Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
39 Cards in this Set
- Front
- Back
|
What are the two most common algorithms used to protect data? |
RC4 algorithm and Advanced Encryption Standard (AES) |
|
|
A streaming cipher used in technologies that are often used to protect Internet traffic. |
RC4 algorithm |
|
|
Originally known as the Rijndael algorithm, it is a block cipher that uses CCMP to encrypt 802.11 wireless data. |
AES (Advanced Encryption Standard) |
|
|
A computer security concept that defines the protection of network resources. |
AAA (Authentication, Authorization, and Accounting) |
|
|
The verification of identity and credentials. User must present a username and password |
Authentication |
|
|
Determines if a device or user has the rights to have access to network resources |
Authorization |
|
|
Used to keep a historical trail of who used what resource, when, and where it was used. This tracking is known as? |
Accounting |
|
|
A legacy authentication included in the original 802.11 standard specified what two methods of authentication? |
Open System Authentication and Shared Key Authentication |
|
|
In an open system authentication what two-way exchange between the client radio and the access point occurs? |
1. The client radio sends an authentication request. 2. The access point then sends an authentication response. |
|
|
With Shared Key authentication what was added to the open system authentication process to make Shared Key authentication more secure? |
A challenge and response between the radio cards. 1. Client sends authentication request to the AP 2. The AP sends a cleartext challenge to the client station in an authentication response. 3. The client station encrypts the cleartext challenge and sends it back to the AP. 4. The AP decrypts the response and compares the challenge. |
|
|
A layer 2 encryption method that used the RC4 streaming cipher. Offered a 64-bit and 128-bit encryption. |
WEP (Wireless Equivalent Privacy) |
|
|
What were the three main goals of WEP (Wireless Equivalent Privacy)? |
Confidentiality Access Control Data Integrity |
|
|
What four main attacks is WEP (Wireless Equivalent Privacy) prone to? |
IV Collisions Attack Weak Key Attack Reinjection Attack Bit-Flipping Attack |
|
|
MAC filters can be used to deny client associations to an AP. Why is MAC filtering not considered a reliable means of security for wireless enterprise networks? |
Because MAC address can be spoofed, or impersonated. |
|
|
In a robust security network (RSN), two stations must authenticate and associated with each other. To do this they create ___________ in a process known as the ____________. |
Dynamic; 4-way handshake |
|
|
What type of authentication technique is meant to be used in the SOHO environment? |
PSK authentication (Pre-Shared Key) |
|
|
PSK authentication can be vulnerable to a brute-force attack because why? |
The passphrase is static leading it to be susceptible to social engineering attacks. |
|
|
This standard is not a wireless standard and it a port based access control standard. Provides an authorization framework that allows or disallows traffic to pass through a port. |
802.1X |
|
|
What three main components make up the 802.1X framework? |
Supplicant Authenticator Authentication Server (AS) |
|
|
A host with software the request authentication and access to network resources is known as what? |
Supplicant |
|
|
A device that either blocks or allows traffic to pass through its port entity. This device maintains two virtual ports: an uncontrolled port and a controlled port. |
Authenticator |
|
|
What validates the credentials of the host. This maintains a user database, such as an LDAP database, to verify user credentials |
Authentication Server |
|
|
What protocol works with the supplicant, authenticator, and authentication server to provide user authentication? |
EAP (Extensible Authentication Protocol) |
|
|
In the 4 way handshake what final encryption key is used to encrypt/decrypt unicast traffic? |
PTK (Pairwise Transient Key) |
|
|
In the 4 way handshake what final encryption key is used to encrypt/decrypt broadcast and multicast traffic? |
GTK (Group Temporal Key) |
|
|
An enhancement of WEP this method uses the RC4 cipher and was developed to rectify the weaknesses of WEP. Uses a process known as per-packet key mixing. |
TKIP (Temporal Key Integrity Protocol) |
|
|
WEP encryption adds an extra 8 bytes of overhead to the body of an 802.11 data frame. When TKIP is implemented how many bytes of overhead are added to the body of an 802.11 data frame? |
20 bytes |
|
|
What default encryption method is defined under the 802.11i amendment? |
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) |
|
|
How many bytes are added to the overhead of the body of an 802.11 data frame when CCMP/AES (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol/Advanced Encryption Standard) is used. |
16 bytes |
|
|
Most WLAN vendors allow a radio to broadcast how many SSIDs? Even though they can broadcast this amount of SSIDs, what is the best practice for broadcasting them? |
16 SSIDs can be broadcasted but the best practice is to broadcast only 3 or 4 SSIDs. 40 percent performance reduction could be the result of using 16 SSIDs |
|
|
What are the three main components of a Role-Based Access Control (RBAC)?
|
Users, Roles, and Permissions |
|
|
A network administrator needs a way to control the network resources that can be accessed by employees based on their department. What feature would allow the administrator to accomplish this? |
RBAC (Role-Based Access Control) |
|
|
The 802.11-2012 standard requires the use of strong, dynamic encryption key generation methods. ________ encryption is the default encryption method, and _______ is an optional encryption method. |
CCMP/AES; TKIP/RC4 |
|
|
What does WPA-Personal use for authentication? |
preshared key |
|
|
What layer 2 protocol is very flexible, and has many different variations or "flavors"? |
EAP (Extensible Authentication Protocol) |
|
|
In WLAN security, which authentication method always creates Layer 2 dynamic encryption keys? |
WPA/WPA2 PSK |
|
|
If a radio is WPA compliant, it most likely only supports what type of encryption method? |
TKIP/RC4 |
|
|
If a radio is WPA2 compliant, it supports what type of dynamic encryption method? |
CCMP/AES |
|
|
In an 802.1X/EAP process the AP could act as the ________. |
Authenticator |
