Hacking Wireless Networks - Wireless Attack Countermeasures

How many layers does a wireless security mechanism have?

6

What are the six layers of the wireless security mechanism?

Wireless signal security, Connection security, Device security, Data protection, Network protection, and End-user protection

What is used for wireless attack countermeasures?

Use a password with at least 12-16 characters, including uppercase and lowercase letters, numbers, and special characters

What is used for wireless attack countermeasures?

Disable TKIP in the router settings and ensure only AES encryption is used

What is used for wireless attack countermeasures?

Turn off WPS in the router settings to prevent brute-force attacks on the WPS PIN

What is used for wireless attack countermeasures?

Check the manufacturer's website regularly for firmware updates and apply them promptly

What is used for wireless attack countermeasures?

Limit the Wi-Fi signal range to reduce the chances of unauthorized access from outside the premises

What is used for wireless attack countermeasures?

Use network monitoring tools to detect and respond to suspicious activities

What is used for wireless attack countermeasures?

Use WPA3-SAE wherever possible for all devices that support it

What is used for wireless attack countermeasures?

Disable transition mode if all devices support WPA3 to ensure the highest level of security

What is used to defend against aLTEr Attacks?

Encrypt DNS queries and only use trusted DNS resolvers

What is used to defend against aLTEr Attacks?

Resolve DNS queries using the HTTPS protocol

What is used to defend against aLTEr Attacks?

Use DNS over TLS or DTLS to provide encryption and integrity-protection to the DNS traffic

What is used to defend against aLTEr Attacks?

Implement RFC 7858/RFC 8310 to prevent DNS spoofing attacks

What is used to defend against aLTEr Attacks?

Use DNSCrypt protocol to authenticate communication between a DNS client and DNS resolver

What is used to defend against aLTEr Attacks?

Use strong encryption algorithms such as AES-256 to ensure that all communications are encrypted end-to-end

What is used to defend against aLTEr Attacks?

Use mutual authentication mechanisms to verify the identity of both parties in the communication process

What should you disable if all devices support WPA3 to ensure the highest level of security? WPA3 allows for WPA2/WPA3 mixed mode, which can pose a potential security risk.

Disable Transition Mode

What is used to defend against KRACK attacks?

Update all the routers and Wi-Fi devices with the latest security patches.

What is used to defend against KRACK attacks?

Turn on auto updates for all the wireless devices and patch the device firmware.

What is used to defend against KRACK attacks?

Avoid using public Wi-Fi networks.

What is used to defend against KRACK attacks?

Browse only secured websites and do not access sensitive resources when the device is connected to an unprotected network

What is used to defend against KRACK attacks?

If there are IoT devices, audit the devices and do not connect to insecure Wi-Fi routers.

What is used to defend against KRACK attacks?

Always enable the HTTPS Everywhere extension.

What is used to defend against KRACK attacks?

Enable two-factor authentication

What is used to defend against KRACK attacks?

Use a VPN to secure information in transit.

What is used to defend against KRACK attacks?

Always use the Wi-Fi Protected Access 3 (WPA3) security protocol for wireless networks.

What is used to defend against KRACK attacks?

Disable fast roaming and the repeater mode in wireless devices to improve the mitigation of KRACK attacks.

What is used to defend against KRACK attacks?

Employ the EAPOL-key replay counter to ensure that the AP recognizes only the latest counter value.

What is used to defend against KRACK attacks?

Use a backup wired connection (Ethernet) or mobile data immediately when a vulnerability to KRACK attacks is detected.

What is used to defend against KRACK attacks?

Employ alternative third-party routers instead of ISP-provided routers if they do not provide sufficient security patches.

What is used to defend against KRACK attacks?

Use network segmentation to separate critical parts of a network from general user access to limit the potential impact of a KRACK attack.

What is used to defend against KRACK attacks?

Temporarily disable the 802.11r protocol, which is susceptible to KRACK attacks. Turn off 802.11r in the wireless network settings if not needed for seamless roaming.

What is used to defend against KRACK attacks?

Use 802.1X authentication for an added layer of security. Implement 802.1X with RADIUS server authentication for enterprise networks.

What is used to defend against aLTEr attacks?

Encrypt DNS queries and use only trusted DNS resolvers.

What is used to defend against aLTEr attacks?

Resolve DNS queries using the HTTPS protocol.

What is used to defend against aLTEr attacks?

Access only websites having HTTPS connections.

What is used to defend against aLTEr attacks?

Use DNS over the Transport Layer Security (TLS) or DNS over datagram TLS (DTLS) to encrypt the DNS traffic and for integrity protection.

What is used to defend against aLTEr attacks?

Implement RFC 7858/RFC 8310 to prevent DNS spoofing attacks. It can also increase the encryption and intelligent policies for name resolution.

What is used to defend against aLTEr attacks?

Add a message authentication code (MAC) to user plane packets.

What is used to defend against aLTEr attacks?

Use the DNSCrypt protocol to authenticate communication between a DNS client and a DNS resolver.

What is used to defend against aLTEr attacks?

Use mobile device tools such as Zimperium to detect phishing and other attacks from malicious sites.

What is used to defend against aLTEr attacks?

Use correct HTTPS parameters, such as HSTS, to avoid being redirected to a malicious website.

What is used to defend against aLTEr attacks?

Use a virtual network tunnel with integrity protection and endpoint authentication.

What is used to defend against aLTEr attacks?

Upgrade to 5G network connection.

What is used to defend against aLTEr attacks?

Implement eSIM technology for improved authentication and encryption.

What is used to defend against aLTEr attacks?

Implement DNSSEC to secure DNS lookup processes, which ensures authenticity of response data.

What is used to defend against aLTEr attacks?

Ensure that all LTE network infrastructure components such as base stations and core network equipment have the latest firmware and software updates.

What is used to defend against aLTEr attacks?

Regularly apply patches from network equipment vendors to fix known vulnerabilities.

What is used to defend against aLTEr attacks?

Employ robust encryption methods to protect data transmitted over LTE networks. Use strong encryption algorithms such as AES-256 and ensure that all communications are encrypted end-to-end.

What is used to defend against aLTEr attacks?

Ensure that both the user equipment (UE) and network authenticate each other to prevent unauthorized access. Use mutual authentication mechanisms to verify the identity of both parties in the communication process.

What is used to defend against aLTEr attacks?

Deploy secure SIM cards with enhanced security features to protect against cloning and unauthorized access. Use SIM cards that support advanced security features such as over-the-air (OTA) updates and secure storage.

What is used to defend against aLTEr attacks?

Restrict access to network services based on the geographical location of the user equipment. se location-based access controls to limit access to sensitive network services from unauthorized locations

What is used to defend against aLTEr attacks?

Ensure that physical network infrastructure is secure and protected from tampering. Use physical security measures such as surveillance, access controls, and tamper-evident seals to protect network equipment.

What can be used to detect rogue APs?

RF scanning

What are re‐purposed APs that perform only packet capturing and analysis that are plugged in all over the wired network to detect and warn the WLAN administrator about any wireless devices operating in the area?

RF sensors

What can be used to detect rogue APs?

AP scanning

What are APs that have the functionality of detecting neighboring APs will expose the data through its MIBS and web interface?

AP scanning

What can be used to detect rogue APs?

Wired side inputs

What network management software uses this technique to detect rogue APs. This software detects devices connected in the LAN, including Telnet, SNMP, and Cisco Discovery Protocol (CDP), using multiple protocols?

Wired side inputs

What can be used to detect rogue APs?

Comparison with authorized AP list

What tool can be used to compare the detected APs with a predefined list of authorized APs?

AirMagnet WiFi Analyzer

What can be used to detect rogue APs?

Signal strength analysis

What tool is used for Wi-Fi Planning and Analysis that can help identify unexpected APs based on the signal strength?

Ekahau Survey

What can be used to detect rogue APs?

MAC address filtering

What can you do to block rogue APs?

Deny wireless service to new clients by launching a denial-of-service (DoS) attack on the rogue AP.

What can you do to block rogue APs?

Block the switch port to which the AP is connected or manually locate the AP and physically remove it from the LAN

What can you do to block rogue APs?

Use Wireless intrusion prevention systems (WIPS) to continuously monitor the wireless spectrum for unauthorized devices and perform automated actions to block rogue APs

What can you do to block rogue APs?

Use access control lists (ACLs) to restrict network access to known, authorized MAC addresses.

What can you do to block rogue APs?

Implement 802.1X authentication to control access to the network and ensure that only authenticated users and devices are connected

What can you do to block rogue APs?

Segment the network to isolate critical resources from general wireless access.

What can you do to block rogue APs?

Disable broadcasting of open SSIDs to reduce the risk of unauthorized connections.

What can you do to block rogue APs?

Maintain a whitelist of authorized MAC addresses and configure the wireless controller to block all others.

What configuration defense is best for wireless attacks?

Change the default SSID after WLAN configuration

What configuration defense is best for wireless attacks?

Set the router access password and enable firewall protection

What configuration defense is best for wireless attacks?

Disable SSID broadcasts

What configuration defense is best for wireless attacks?

Disable remote router login and wireless administration

What configuration defense is best for wireless attacks?

Enable MAC Address filtering on your AP or router

What configuration defense is best for wireless attacks?

Enable encryption on your AP and change passphrase often

What SSID defense is best for wireless attacks?

Use SSID cloaking to keep certain default wireless messages from broadcasting the ID to everyone

What SSID defense is best for wireless attacks?

Do not use your SSID, company name, network name, or any easy-to-guess string in passphrases

What SSID defense is best for wireless attacks?

Place a firewall or packet filter between the AP and the corporate Intranet

What SSID defense is best for wireless attacks?

Limit the strength of the wireless network to avoid being detected outside the bounds of your organization

What SSID defense is best for wireless attacks?

Regularly check the wireless devices for configuration or setup problems

What SSID defense is best for wireless attacks?

Implement an additional technique for encrypting traffic, such as IPsec over wireless

What authentication defense is best for wireless attacks?

Enable WPA3 for the highest level of security

What authentication defense is best for wireless attacks?

If WPA3 is not supported by your devices, use WPA2 with AES encryption

What authentication defense is best for wireless attacks?

Use 802.1X authentication with a RADIUS server for enterprise networks

What authentication defense is best for wireless attacks?

Disable the network when not required

What authentication defense is best for wireless attacks?

Place wireless APs in a secure location

What authentication defense is best for wireless attacks?

Keep drivers on all wireless equipment updated

What authentication defense is best for wireless attacks?

Use a centralized server for authentication

What is a network device that monitors the radio spectrum to detect APs (intrusion detection) without the host’s permission in nearby locations? It protect networks against wireless threats and provide administrators the ability to detect and prevent various network attacks.

Wireless Intrusion Prevention System

What security auditing tool offers advanced network security for dedicated monitoring and detection of wireless network anomalies, unauthorized access, and RF attacks?

Cisco Adaptive Wireless IPS

Which of the following is a Wi-Fi security auditing tool?

RFProtect

Which of the following is a Wi-Fi security auditing tool?

Fern Wifi Cracker

Which of the following is a Wi-Fi security auditing tool?

OSWA-Assistant

Which of the following is a Wi-Fi security auditing tool?

BoopSuite

Which of the following is a Wi-Fi security auditing tool?

Wifite

What blocks wireless threats by automatically scanning, detecting, and classifying unauthorized wireless access and rogue traffic to the network, thereby preventing neighboring users or skilled hackers from gaining unauthorized access to the Wi-Fi networking resources?

Wi-Fi IPSs