to encrypt? The Initialization Vector is only 24 of those bits?
CBC-MAC
What component of CCMP provides data integrity and authentication?
Wireless client NIC adapter
What component performs the same functions as a wired adapter, and has an antenna that sends and receives signals through the airwaves?
NFC devices
What devices are used in contactless payment systems?
Message Integrity Check (MIC)
What does TKIP include to prevent MITM attacks
RFID tags
What does not have their own power supply and does not require a power supply?
Standard for wireless networks
What is IEEE 802.11
Protected EAP (PEAP)
What is a common EAP protocol?
Active NFC device
What is a device that can read information as well as transmit data?
Passive NFC device
What is a device that contains information that other devices can read but does not read or receive any information?
RFID is designed for paper-based tags while NFC is not
What is a difference between NFC and RFID? - NFC devices cannot pair as quickly as RFID devices. - RFID is designed for paper-based tags while NFC is not. - NFC is based on wireless technology while RFID is not. - RFID is faster than NFC.
Extensible Authentication Protocol (EAP)
What is a framework for transporting authentication protocols?
MAC address filtering
What is a method used to control WLAN access
Near Field Communication (NFC)
What is a set of standards primarily for smartphones and smartcards used to communicate with devices in close proximity?
WLC
What is a single device that can be configured and settings are automatically distributed to all controller APs
Radio Frequency Identification (RFID)
What is a wireless technology similar to NFC?
Bluetooth
What is a wireless technology that provides Personal Area Network (PAN) technology?
Bluetooth
What is a wireless technology that provides rapid device pairing?
Bluetooth
What is a wireless technology that uses short range radio-frequency (RF) transmissions?
Evil twin
What is an AP set up by an attacker? It attempts to mimic an authorized AP and allows attackers to capture transmissions from users to __________ AP.
WEP
What is an IEEE 802.11 security protocol designed to ensure that only authorized parties can view transmissions?
Bluesnarfing
What is an attack that accesses unauthorized information from a wireless device through a Bluetooth connection?
site survey
What is an in-depth examination and analysis of a wireless LAN site?
WPS
What is an optional means of configuring security on WLANS?
Rogue AP
What is an unauthorized AP that allows an attacker to bypass network security and open the network and its users to attack?
Rogue access point
What is an unauthorized access point that allows an attacker to bypass network security configurations?
Radio frequency identifier (RFID)
What is commonly used to transmit information between employee identification badges, inventory tags, book labels, and other paper-based tags that can be detected by a proximity reader?
Wireless LAN (WLAN)
What is designed to replace or supplement a wired LAN?
AP types
What is divided into the following: Fat vs. Thin Controller vs. Standalone Captive portal APs
Piconet
What is established when 2 bluetooth devices come within range of each other?
Wired Equivalent Privacy (WEP)
What is is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN
Wi-Fi Protected Access (WPA)
What is is a security standard for users of computing devices equipped with wireless internet connections, or Wi-Fi. It improved upon and replaced the original Wi-Fi security standard, Wired Equivalent Privacy (WEP).
Intercepting wireless data
What is it called when an attacker can pick up the RF signal from an open or misconfigured AP?
Generation 2
What is the current version of RFID standards known as?
Counter Mode with Cipher Block Chaining Message Authentication (CCMP)
What is the encryption protocol used for WPA2?
Its usage creates a detectable pattern.
What is the primary weakness of wired equivalent privacy (WEP)? - Initialization vectors (IVs) are difficult for users to manage. - Its usage creates a detectable pattern. - It slows down a WLAN from 104 Mbps to 16 Mbps. - It functions only on specific brands of APs.
Near field communication (NFC)
What is the set of standards used to establish a connection between devices in close proximity?
Service Set Identifier (SSID)
What is the user-supplied network name of a wireless network, and is usually broadcast so that any device can see it?
MAC address filtering
What is used by nearly all wireless AP vendors, permits or blocks device based on MAC address
Residential WLAN gateway
What is used by small offices or home users to connect to the internet? Their features include AP, firewall, router, DHCP server, and others.
IEEE 802.11g
What preserves stable and widely accepted features of 802.11b and increases data transfer rates similar to 802.11a?
EAP-FAST
What protocol securely tunnels any credential form for authentication (such as password or a token) using TLS.
DAP-TTLS
What protocol securely tunnels client password authentication within the TLS records?
EAP-TLS
What protocol uses digital certificates for authentication?
IEEE 802.1x
What specification implements port-based authentication?
IEEE 802.11a
What specifies the maximum rate speed of 54 Mbps using the 5GHz spectrum?
IEEE 802.11ac
What wireless spec was ratified in early 2014 and has data rates over 7 Gbps?
Thin APs
Which APs do not contain all the management and configuration functions found in fat APs?
Bluejacking
Which bluetooth attack is considered more annoying than harmful?
Install a network sensor to detect an attack
Which of the following is NOT a wireless peripheral protection option? Substitute a wired device Switch to a more fully tested Bluetooth model Update or replacing any vulnerable device Install a network sensor to detect an attack
It is most commonly used in an enterprise setting
Which of the following is NOT true of a wireless router? - It combines multiple features into a single hardware device. - It is also called a "residential WLAN gateway". - It often includes features of an access point (AP). - It is most commonly used in an enterprise setting .
Bluesnarfing
Which of these Bluetooth attacks involves accessing unauthorized information through a Bluetooth connection? Bluecreeping Bluestealing Bluesnarfing Bluejacking
PIN method
Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable? PIN method Push-Button method NFC method piconet method
Users can more easily roam from one WLAN to another.
Which of these is NOT a limitation of turning off the SSID broadcast from an AP? - Turning off the SSID broadcast may prevent users from being able to freely roam from one AP coverage area to another. - The SSID can easily be discovered, even when it is not contained in beacon frames, because it still is transmitted in other management frames sent by the AP. - Users can more easily roam from one WLAN to another. - Some versions of operating systems favor a network that broadcasts an SSID over one that does not.
Only a small percentage of the total traffic can be encrypted.
Which of these is NOT a risk when a home wireless router is not securely configured? - An attacker can steal data from any folder with file sharing enabled. - User names, passwords, credit card numbers, and other information sent over the WLAN could be captured by an attacker. - Malware can be injected into a computer connected to the WLAN. - Only a small percentage of the total traffic can be encrypted.
MAC addresses are initially exchanged unencrypted.
Which of these is a vulnerability of MAC address filtering? The user must enter the MAC. Not all operating systems support MACs. APs use IP addresses instead of MACs. MAC addresses are initially exchanged unencrypted.
near field communication (NFC)
Which technology is predominately used for contactless payment systems? near field communication (NFC) wireless local area network (WLAN) Radio Frequency ID (RFID) Bluetooth
IEEE 802.11n
Which wireless spec was ratified in 2009 and provided improvements to speed, coverage area, resistence to interference and strong security?
It allows an attacker to bypass many of the network security configurations.
Why is a rogue AP a security vulnerability? - It conflicts with other network firewalls and can cause them to become disabled. - It allows an attacker to bypass network security configurations. - It uses the weaker IEEE 80211i protocol. - It requires the use of vulnerable wireless probes on all mobile devices.