NIS Chapter 02

Question 1

in which layer of the OSI model does 802.11 authentication? And what purpose does this authentication serve?

Answer 1

• In the 2nd layer
• it serves the purpose of establishing an initial connection between the AP and the client

Question 2

What are the 2 methods for authentication in the 802.11 2007

Answer 2

Open system authentication and shared key authentication

Question 3

What is Open System Authentication? What is the alias for it?

Answer 3

this is a type of authentication method used in 802.11 used to create a connection between a client and an AP. The AP creates this connection without any prior client validation.

• null authentication

Question 4

In detail, describe the 2 message authentication transaction sequence

for which authentication method?

Answer 4

1. message one asserts identity and requests authentication
2. the 2nd returns the authentication result

Question 5

what is a vulnerability of OSA?

Answer 5

There are many ways that SSIDs can be discovered and this method is based on the matching of SSIDs

Question 6

To use OSA safely, the SSID can be cloaked in order to prevent potential attackers finding the SSID. Is this a good approach?

Answer 6

Apparently not, it is not always possible to turn off SSID beaconing

Question 7

Name 2 other OSA vulnerabilities

Answer 7

• does not allow for freely roaming because authentication is needed when moving between APs
• It is not that difficult to find the SSID even with beaconing turned off because AP sends other management frames.

Question 8

What is another way that a non broadcasted SSID can be detected?

Answer 8

BY sending a disassociation frame, forcing a association again and then listening in on the SSID

Question 9

what security protocol is used by shared key authentication? And how do they work together?

Answer 9

WEP

It is used to authenticate clients stations. A static WEP key needs to be known on the client and the AP

Question 10

provide in detail the steps taken in authenticating a client device in Shared key authentication (5)

Answer 10

1. the client will send an authentication frame requesting to be authenticated
2. The AP will send a challenge text
3. The client will have to encrypt the text sent using the supposed shared key and send it back to AP
4. AP will encrypt and compare and then either authenticate or not \
5. send auth frame if matches

Question 11

What is the security risk associated with the SKA?

Answer 11

the clear text that is used to authenticate can be captured and then used to derive the static WEP key. And since the key is static, all the frames can be decrypted

Question 12

What is the WEP encryption?

Answer 12

a WIFI security standard intended to bring confidentiality through encryption

Question 13

Why is the WEP considered flawed?

Answer 13

• the encryption algo in itself is weak (how?)
  and there is not key management, a single key is used for all frames which is extremely risky

Question 14

Name 3 reasons why the WEP is considered a weak algorithm

Answer 14

1. Key sizes are considered small and are therefore susceptible to brute-force attacks
2. RC4 stream cipher used by WEP is considered weak in itself
3. Reuse of initialisation vectors make recognisable patterns

Question 15

What is the protocol that was introduced to replace WEP?

Answer 15

TKIP

Question 16

Why are VPNs no longer recommended for security in enterprises?

Answer 16

1. extra overhead from VPN encryption
2. complex configuration
3. Better layer 2 security schemes

Question 17

define the differences between the 2 major types of VPN topologies

Answer 17

router-router: VPN is established between 2 seperate networks

client-server: secure communication between a client device and a central server.

Question 18

What are the 3 major protocols used in layer 3 VPN tech

Answer 18

1. point to point
2. Internet Protocol Security (IPsec)
   3, Layer 2 Tunnelling protocol (L2TP)

Question 19

MAC is the physical address for what part?

Answer 19

network card

Question 20

What is the downside of MAC filtering

3

Answer 20

• high admin burden
• guest access
• MAC address spoofing

Question 21

What is SSID segmentation?

Answer 21

When virtual local area networks are created within a WLAN, which have separate SSIDs and can have different security settings. Illusion of different physical structure

Question 22

What is the common SSID segmentation strategy? (3)

Answer 22

Guest: little to no security. no access to network resources

Voice: WPA2-Personal security, traffic routed to VoIP server

Data: WPA2-Enterprise, full access to resources once authenticated

Question 23

What are the downsides of using SSID segmentation?

Answer 23

• lots of configuration required
• because each SSID is often treated as a separate SSID, additional management frames are transmitted
• MAC layer overhead affects throughput and performance of the WLAN

Question 24

What is SSID cloaking?

Answer 24

disabling the broadcast SSID to hide the wireless network name