10a-Wireless Security Flashcards
What is the basic building block of an 802.11 WLAN?
List and briefly define IEEE 802.11 services.
What is the difference between TKIP and CCMP?
In IEEE 802.11, open system authentication simply consists of two communications. An authentication is requested by the client, which contains the station ID (typically the MAC address). This is followed by an authentication response from the AP/router containing a success or failure message. An example of when a failure may occur is if the client’s MAC address is explicitly excluded in the AP/router configuration.
a) What are the benefits of this authentication scheme?
b) What are the security vulnerabilities of this authentication scheme?
a) It can block a list of pre-existing mac addresses.
b) It is still vulnerable to ARP-cache poisoning. (there’s more)
A potential weakness of the CRC as an integrity check is that it is a linear function. This means that you can predict which bits of the CRC are changed if a single bit of the message is changed. Furthermore, it is possible to determine which combination of bits could be flipped in the message so that the net result is no change in the CRC. Thus, there are a number of combinations of bit flippings of the plaintext message that leave the CRC unchanged, so message integrity is defeated. However, in WEP, if an attacker does not know the encryption key, the attacker does not have access to the plaintext, only to the ciphertext block. Does this mean that the ICV is protected from the bit flipping attack? Explain.
Present an overview of security threats and countermeasures for wireless networks.
What are the unique security threats posed by the use of mobile devices with enterprise networks.
Describe the principal elements in a mobile device security strategy.
What are the essential elements of the IEEE 802.11 wireless LAN standard?
Summarize the various components of the IEEE 802.11i wireless LAN security architecture.
