Section 4.1 Flashcards
(19 cards)
What is an MDM?
A Mobile Device Manager (MDM) is used to control and manage many mobile devices especially to push out policies on apps, data, camera, authentication, etc. It also allows to push security updates.
Mostly used on company owned mobile devices.
What is a Site Survey?
A site survey allows you to better understand how the wireless network performs. It identifies existing access points and access points that are outside of your control.
What is a heat map?
A heat map identifies wireless signal strength.
What is BYOD?
Bring Your Own Device (BYOD) means the employee owns the device but it needs to meet the company’s requirement to be in its network.
What is COPE?
Corporate Owned Personally Enabled (COPE) means that the company buys and owns the device but it is configured to be used as both a corporate device and a personal device. This is similar to company owned laptops and desktops.
What is CYOD?
Choose Your Own Device (CYOD) is similar to COPE but the user can choose the type of mobile device to use.
What is MIC?
Message Integrity Check (MIC) is the verification of the integrity on all communication.
What is SAE?
Simultaneous Authentication of Equals (SAE) (also known as the dragon fly handshake) is an authentication mode in which everyone uses a different session key even with the same PSK.
What is PSK?
Pre Shared Key (PSK) is another way of saying a shared password. for example the home wifi password is a pre shared key since all users use the same password.
What is Centralized Authentication (802.1X)?
802.1X Centralized Authentication is usually used in workplaces. This method asks for a username and password and sometimes MFA. This makes the authentication to the WiFi unique for all users.
What Wireless Model do most home/personal wireless networks use?
WPA3-Personal / WPA3-PSK. This is a WPA2 or WPA3 with a pre shared key. Everyone uses the same shared key.
What Wireless Model do most Enterprise networks use?
WPA3-Enterprise / WPA3-802.1X. This model authenticates users individually with an authentication server. (ex, RADIUS)
What is AAA framework?
Authentication
- Prove you are who you say you are
Authorization
- Based on identification and authentication, what access do you have.
Accounting
- List of metrics with your logic session such as login time, data sent and received and logout time.
What is RADIUS?
Remote Authentication Dial-In User Service (RADIUS) is one of the more common AAA protocols. It’s a centralized authentication protocol for users authenticating in a wide variety of platforms and devices.
What is IEEE 802.1X?
This is a Network Access Control (NAC) that prevents anyone from accessing the network until they authenticate.
What is EAP?
Extensible Authentication Protocol (EAP) is an authentication framework. It provides different ways to authenticate based on RFC Standards. EAP integrates with 802.1X to prevent access to the network until the authentication succeeds.
What is fuzzing?
Fuzzing is the input of random data into an application input fields to see what the application will do.
What are cookies?
Cookies are small bits of information stored on the computer by the browser and its used for tracking, personalization, and session management.
What is SAST?
Static Application Security Testing (SAST) is a for of testing to find vulnerabilities in the code such as buffer overflows, data injections and more.
