IST 462 Network Security Test 3 NAME _____Omar A. Liendo_____ After answering the following questions, change the name of your file to LastName.FirstName.Test3 Part1 and copy your file to the correct folder on Blackhawk. Do all your work on your desktop. Do not use a flash drive or any Internet resources. 1. What was the name of the original IEEE standard for wireless transmissions? Project 802 2. How do most wireless access points control access from a remote device? Most wireless access points control access from a remote device using MAC address filtering. 3. What is the purpose of WEP? The purpose of Wired Equivalent Privacy (WEP) is to encrypt the information transmitted over a wireless network. 4. Describe the process WEP uses to encrypt data. - 5. A Cyclic Redundancy Check is created through a checksum based on the contents of the file. This creates an IV which is appended to the end of the file Then a key-stream is generated (key to encrypt the whole document) And will be appended the ICV beginning of the file. What is the SSID and how is it used for authentication? SSID is the name of a particular wireless network. If the SSID on the host matches the SSID on the AP, then, the user will be authenticated. 6. Why is MAC address filtering considered weak? MAC address filtering is considered weak because MAC addresses are not encrypted when transmitted from a client to an AP. This means that an attacker who catches a MAC address could get authentication and access to the wireless network. 7. Why is WEP considered to be weak? WEP is considered weak because they key is too short (24-bit) and also because it violates one of the main rules of encryption: Repetition. When a lot of packets are sent, the encryption key will be repeated. This would allow an attacker to decipher the encryption key relatively easily. 8. PSK serves two purposes. What are they? - 9. Explain the difference between the three terms: identification, authentication, and authorization. - 10. Authentication: Pre-shared keys are used to authenticate users based on a user generated phrase that is loaded to the AP and the client. Encryption: PSK is used as the encryption seed for the encryption key. Identification: Identifies the user who is attempting to access the network (e.g. username) Authentication: Makes sure that the user is who he claimed to be in the identification phase (e.g. Password) Authorization: If authentication supports the authentication, the user will be granted access to the network. However, this does not mean that the user will get access to every single resource inside of the network. Of the access control models discussed in class, which one is closest to “group permissions?” Role-Based Access Control – Access control can be setup for a group of people depending on their tasks and day-to-day operations. 11. Describe an access control list for a Unix machine. 12. What does the “enforce password history” policy do? Enforce password history determines the number of new passwords that must be used before using an “old” password (Password that has already been used). 13. What does the “maximum password age” policy do? Maximum password age refers to the maximum number of days that a user may use a password before being prompted to create a new password. 14. If “enforce password history” is set to 12 and “maximum password age” is set to 10, then how many days must elapse before a user can reuse a previous password? 130 days. 15. Describe how a time-synchronized one-time password with a token works. A One-Time password (OTP) works with a token. The token provides the user with a different set of numbers every 30 to 60 seconds based on an algorithm specifically designed to that particular user. When the user attempts to login, he will be prompted for the username and the code showing on the token. The authentication server will check the number provided by the user and create pass-code for the user using that user’s algorithm. If these two are identical, then, the user will be authenticated. 16. How can the above password system be compromised? - 17. Token is lost Token’s code is “seen” by a person around it. Algorithm and username are known. Explain how keystroke dynamics might be used to authenticate a user. Keystroke dynamics is based on two main metrics: Dwell time – Records the amount of time a user presses down on each keyboard key. Flight time – Records the time between keystrokes. These two metrics provide a unique user template. IF the password matches the username AND the user’s template, the user will gain authentication and access to the network. 18. Give an example of cognitive biometrics that can be used to authenticate a user. A user would enter a memorable event in their lives and the authentication phase would ask the user some specific questions about the identified event. Cognitive biometrics are said to be very effective and hard to “break into” due to the uniqueness of each user’s experiences. 19. What is an advantage of VPN? Scalability and full security as every single packet sent over a VPN is encrypted. 20. What is an disadvantage of VPN? They can become expensive and also they may not support equipment from different vendors.