CCNA Wireless Chapter 17 answers
The 4 main threats to wireless NW’s are:
1) Ad-hoc NW formation
2) Rogue AP’s
3) Client missassociations
4) Directed wireless network attacks
1) Ad-hoc NW formation
2) Rogue AP’s
3) Client missassociations
4) Directed wireless network attacks
What exactly is client missassociation?
An SSID profile is saved and active scanning is in operation, resulting in a client connecting to a network without knowing
An SSID profile is saved and active scanning is in operation, resulting in a client connecting to a network without knowing
What are 4 examples of directed wireless network attacks?
1) DoS
2) Recon probes
3) Authent. penetration
4) MITM attacks
1) DoS
2) Recon probes
3) Authent. penetration
4) MITM attacks
How are directed wireless network attacks most often mitigated?
By authenticating and encrypting management frames.
By authenticating and encrypting management frames.
What is this process of mitigation called exactly?
MFP: management frame protection
MFP: management frame protection
Management frames are usually sent unauthenticated and unencrypted
What does MFP do to management frames?
It digitally signs them
It digitally signs them
The two MFP modes are:
1) Infrastructure
2) Client
1) Infrastructure
2) Client
In infrastructure MFP,
A hash is generated for every management frame and placed before the FCS
A hash is generated for every management frame and placed before the FCS
Client MFP is only available with…
CCX 5+ “Cisco compatible extensions”
CCX 5+ “Cisco compatible extensions”
What does Client MFP/CCX do to management frames
It uses 802.11i to encrypt mgmt frames between the client and the AP
It uses 802.11i to encrypt mgmt frames between the client and the AP
What does Client MFP/CCX defend most effectively against?
MITM and DoS attacks
MITM and DoS attacks
In Client MFP/CCX, a key is generated for each AP
Why can’t mobile devices associate with MFP LAN’s?
They don’t have the processing power required for the extra encryption/authentication techniques
They don’t have the processing power required for the extra encryption/authentication techniques
2 older security methods are:
1) SSID —> wrong SSID? no association
2) MAC authentication
1) SSID —> wrong SSID? no association
2) MAC authentication
What is open authentication?
It means no authentication key is required
It means no authentication key is required
What is the 4 step process to open authentication?
1) Probe
2) Probe response
3) Auth
4) Auth response
1) Probe
2) Probe response
3) Auth
4) Auth response
In WEP authentication, a ____ key is used to encrypt traffic
WEP key
WEP key
In WEP, the header is not encrypted is not encrypted, but the the data is is
What encryption type does WEP use?
RC4
RC4
What are the 3 different sizes for WEP keys?
40 bits
104 bits
128 bits
40 bits
104 bits
128 bits
In WEP, every key is combined with an….
Initialization vector
Initialization vector
What is the basic process of WEP association?
1) Auth request
2) Challenge text packet
3) Challenge text encrypted by supplicant
4) If AP able to decrypt properly supplicant has the right key
1) Auth request
2) Challenge text packet
3) Challenge text encrypted by supplicant
4) If AP able to decrypt properly supplicant has the right key
EAP is defined under which two RFC’s?
2284, and 3748
2284, and 3748
EAP usually works alongside..
802.1x or RADIUS
802.1x or RADIUS
The 4 EAP message types are
1) Request — to supplicant
2) Response — from supplicant
3) Success
4) Failure
1) Request — to supplicant
2) Response — from supplicant
3) Success
4) Failure
What is Cisco LEAP?
A proprietary username/PW based auth. system between a client and a RADIUS server
A proprietary username/PW based auth. system between a client and a RADIUS server
What is Cisco LEAP’s weakness?
Susceptible to eavesdropping
Susceptible to eavesdropping
EAP-TLS is defined under…
RFC 2716
RFC 2716
EAP-TLS uses… _________ for authentication
Digital certificates
Digital certificates
EAP-TLS uses…__________ to secure communications between client and RADIUS server
PKI
PKI
In EAP-TLS, the ________ and __________ authenticate to eachother
client and server
client and server
What is TLS based on?
SSL 3.0
SSL 3.0
What did EAP-TTLS add to EAP-TLS?
Tunneling
Tunneling
PEAP is very similar to..
EAP-TLS
EAP-TLS
What are the 3 authentication options for PEAP?
1) EAP-MSCHAP V.2
2) EAP-GTC
3) EAP-OTP
1) EAP-MSCHAP V.2
2) EAP-GTC
3) EAP-OTP
What is fast-reconnect?
Roaming b/t AP’s made seamless b/c TLS session ID’s are cached by WLC
Roaming b/t AP’s made seamless b/c TLS session ID’s are cached by WLC
The 3 roles of the 802.1x framework are…
1) Supplicant
2) Authenticator
3) Authentication server
1) Supplicant
2) Authenticator
3) Authentication server
It can be said that the authenticator controls __________ access to the network
Physical
Physical
If a Cisco ACS is being used as the Authentication server, more _____________ methods of authentication are available
Diverse
Diverse
802.1x: After the client sends a probe request to the AP, the AP will respond with a…
AP probe response which contains sec params.
AP probe response which contains sec params.
What happens after the AP sends its probe response?
The client is associated but traffic is blocked until 802.1x auth is complete
The client is associated but traffic is blocked until 802.1x auth is complete
The 802.1x authentication challenge is encrypted by
EAP
EAP
How does the client response to this challenge?
With a credential response
With a credential response
What does authenticator do with the credential response?
Converts it to a RADIUS access request and sends it to the AS
Converts it to a RADIUS access request and sends it to the AS
What does the AS do upon receiving the RADIUS access request?
It responds with a challenge that specifies what credentials are required of the supplicant
It responds with a challenge that specifies what credentials are required of the supplicant
What happens if the client responds with the correct credentials?
The AS transmits a success message and encryption key
The AS transmits a success message and encryption key
WPA2 is aka
802.11i
802.11i
What is a PMK?
Pairwise master key,
It is created on a RADIUS server when a client authenticates
Pairwise master key,
It is created on a RADIUS server when a client authenticates
Where is the PMK sent?
From the AS to the authenticator
From the AS to the authenticator
What is PMK used for?
To encrypt the exchange of the temporal session key
To encrypt the exchange of the temporal session key
What is the PMK derived from that results in the authenticator and supplicant having the same one?
It is derived from client information
It is derived from client information
PMK’s are used to make PTK’s and GTK’s.
PTK’s and GTK’s are made in a
4 way handshake process
4 way handshake process
WPA2-PSK is aka
personal mode
personal mode
WPA2-PSK is encrypted with…
A 256 bit PMK
A 256 bit PMK
No hay comentarios:
Publicar un comentario