Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Networking > Module 6 > Flashcards

Module 6 Flashcards

Learning Unit 6 (58 cards)

Start Studying
1
Q

Wireless Transmission Basics

A

Wireless Transmission Basics
* WLANs use RF (radio frequency) waves instead of cables.
* Share higher-layer protocols (Layer 3+) with wired networks.
* Major differences exist at lower OSI layers due to atmospheric variability.
* Common in business, home, and IoT environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Wireless Spectrum Overview

A
  • Wireless spectrum = frequency range for data/voice via electromagnetic waves.
  • Defined by FCC: 9 kHz to 300 GHz.
  • Subdivided into bands, and some bands into channels.
  • Fixed frequency = one frequency per band; others allow channel selection.
  • Frequency sharing and channel management are required to reduce interference.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IoT and Niche Wireless Technologies

A
  • RFID: Electromagnetic chip with antenna, holds 1–8 KB. Used for inventory and contactless payment. No precise positioning needed.
  • NFC: Short-range RFID (≤10 cm), 13.56 MHz. Passive (powered by magnetic induction from reader). Used for payment, logins, app launching.
  • Z-Wave: Smart home protocol with control/signaling. Up to 100 m per hop, 4 hops max. Uses 1-byte Node ID, 4-byte Network ID. Devices can act as repeaters in a mesh.
  • ZigBee: Based on IEEE 802.15.4. Low power, short range. Used for HVAC, building automation, etc. Uses 128-bit AES encryption.
  • Bluetooth: IEEE 802.15.1. Operates at 2.4–2.4835 GHz. Uses FHSS with up to 1600 hops/sec. Designed for short-range device communication.
  • ANT+: 2.4 GHz ad hoc protocol from Garmin. Used in fitness trackers, smartwatches. Supports multi-device sync for the same activity.
  • IR (Infrared): LOS (line of sight) light-based communication. Can’t penetrate obstacles. Used in sensors (liquid level, heart rate, proximity), and remotes. Uses scatter/reflection to bypass obstacles.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Channel Management and Spread Spectrum Technologies

A
  • FHSS (Frequency Hopping Spread Spectrum):
    o Data hops rapidly between frequencies.
    o Cheaper to implement.
    o Performs well in crowded indoor environments.
  • DSSS (Direct Sequence Spread Spectrum):
    o Data split into chips and spread across wide channels.
    o More efficient bandwidth usage, higher throughput.
    o Uses unique chipping code for each device.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Channel Usage by Technology (2.4 GHz)

A
  • Wi-Fi:
    o Uses DSSS.
    o US: 11 channels in 2.4 GHz, 24 in 5 GHz.
    o Channel width = 20 MHz.
    o AP manually configured; clients scan for channels.
  • Bluetooth:
    o Uses FHSS.
    o 79 channels.
    o One master controls hopping in a piconet.
    o Frequent hopping reduces interference.
  • ZigBee:
    o Uses DSSS.
    o 16 channels in 2.4 GHz ISM band.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Collision Avoidance in Wireless Technologies

A
  • FHSS/DSSS help minimize interference, but collisions still possible.
  • Bluetooth: Senses Wi-Fi collisions and backs off temporarily.
  • Wi-Fi: Uses “listen before transmit” to find silent channels.
  • Each tech has built-in methods to avoid/recover from collisions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Antennas and Signal Transmission

A
  • Wireless signals travel unguided through air, unlike wired signals which follow a fixed path.
  • Transmission process: electrical current travels through a conductor → reaches antenna → emitted as electromagnetic waves → received by another antenna → converted back to current.
  • Both sender and receiver antennas must be tuned to the same frequency/channel.
  • Wireless antennas must match the service’s power output, frequency, and radiation pattern.
  • Two types of antennas:
    o Directional (Unidirectional): Sends signal in one direction; used for point-to-point links (e.g., satellite downlink).
    o Omnidirectional: Sends/receives in all directions; used for mobile devices, cellular towers, radio/TV.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Antenna Range and Placement

A
  • Range: The geographical area a wireless system can reach. Signal must remain within range for reliable communication.
  • Signal obstacles within range can still disrupt transmission.
  • Network technicians need to know antenna types and placements.
  • Point-to-point directional links can cover longer distances (e.g., up to 1000 ft between WLANs).
  • These links require coax cabling to connect to network devices.
  • Coaxial cable causes attenuation—Wi-Fi signals degrade rapidly over just a few feet of coax, so antennas and APs should be close.
  • Antennas typically connect to APs using coax, and must account for:
    o Transmission power (dBm)
    o Cable loss (dB)
    o Antenna gain (dBi)
  • EIRP (Effective Isotropic Radiated Power) = transmission power − cable loss + antenna gain (measured in dBm).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Signal Strength Measurement

A
  • RSSI (Received Signal Strength Indicator): Measures power of signal at receiver in dBm.
  • RSSI is typically shown as a negative number (closer to 0 = stronger signal).
  • Influenced by:
    o AP & antenna performance
    o Receiver’s antenna
    o Distance from transmitter
    o Environmental noise
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Wireless Signal Propagation

A
  • Propagation: How a wave travels from sender to receiver.
  • Ideal scenario = LOS (Line of Sight) propagation: straight line, max clarity, max range.
  • Real-world wireless signals deviate due to obstacles and environmental conditions.
  • Signals may be absorbed, passed through, or altered by objects in various ways (detailed below).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Propagation Phenomena

A
  • Attenuation: Signal weakens over distance. Can be mitigated using repeaters or by increasing power.
  • Fading: Gradual energy loss as signal encounters obstacles. Causes weak reception or dropped connections.
  • Interference: External EMI can distort signals. Wireless is more vulnerable due to lack of shielding.
    o SNR (Signal-to-Noise Ratio): Higher SNR = better clarity.
  • Refraction: Wave changes direction/speed when passing through different medium (e.g., glass).
  • Reflection: Wave bounces back off large, flat surfaces (e.g., walls, metal).
  • Scattering: Small or rough surfaces (e.g., furniture, mist) scatter signal in many directions.
  • Diffraction: Wave bends around sharp edges or obstructions, forming secondary waves.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Multipath Effects

A
  • Wireless signals often reach destination via multipath (multiple different paths).
  • Caused by: Reflection, scattering, diffraction.
  • Pros: Increases chance of signal reaching receiver.
  • Cons: Signal copies may arrive at different times → causes data errors.
    o Errors are corrected using error-correction protocols; heavy errors reduce throughput.
  • Multipath behavior is accounted for in modern wireless standards (e.g., IEEE 802.11 / Wi-Fi).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

802.11 Standards Overview

A
  • WLANs operate at OSI layers 1 & 2, compatible with TCP/IP protocols (IP, TCP, UDP).
  • Wi-Fi refers to IEEE 802.11 wireless LAN standards.
  • All standards use half-duplex transmission (send or receive, not both at once unless multi-transceiver).
  • MAC sublayer handles MAC addressing; LLC handles multiplexing, flow/error control, reliability.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

802.11 Standards Breakdown

A
  • 802.11b (Wi-Fi 1):
    o 2.4 GHz, 22-MHz channels
    o Least expensive, slow, obsolete
  • 802.11a (Wi-Fi 2):
    o 5 GHz, higher throughput than 802.11b
    o Less interference, shorter range, expensive
  • 802.11g (Wi-Fi 3):
    o 2.4 GHz, compatible with 802.11b
    o Affordable, improved throughput
  • 802.11n (Wi-Fi 4):
    o 2.4 & 5 GHz, 600 Mbps max
    o Backward-compatible with a/b/g
  • 802.11ac (Wi-Fi 5):
    o 5 GHz only, near Gigabit speeds
    o Multi-client handling (like a switch), launched in 3 waves
  • 802.11ax (Wi-Fi 6):
    o 2.4 & 5 GHz, up to 10 Gbps theoretical
    o BSS coloring reduces interference
    o Ideal for high-density IoT/stadiums
  • Wi-Fi 6E:
    o Uses new 6 GHz band (1200 MHz wide)
    o More channels, higher speeds, shorter range
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

802.11 Physical Layer Technologies

A
  • All standards use half-duplex signaling by default.
  • Full-duplex simulation possible with multiple frequencies/multiple transceivers in access points.
  • Actual throughput varies by band, environment, client device compatibility, and features used.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

802.11 Performance Innovations

A

Channel Bonding (802.11n+):
* Combines two 20-MHz channels into 40-MHz (or up to 160-MHz in newer standards)
* Doubles+ bandwidth, best on 5 GHz due to less congestion

MIMO (802.11n/ac):
* Uses multiple antennas to send/receive data in parallel
* Benefits:
– Spatial diversity improves range/noise
– Spatial multiplexing increases throughput with each antenna pair

MU-MIMO (802.11ac Wave 2+):
* Enables AP to serve multiple clients simultaneously using spatial streams
* Only works fully if clients support MU-MIMO
* Only downstream (AP to client), rarely used indoors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Advanced Modulation & Multiuser Techniques

A

OFDMA (802.11ax):
* Improved OFDM for multiple clients
* Splits 20-MHz channel into subchannels (e.g., 2 MHz each)
* Sends multiple small frames to multiple clients simultaneously

BSS Coloring (802.11ax):
* Tags frames by network source
* Helps reduce interference from neighboring WLANs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Frame Aggregation Techniques

A

A-MSDU (Aggregated MAC Service Data Unit):
* Combines multiple data units into one large frame
* Less header overhead but higher error risk

A-MPDU (Aggregated MAC Protocol Data Unit):
* Default in 802.11ac & continued in 802.11ax
* Keeps some error checking per subframe for higher reliability
* More flexible frame selection in 802.11ax

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Access Method in 802.11

A
  • The MAC sublayer of the Data Link layer appends 48-bit physical addresses and governs access to the medium.
  • 802.11 uses CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) instead of Ethernet’s CSMA/CD.
  • Wireless devices can’t transmit and receive simultaneously → can’t detect collisions → CSMA/CA avoids rather than detects them.
  • CSMA/CA steps:
    1. Source checks for transmissions.
    2. If clear, waits a random time, then sends.
    3. Destination sends ACK if received correctly.
    4. If no ACK received, source restarts the process.
  • Wireless networks require more overhead due to ACKs → actual throughput lower than wired even with same theoretical max.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Hidden Node Problem and RTS/CTS

A
  • Hidden node problem: nodes are too far apart to sense each other, causing collisions.
  • RTS/CTS (Request to Send / Clear to Send):
    o Optional feature to mitigate hidden node collisions.
    o Source sends RTS to AP.
    o AP responds with CTS and suspends communication with other nodes.
    o Source transmits while others wait.
    o Reduces collisions but decreases network efficiency.
    o Beneficial for transmitting large packets.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Wireless Association Process

A
  • Association: Process of joining a device to an AP to gain network access, governed by MAC sublayer.
  • Device scans for APs using Active or Passive scanning:
    o Active Scanning:
     Device sends probe on all channels.
     AP replies with probe response (includes status code and station ID).
     User consents; device associates; frequency channel is set.
    o Passive Scanning:
     Device listens for beacon frames from AP.
     Beacon includes SSID and transmission rate.
     User consents; association and communication begin.
  • SSID configuration:
    o Change default SSID to avoid giving clues to hackers.
    o Use recognizable but uncommon names to reduce accidental connections.
    o Avoid names that reveal function (e.g., “Acctg”).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Wireless Topologies

A
  • IBSS (Independent Basic Service Set):
    o Ad hoc topology: nodes communicate directly, no AP.
  • BSS (Basic Service Set):
    o Infrastructure topology: nodes communicate through a shared AP.
    o Identified by BSSID.
  • ESS (Extended Service Set):
    o Mesh topology: multiple APs collaborate under a wireless LAN controller.
    o Identified by ESSID (often used interchangeably with SSID).
    o Provides fault tolerance and larger coverage.
    o Controllers can be physical, VM-based, cloud-based, or embedded in APs.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Wireless Controllers and Centralized Management

A
  • Use LWAPP or CAPWAP protocols to communicate with APs (add extra headers).
  • Functions of wireless controller:
    o Centralized authentication.
    o Load balancing and channel management.
    o Manage AP redundancy and failover.
    o Detect rogue access points (unauthorized APs trying to connect).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Roaming and Reassociation

Study These Flashcards
A
  • In an ESS, clients can roam between APs using the same ESSID.
  • Roaming triggers reassociation:
    o Happens automatically when:
     Device moves out of range of one AP into another.
     AP has a high error rate.
  • Controllers or clients can trigger load balancing via reassociation.
25
802.11 Frame Types
* Management frames: Handle network association/reassociation (e.g., probe, beacon). * Control frames: Manage medium access and data delivery (e.g., ACK, RTS/CTS). * Data frames: Carry actual user data between nodes, including significant overhead.
26
802.11 Data Frame Structure
* Frame Control (2 bytes): Protocol info, frame type, fragmentation, retransmission status, security type. * Duration (2 bytes): Time needed for transmission; informs other nodes when the channel will be free. * Address 1 (6 bytes): Source address. * Address 2 (6 bytes): Transmitter address (e.g., AP). * Address 3 (6 bytes): Receiver address. * Sequence Control (2 bytes): Indicates packet fragmentation order. * Address 4 (6 bytes): Destination address (used in specific scenarios). * Data (0–2312 bytes): Payload including upper-layer headers; not part of header/trailer. * Frame Check Sequence (6 bytes): Cyclical Redundancy Check (CRC) for transmission error detection.
27
802.11 vs Ethernet II Frames
* Address fields: 802.11 has 4 addresses vs. Ethernet II’s 2 addresses. o Allows tracking of transmitter, receiver, source, and destination (especially for wireless APs). * Fragmentation: o In 802.11, occurs at the MAC sublayer (Data Link Layer) using the Sequence Control field. o In TCP/IP networks, fragmentation typically occurs at the Network Layer. * Error Checking: o In 802.11, handled at the MAC sublayer via Frame Check Sequence. o In TCP/IP, error control generally happens at the Transport Layer (e.g., TCP checksums).
28
SOHO Wireless Network Design
* A SOHO (Small Office/Home Office) network typically uses one central access point (AP), often a wireless router combining switching, routing, and wireless functions. * Internet is delivered via DSL/cable modem connected to the router’s WAN port using an RJ-45 cable. * The router also includes switch hardware and additional ports for wired devices. * Non-routing APs act more like wireless hubs and lack these extra ports. * Increasingly, SOHO networks support a wide range of IoT (Internet of Things) devices, requiring strong, flexible wireless coverage.
29
Home Area Network (HAN) & Smart Devices
A HAN consists of networked smart devices within a home, often managed via smart speakers like Amazon Echo, Google Home, or Apple HomePod. Examples of smart devices include: * Smart Thermostat: Adapts to schedules, weather, and activity; can be remotely controlled via smartphone. May link to smart humidifiers or purifiers. * Smart Doorbell: Motion-activated; can filter non-human movement; supports remote video/audio communication and cloud/local storage. * Security Camera: Wireless, battery-powered, often solar-chargeable, night vision, two-way audio, and remote monitoring via app. * Smart Fridge: Uses RFID/barcodes to track food; alerts for expired/missing items; interior cameras allow viewing contents remotely.
30
SOHO AP Placement Considerations
When deciding where to place an AP in a SOHO network: * Distance: Ensure coverage matches building layout (e.g., place centrally if on multiple floors). * Obstacles: Thick materials like concrete may require multiple APs; long/narrow buildings may need APs at each end. * Coverage: Mount APs high (e.g., on shelves or drop ceilings) for best signal dispersion. * Interference: Avoid placing APs near microwaves, cordless phones, fluorescent lights, etc.
31
Corporate Network Site Survey
Larger wireless networks require a site survey before installation. The survey analyzes user needs, facility layout, interference, and signal coverage. Steps include: * Study building blueprints for layout, obstacles, and floor-by-floor needs. * Determine if APs will act as wireless bridges (which need higher throughput). * Evaluate if multiple APs per floor are needed; consider square footage and traffic. * Measure existing WLAN signal strength and interference from other networks. * Use a “dummy” AP and a test client to assess range, throughput, and coverage in real scenarios. * Test signal at extreme corners and evaluate EMI from machinery, lights, or transient materials (e.g., warehouse inventory). * Plan for how wireless will integrate with wired infrastructure, since APs often bridge the two.
32
Wireless Survey Tools & Heat Maps
Tools to aid in site surveys include: * NetSpot * VisiWave * iBwave Wi-Fi Suite * inSSIDer (MetaGeek) These tools offer: * Heat maps to visualize signal strength, interference, and dead zones. * Ongoing performance monitoring and interference detection. * Help ensure reliable coverage and minimize disruptions to productivity.
33
Enterprise AP Configuration
* After a site survey, install APs based on determined optimal quantity and placement. * To enable seamless roaming, all APs must be part of the same ESS (Extended Service Set) and share the same ESSID.
34
Configuring Wi-Fi Connectivity Devices
* Access points (APs) enable wireless connectivity for mobile clients in infrastructure WLANs. * APs vary by supported wireless standards, antenna strength, voice signal support, and security features. * Basic SOHO APs/routers can cost <$50; specialized models (e.g., for outdoor use) cost more. * Even budget devices now feature advanced configurations.
35
SOHO Router Setup Essentials
* During installation, configure: o Admin password (separate from Wi-Fi password). o SSID (and choose whether to broadcast it). o Security settings (encryption type, credentials). o DHCP settings — avoid enabling DHCP on the AP if another DHCP server is already active to prevent address conflicts.
36
Resetting a SOHO Router
* Steps to reset: 1. Disconnect all data cables and unplug power. 2. Hold reset button (e.g., with paper clip) while reconnecting power. 3. Keep holding for ~30 seconds (duration may vary). 4. Release — settings revert to factory defaults.
37
Connecting SOHO Router to Network
* Use a patch cable to connect the router’s WAN port to the modem’s LAN port. * Clients can then associate with the AP and access the internet.
38
Configuring Wi-Fi Clients
* Configuration varies by client type (e.g., media device vs. laptop vs. IoT device). * Most clients detect an AP if the SSID is being broadcast. * Encrypted APs require correct credentials to associate. * Some clients may offer additional settings (e.g., on Windows you can change Wi-Fi security settings).
39
Enterprise Wi-Fi Client Configuration
* Two-stage process: o Onboarding:  Install an agent app to give device trusted network access.  Grants access to services like email and file sharing.  May enforce policies: OS/security updates, timeout rules, malware checks. o Offboarding:  Remote wipe removes sensitive data and permissions.  May completely disable lost/stolen devices.
40
BYOD Wi-Fi Security Policies
* BYOD environments require strict onboarding/offboarding policies to secure the network. * Policies may enforce: o Minimum OS version and regular updates. o Password requirements (e.g., minimum length, automatic timeouts). o Permission for device monitoring and data wipes — with or without notice.
41
Wi-Fi Network Security Overview
802.11 by default lacks security—only requires SSID, which is often broadcast. Disabling SSID broadcast adds slight obscurity but no real protection. Two primary solutions: * Authentication: Verifies client identity. Can use SSID/password or credentials processed by an authentication server. * MAC Filtering: Limits access to approved MAC addresses. Weak security (MACs easily spoofed), and high maintenance. * Encryption: Protects data privacy over airwaves. Converts readable data into ciphertext. Varies in strength by standard.
42
WEP (Wired Equivalent Privacy)
Legacy and insecure. Provided two weak authentication types: * OSA (Open System Authentication): No key required; any device can connect. * SKA (Shared Key Authentication): All clients share the same static key; used for both access and encryption. Other details: * Keys: Originally 64-bit; newer versions supported 128- or 256-bit. * Flaws: Same static key for all clients, easily crackable even at 128-bit. No end-to-end encryption. Vulnerable to key reuse and replay attacks. * Replaced by WPA due to fundamental weaknesses.
43
WPA (Wi-Fi Protected Access)
Improved over WEP; part of interim fix before WPA2. Introduced TKIP (Temporal Key Integrity Protocol), which: * Message Integrity: Michael ensures packets come from legitimate source. * Key Distribution: Dynamically generates a unique key per transmission. * Encryption: Uses RC4 (same as WEP) but wrapped in better security. TKIP was backward-compatible and designed to extend the life of older hardware, but is still considered insecure today.
44
WPA2 (Wi-Fi Protected Access v2)
Stronger encryption and authentication using CCMP (Counter Mode with CBC-MAC Protocol): * Message Integrity: CBC-MAC ensures authenticity of packets. * Encryption: Uses AES (Advanced Encryption Standard), which is faster and more secure than RC4. AES applies multiple layers of encryption and transformation for stronger confidentiality. WPA2 remains a current standard but has known handshake vulnerabilities.
45
WPA3 and Ongoing Developments
Released in 2018 by Wi-Fi Alliance: * Disallows legacy protocols * Better password handling and handshake process (eliminates password hash exposure) * Advanced encryption methods * More secure public Wi-Fi usage However, some flaws already identified; further improvements are expected.
46
WPA Personal vs Enterprise Modes
* WPA/WPA2 Personal (PSK): Common for home use. Devices authenticate using a shared passphrase and SSID, which are used to derive unique encryption keys. * WPA/WPA2 Enterprise: Designed for enterprise environments. o Uses RADIUS (Remote Authentication Dial-In User Service) for centralized user authentication. o Works with EAP (Extensible Authentication Protocol) framework for credential verification.
47
EAP and RADIUS Authentication Flow
EAP doesn't perform encryption itself but works with other protocols. Works via: 1. Supplicant: Device requesting access (e.g., laptop) 2. Authenticator: Device initiating authentication (e.g., AP or switch) 3. Authentication Server: Usually a RADIUS server Steps: * Step 0: Association with AP * Step 1: Supplicant sends authentication request * Step 2: Authenticator forwards request to server * Step 3: Server asks for identity + credentials * Step 4: Server validates info and grants/denies access Used in 802.1X standard as EAPoL (EAP over LAN)—only allows EAPoL traffic before authentication. Enables PNAC (Port-Based Network Access Control).
48
Common EAP Variants
* EAP-TLS: Uses TLS and PKI certificates for mutual client-server authentication. Highly secure but harder to manage due to certificate setup. Requires a Certificate Authority (CA). * PEAP (Protected EAP): Tunnel-based. Creates encrypted TLS tunnel (outer method) before passing credentials using another EAP variant like EAP-MSCHAPv2 (inner method). Common in environments using Active Directory. * EAP-FAST: Cisco-developed alternative to PEAP. Uses PACs (Protected Access Credentials) to speed up session setup. Functions like browser cookies for quicker reconnection.
49
Wi-Fi Security Configuration Options
AP and Antenna Placement ▪ Place AP centrally within intended range to maximize signal for users and minimize external signal leakage. ▪ Adjust antenna angles and transmission power to avoid signal bleed outside the premises. Geofencing ▪ Uses client device location to enable/disable access. ▪ Enables location-based resource activation, e.g., targeted access or offers in malls. ▪ Requires mesh networks for accurate tracking. Guest Network ▪ Uses separate SSID and passphrase. ▪ Isolates guest traffic from internal LAN. ▪ Allows for rule-based or time-based restrictions. ▪ Ideal for visitors or limited access (e.g., kids). Wireless Client Isolation ▪ Clients can access only the default gateway and Internet, not other LAN devices. ▪ Simpler than full guest networks. ▪ Prevents lateral movement within the network. Captive Portal Shown to users on initial connection to a guest network. Requires agreement to terms. Key points: ▪ No authentication or encryption – data is insecure ▪ Users should avoid sending sensitive info ▪ Illegal activity can be traced via public IP IoT Access Considerations ▪ Change default names/usernames/passwords ▪ Use strong passwords and encryption ▪ Enable two-factor authentication ▪ Isolate IoT devices on a guest network ▪ Disable unused features, keep firmware updated ▪ Avoid managing IoT over public Wi-Fi
50
Wi-Fi Threats: War Driving, War Chalking
* War Driving Hackers drive around scanning for unprotected Wi-Fi. Tools: laptops/smartphones with wireless capture tools. Can reveal sensitive info (e.g., unencrypted credit card data). Real-world breaches have occurred this way. * War Chalking Visual signals (chalk symbols) near discovered access points. Indicates SSID and security level. Derived from symbols used by hobos. May also be posted online as network maps.
51
Rogue Access Points & Evil Twins
* Rogue Access Points Unauthorized APs connected to the network. May be created intentionally or unintentionally (e.g., a user brings their own AP or creates a phone hotspot). Must be detected and removed. * Evil Twin AP Malicious AP with same SSID as legit one. Tricks clients into connecting due to stronger signal. Can intercept data or gain network trust. Often harder to detect because Windows prioritizes strong signals.
52
Wi-Fi Attacks: WPA, WPS
* WPA Attack (WPA Cracking) Intercepts key exchange between client and AP. Captured handshake data can be brute forced offline to reveal WPA2 key. * WPS Attack WPS uses an easily crackable 8-digit PIN. Brute-force attacks can quickly reveal the WPA2 key. Solution: Disable WPS, especially on consumer-grade APs.
53
Wi-Fi Network Tools
* Spectrum analyzer: Scans frequency bands for signals & noise. Helps locate interference and assess signal quality. * Wi-Fi analyzer: Software that evaluates Wi-Fi availability, optimizes signal settings, and identifies security threats. Often free or bundled with APs. * Common capabilities: o Identify transmitting APs, nodes, and channels o Measure signal strength & range o Assess attenuation, noise, and signal loss o Suggest ideal AP locations o Ensure association/reassociation between APs o Capture/analyze traffic between APs and nodes o Measure throughput and error rates o Identify clearest channels within bands
54
Channel Optimization
* Wireless performance improves when using less crowded channels. * In 2.4 GHz band (US): Use channels 1, 6, 11 to minimize overlap. * In Europe (all 14 channels available): Often 1-6-11 or 1-5-9-13. * Avoid same channel as neighboring Wi-Fi networks. * Many routers auto-select least congested channel.
55
No Connection – Common Pitfalls
* Wrong SSID: Must be correct & case-sensitive (e.g., MYHOUSE ≠ MyHouse). May need to be manually entered if not broadcast. * Encryption mismatch: Client & AP must use compatible security types (e.g., WPA2, WPA3). Can be manually configured in network settings. * Incorrect passphrase: Prevents authentication. * Static channel use: Mismatch in channel/frequency blocks association. * Mismatched RF band: Devices/APs must support the same band (e.g., 2.4 GHz vs 5 GHz). * Mismatched Wi-Fi standards: Client must support the AP’s standard (e.g., 802.11ac). * Long association time: Caused by weak signal, distance from AP, or frequent reassociation.
56
Slow Connection – Coverage & Signal Issues
* Insufficient coverage: Distance or obstacles reduce performance. Check RSSI; raise AP position. * RF attenuation/signal loss: o Adjust AP power levels (start at 50%). o Avoid max power to prevent excessive overlap. o Use Wi-Fi analyzer for dead spots. o Near–far effect: Client receives signal from AP but can't return a strong signal. * Interference: Caused by EMI sources (fluorescent lights, microwaves, etc.). * Channel overlap: Use analyzer to pick less-used channels. Consider changing bands.
57
Slow Connection – Device Config & Infrastructure
* Wi-Fi standard limitations: Older standards offer lower speed/distance (e.g., 802.11b slower than 802.11ac). o Match standard to use-case (e.g., VoIP, streaming, large buildings = newer standard). * Simultaneous wired/wireless connections: Disable one to avoid conflict. * Firmware issues: Updates improve security/performance but must be tested before mass deployment.
58
Antenna Configuration Issues
* Incorrect antenna type: o Omnidirectional: Radiates in all directions. Best when AP is centered. o Unidirectional: Directs signal in a specific direction. Ideal for high ceilings or focused coverage areas. * Mismatched polarization: o Antennas radiate vertically or horizontally. o Most are vertically polarized—should point straight up unless specified otherwise. o Check manufacturer guidance for proper orientation.

Networking (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions