200. Wireless Security Settings
Studied by 0 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/41
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
42 Terms
WEP
Wired Equivalent Privacy
Wired Equivalent Privacy
Outdated 1999 wireless security standard meant to match wired LAN security for wireless networks. Insecure and vulnerable to simple cryptographic attacks
64-bit WEP
Consists of 40 bits of actual key data plus an extra 24 bits of initialization vector
128-bit WEP
Includes 104 bits of key data and an additional 24 bits of initialization vector
Why is WEP insecure?
Weak 24-bit initialization vector
WPA
Wi-Fi Protected Access
Wi-Fi Protected Access
Introduced in 2003 as a temporary improvement over WEP while the more robust IEEE 802.11i standard was in development
TKIP
WPA uses this to improve upon WEP’s security. It generates new 128 bit keys
Why was WPA insecure?
Lack of sufficient data integrity checks in TKIP implementation
WPA2
Wi-Fi Protected Access 2
Wi-Fi Protected Access 2
Improved data protection and network access control by addressing weaknesses in WPA version
WPA2 replaced WPA’s TKIP with
The AES protocol and adopted CCMP for stronger encryption
CCMP
Counter Cipher Mode with Block Chaining Message Authentication Code Protocol
WPA2 provides
Stronger encryption and introduces Message Integrity Code (MIC) for integrity checking
WPA3
Wi-Fi Protected Access 3
Wi-Fi Protected Access 3
Latest version using AES encryption and introducing new features like SAE, Enhanced Open, updated cryptographic protocols, and management protection frames
SAE
Simultaneous Authentication of Equals
Simultaneous Authentication of Equals
Enhances security by offering a key establishment protocol to guard against offline dictionary attacks
OWE
Enhanced Open/Opportunistic Wireless Encryption
Enhanced Open/Opportunistic Wireless Encryption
Major advancement in wireless security, especially for networks using open authentication
Cryptogrpahic Protocol
Uses newer variant of AES known as the AES GCMP
GCMP
Galois COunter Mode Protocol
Galois Counter Mode Protocol
Supports 128-bit AES for personal networks and 192-bit AES for enterprise networks with WPA3
Management Protection Frames
Required to protect network from key recovery attacks
AAA
Authentication, Authorization, and Accounting Protocol
Authentication, Authorization, and Accounting Protocol
Plays a vital role in network security by centralizing user authentication to permit only authorized users to access network resources
RADIUS
Remote Authentication Dial-In User Service
Remote Authentication Dial-In User Service
Client/Server protocol offering AAA services for network users
TACAS+
terminal Access Controller Access-Control System Plus
terminal Access Controller Access-Control System Plus
Separates the functions of AAA to allow for a more granular control over processes
Authentication Protocols
Confirm user identity for network security and authorized access
EAP
Extensible Authentication Protocol
Extensible Authentication Protocol
Authentication framework that supports multiple authentication methods
PEAP
Protected Extensible Authentication Protocol
Protected Extensible Authentication Protocol
Authentication protocol that secures EAP within an encrypted and authenticated TLS tunnel
EAP-TTLS
Extensible Authentication Protocol-Tunneled Transport Layer Security
Extensible Authentication Protocol-Tunneled Transport Layer Security
Authentication protocol that extends TLS support across multiple platforms
EAP-TTLS vs PEAP: EAP-TTLS
Certificate (Server)
EAP-TTLS vs PEAP: PEAP
Certificate (server/client)
EAP-FAST
Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling
Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling
Developed by Cisco, it enables secure re-authentication while roaming within a network without full authentication each time
EAP-FAST was developed to replace
LEAP