3.4 - Wireless Security Flashcards

1
Q

What is WPA2?

A

Wi-Fi Protected Access II. It uses CCMP block cipher mode. The data is kept confidential with AES, and it includes message integrity check (MIC) with CBC-MAC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is WPA3?

A

Wi-Fi Protected Access III. It uses GCMP block cipher mode, AES, Message Integrity Check (MIC) with Galois Message Authentication Code (GMAC).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the WPA2 PSK problem?

A

An attacker can derive the PSK hash without listening to the 4-way handshake or by listening to the 4-way handshake. Once they have the hash, they can brute force the PSK (pre-shared key).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does WPA3 change the PSK problem with WPA2?

A

It included mutual authentication. It creates a shared session key without sending that key across the network. There are no more four-way handshakes, hashes, or brute force attacks. Adds perfect forward secrecy, keys are changed out often and not shared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Simultaneous Authentication of Equals (SAE)?

A

Used in WPA3. Everyone uses a different session key, even with the same PSK. A Diffie-Hellman derived key exchange with an authentication component.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

List several Wireless Security Modes.

A

1) Open (no security)
2) WPA3-Personal / WPA3-PSK
- Unique WPA3 session key is derived from the PSK
using SAE
3) WPA3-Enterprise / WPA3-802.1X
- Authenticates users individually with an
authentication server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a captive portal?

A

If an Access table recognizes the lack of authentication when you try to connect to a network, it will redirect your web access to a captive portal page where it might ask for a username and password.

Doctor’s office
Guest Wi-Fis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is WPS?

A

Wi-Fi Protect Setup

Allows “easy” setup of a mobile device. You can push a button on AP, use a pin, or use NFC.

The PIN for WPS is weak and can be easily brute forced.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Extensible Authentication Protocol (EAP)?

A

An authentication framework within wireless authentication. It provides many ways to authenticate based on RFC standards, and it integrates with 802.1X.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is IEEE 802.1X?

A

Port-based Network Access Control (NAC)

It is used in conjunction with an access database (RADIUS, LDAP, TACACS+). Access to the network is not given until authentication.

There is a Supplicant (the client), an Authenticator (the device that provides access), and an Authentication Server (validates the client credentials).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is EAP-FAST?

A

EAP Flexible Authentication via Secure Tunneling.

Authentication server (AS) and supplicant share a protected access credential (PAC) (shared secret). Supplicant receives the PAC, and supplicant and the AS mutually authenticate and negotiate a TLS tunnel. User authentication occurs over the TLS tunnel.

A RADIUS server is needed. It provides the authentication database and the EAP-FAST services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is PEEP?

A

Protected Extensible Authentication Protocol

Encapsulates EAP in a TLS tunnel. Authentication Sever (AS) uses a digital certificate instead of a PAC. Client doesn’t use a certificate.

Microsoft uses with MSCHAPv2

User can also authenticate with GTC (Generic Token Card)

Cisco, Microsoft, and RSA Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is EAP-TLS?

A

EAP Transport Layer Security

Requires digital certificates on the Authentication Server (AS) and all other devices. AS and supplicant exchange certificates for mutual authentication. TLS tunnel is then built for the user authentication process.

Relatively complex implementation
- Need a public key infrastructure (PKI)
- Must deploy and manage certificates to all
wireless clients
- Not all devices can support the use of digital
certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is EAP-TTLS?

A

EAP Tunneled Transport Layer Security

Requires a digital certificate on the Authentication Server (AS). It does not require digital certificates on every device. It builds a TLS tunnel using this digital certificate.

Use an authentication method inside the TLS tunnel
- Other EAPs
- MSCHAPv2
- Anything else

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is RADIUS Federation

A

RADIUS with federation

Members of one organization can authenticate to the network of another organization and use their normal credentials.

Uses 802.1X as the authentication method and RADIUS on the backend. EAP to authenticate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the three 2.4 GHz channels that can be run without overlapping?

A

1, 6, 11

17
Q
A