Comptia A+ Core 2 > 2.2 - Wireless Encryption > Flashcards

2.2 - Wireless Encryption Flashcards

(8 cards)

Study These Flashcards
1
Q

Securing a wireless network

A
  • An organization’s wireless network can contain
    confidential information
    – Not everyone is allowed access
  • Authenticate the users before granting access
    – Who gets access to the wireless network?
    – Username, password, multi-factor authentication
  • Ensure that all communication is confidential
    – Encrypt the wireless data
  • Verify the integrity of all communication
    – The received data should be identical to
    the original sent data
    – A message integrity check (MIC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

WPA (Wi-Fi Protected Access)

A
  • 2002: WPA was the replacement for serious
    cryptographic weaknesses in
    WEP (Wired Equivalent Privacy)
    Don’t use WEP
  • Needed a short-term bridge between WEP and
    whatever would be the successor
    – Run on existing hardware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Wireless encryption

A
  • All wireless computers are
    radio transmitters and receivers
    – Anyone can listen in
  • Solution: Encrypt the data
    – Everyone has an encryption key
  • Only people with the right key can transmit and listen
    – WPA2 and WPA3
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

WPA2 and CCMP

A
  • Wi-Fi Protected Access II (WPA2)
    – WPA2 certification began in 2004
  • CCMP block cipher mode
    – Counter Mode with Cipher Block Chaining Message
    Authentication Code Protocol, or
    Counter/CBC-MAC Protocol
  • CCMP security services
    – Data confidentiality with AES encryption
    – Message Integrity Check (MIC) with CBC-MAC
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

WPA3 and GCMP

A
  • Wi-Fi Protected Access 3 (WPA3)
    – Introduced in 2018
  • GCMP block cipher mode
    – Galois/Counter Mode Protocol
    – A stronger encryption than WPA2
  • GCMP security services
    – Data confidentiality with AES
    – Message Integrity Check (MIC) with
    – Galois Message Authentication Code (GMAC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The WPA2 PSK problem

A
  • WPA2 has a PSK brute-force problem
    – Listen to the four-way handshake
    – Some methods can derive the PSK hash
    without the handshake
    – Capture the hash
  • With the hash, attackers can brute force the
    pre-shared key (PSK)
  • This has become easier as technology improves
    – A weak PSK is easier to brute force
    – GPU processing speeds
    – Cloud-based password cracking
  • Once you have the PSK, you have everyone’s
    wireless key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SAE

A
  • WPA3 changes the PSK authentication process
    – Includes mutual authentication
    – Creates a shared session key without sending
    that key across the network
    – No more four-way handshakes, no hashes,
    no brute force attacks
  • Simultaneous Authentication of Equals (SAE)
    – A Diffie-Hellman derived key exchange with
    an authentication component
    – Everyone uses a different session key, even with
    the same PSK
    – An IEEE standard - the dragonfly handshake
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Wireless security modes

A
  • Configure the authentication on your
    wireless access point / wireless router
  • Open System
    – No authentication password is required
  • WPA/2/3-Personal / WPA/2/3-PSK
    – WPA2 or WPA3 with a pre-shared key
    – Everyone uses the same 256-bit key
  • WPA/2/3-Enterprise / WPA/2/3-802.1X
    – Authenticates users individually with an
    authentication server (i.e., RADIUS)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
Comptia A+ Core 2
flashcards
Decks in class (69)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions