Chapter 5 Review Questions 1. The stronger security standard developed by the IEEE committee to address wireless vulnerabilities of the 802.11 standard is a. 802.16.2 b. 802.5 c. 802.11i d. 802.11e 2. The two primary security vulnerabilities of the original 802.11 wireless security mechanism are a. speed and data modeling b. encryption and authentication c. access codes and passwords d. tokens and resources 3. The Wi-Fi Alliance was responsible for creating a. WPA2 b. 802.11i c. 802.11 d. AES-CMMPR 4. One step to enhancing encryption was to replace the RC4 stream cipher with a stronger a. block cipher b. supplicant c. authenticator d. Dynamic TKIP 5. _____ is the IEEE foundation of future wireless security. a. Robust Secure Network (RSN) b. Wireless Access Protection 2 (WPA2) c. Encryption Model II d. Enterprise Standard Security (ESS) 6. Advanced Encryption Standard (AES) is a stream cipher. True or False? 7. The IEEE 802.11 standard enforces port security. True or False? 8. Key-caching stores information from a device on the network and is used when roaming. True or False? 9. Wi-Fi Protected Access (WPA) is a subset of IEEE 802.11i. True or False? 10. TKIP performs encryption by using a per-packet key. True or False? 11. The _____replaces the Cyclic Redundancy Check (CRC) function. Message integrity check (MIC) 12. Preshared key (PSK) is primarily used in authentication but also plays a role in encrypting by serving as the _____ for mathematically generating the encryption keys. seed 13. WPA2 allows both AES and TKIP clients to operate in the same WLAN, yet _____ only recognizes AES. IEEE 802.11i 14. The _____ security model should only be implemented as a temporary solution. transitional 15. Shared key authentication uses _____ keys for authentication. WEP 16. What is the advantage of turning off SSID filtering if it can easily be bypassed? Despite the fact that configuring an access point to not allow the beacon frame to include the SSID provides little protection, when implementing the transitional security model SSID beaconing should be turned off for the limited amount of security that it does provide. This may prevent a “casual” unauthorized user or novice attacker using Windows XP from capturing the SSID and entering the network. On those APs that do allow this configuration, SSID beaconing should be turned off and the SSID entered manually on each device. 17. When should the personal security model be implemented? A dramatically increased level of security can be achieved through using the personal security model. The personal security model is designed for single users or small office home office (SOHO) settings of generally ten or fewer wireless devices. The personal security model is intended for settings in which an authentication server is unavailable. 18. What three DHCP settings should be used in the transitional security model? First, DHCP distributes addresses to network devices beginning at a starting address and incrementing by a value of one for each device. Changing the starting IP address is set to a higher number makes it more difficult for the attacker to determine the IP address through trying each address. Second, the maximum number of DHCP users can also be restricted. The maximum number of DHCP users should be limited to the number of authorized devices on the network. If an attacker is able to breach the wireless security protections and gain access to the network, he would not be leased an IP address since the maximum has already been distributed. The final defense based on DHCP is to set the length of the lease time. Setting the lease time so that an attacker who gains access to the network does not have indefinite use of the WLAN may deter an attacker from trying to reconnect once the lease expires 19. How does a RADIUS server support IEEE 802.1x? The authentication server in an 802.1x configuration stores the list of the names and credentials of authorized users in order to verify their user authenticity. Typically a Remote Authentication Dial-In User Service (RADIUS) server is used. When a user wants to connect to the wireless network, the request is first sent to authenticator, which relays the information, such as the username and password, type of connection, and other information, to the RADIUS server. The server first determines if the AP itself is permitted to send requests. If so, the RADIUS server attempts to find the user’s name in its database. It then applies the password to decide whether access should be granted to this user. Depending upon the authentication method being used, the server may return a challenge message that carries a random number. The authenticator relays the challenge to the user’s computer, which must respond with the correct value to prove its asserted identity. Once the RADIUS server is satisfied that the user is authentic and authorized to use the requested service, it returns an “Accept” message to the AP. 20. What is the weakness of PSK passphrases? A PSK is a 64-bit hexadecimal number. The most common way in which this number is generated is by entering a passphrase (consisting of letters, digits, punctuation, etc.) that is between 8 and 63 characters in length. PSK passphrases of fewer than 20 characters can be subject to offline dictionary attacks. The original PSK passphrase is mathematically manipulated (known as hashing) 4,096 times before it is transmitted. An attacker who captures the passphrase can perform the same hashing on dictionary words seeking a match. If a user created a PSK passphrase of fewer than 20 characters that was a dictionary word then a match can be found and the passphrase broken. 21. What is the Robust Secure Network (RSN)? The vulnerabilities of a security system may not be revealed until after it has been exposed to the public over a period of time. The time needed to react to new vulnerabilities, propose solutions, and finally ratify those proposals can often take years of effort. To address this the IEEE 802.11i standard also includes a component known as the Robust Secure Network (RSN). RSN uses dynamic negotiation of authentication and encryption algorithms between access points and wireless devices. This dynamic negotiation of authentication and encryption algorithms lets RSN evolve as vulnerabilities are exposed or improved security is introduced. This allows WLANs to address new threats and continuing to provide the security necessary to protect information.