MCyber_Chap5N6

Encrypting data during communication prevents the contents from intercepted communications from being read.

Limiting a certain set of MAC addresses to connect to an access point is a way to ensure that only those devices are allowed to use the wireless network.

A software firewall is used to prevent other users from gaining access to the protected computer.

Configuring WPA encryption does not guarantee that the unauthorized user will not find the way to connect to the network.

A proxy server is mostly used to filter traffic based on content.

SSID cloaking is a weak security feature that is performed by APs and some wireless routers by allowing the SSID beacon frame to be disabled. Although clients have to manually identify the SSID to be connected to the network, the SSID can be easily discovered.

The best way to secure a wireless network is to use authentication and encryption systems. SSID cloaking does not provide free Internet access in public locations, but an open system authentication could be used in that situation.

The two discovery modes are passive and active.

When operating in passive mode, an AP will generate more traffic as it continually broadcasts beacon frames to potential clients.

In active mode, the client initiates the discovery process instead of the AP.

Mixed mode refers to network mode settings,

Open mode refers to security parameter settings.

Network mode is not an authentication mode, it refers to WLAN standards for 802.11a/b/g/n/ac/ad and the ability for access points to operate in mixed mode to support different standards, but it is not an authentication mode.

Open authentication is a null authentication mode because wireless connectivity is granted to any wireless device. This authentication is used where security is not a concern.

Passive mode is not an authentication mode, it refers to the open advertisement of the SSID, standards, and security settings by an access point.

Shared-key authentication uses a pre-shared key between the client and the access point.

Configuring the cell phone to act as a wireless access point means that the cell phone is now a rogue access point.

The employee unknowingly breached the security of the company network by allowing a user to access the network without connecting through the company access point.

Cracking is the process of obtaining passwords from data stored or transmitted on a network.

Denial of service attacks refer to sending large amounts of data to a networked device, such as a server, to prevent legitimate access to the server.

Spoofing refers to access gained to a network or data by an attacker appearing to be a legitimate network device or user.

Denial of service attacks can be the result of improperly configured devices which can disable the WLAN.

Accidental interference from devices such as microwave ovens and cordless phones can impact both the security and performance of a WLAN.

Man-in-the-middle attacks can allow an attacker to intercept data.

Rogue access points can allow unauthorized users to access the wireless network.

In addition to its roles as router, a typical SOHO wireless router acts as both a wireless access point and an Ethernet switch.

RADIUS authentication is provided by an external server.

A WLAN controller is used in enterprise deployments to manage groups of lightweight access points.

A repeater is a device that enhances an incoming signal and retransmits it.

WPA2 Enterprise relies on an external RADIUS server to authenticate clients when they attempt to connect.

WEP and WPA/WPA2 Personal both use a pre-shared key that the clients must know in order to authenticate.

IEEE 802.11i and WPA2 both use the Advanced Encryption Standard (AES) for encryption.

AES is currently considered the strongest encryption protocol. WPA2 does not use TKIP (Temporal Key Integrity Protocol). It is WPA that uses TKIP. Although WPA provides stronger encryption than WEP, it is is not as strong as WPA2 (AES).