Deck 7: Wireless Network Security

The actual method of key generation depends on the details of the authentication protocol used.

MAC spoofing occurs when an attacker is able to eavesdrop on network traffic and identify the MAC address of a computer with network privileges.

Sensors and robots, are not vulnerable to physical attacks.

Security policies for mobile devices should assume that any mobile device will not be stolen or accessed by a malicious party.

The DS can be a switch, a wired network, or a wireless network.

IEEE 802.11 is a standard for wireless LANs.

The integration service enables transfer of data between a station on an IEEE 802.11 LAN and a station on an integrated IEEE 802.x LAN.

The principal threats to wireless transmission are eavesdropping, altering or inserting messages, and disruption.

The use of encryption and authentication protocols is the standard method of countering attempts to alter or insert transmissions.

You should allow only specific computers to access your wireless network.

Wireless networks, and the wireless devices that use them, introduce a host of security problems over and above those found in wired networks.

The pairwise master key is derived from the group key.

IEEE 802.11 defines seven services that need to be provided by the wireless LAN to achieve functionality equivalent to that which is inherent to wired LANs.

Handheld PDAs pose a security risk in terms of both eavesdropping and spoofing.

The __________ layer is responsible for detecting errors and discarding any frames that contain errors.

A __________ attack occurs when an attacker continually bombards a wireless access point or some other accessible wireless port with various protocol messages designed to consume system resources.

__________ is the primary service used by stations to exchange MPDUs when the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS.

An __________ is a set of one or more interconnected BSSs and integrated LANs that appear as a single BSS to the LLC layer at any station associated with one of these BSSs.

In simple terms, the wireless environment consists of three components that provide point of attack: the endpoint, the ______________, and the access point.

The __________ function is the logical function that determines when a station operating within a BSS is permitted to transmit and may be able to receive PDUs.

Derived from the GMK, the _________ is used to provide confidentiality and integrity protection for multicast/broadcast user traffic.

To certify interoperability for 802.11b products an industry consortium named the __________ was formed.

In order to accelerate the introduction of strong security into WLANs, the Wi-Fi Alliance promulgated __________ as a set of security mechanisms for the Wi-Fi standard.

The smallest building block of a wireless LAN is a __________ which consists of wireless stations executing the same MAC protocol and competing for access to the same shared wireless medium.

Forming a hierarchy beginning with a master key from which other keys are derived dynamically and used for a limited period of time, __________ are used for communication between a pair of devices typically between a STA and an AP.

The MPDU exchange for distributing pairwise keys is known as the _________ which the STA and SP use to confirm the existence of the PMK, to verify the selection of the cipher suite, and to derive a fresh PTK for data sessions.

The IEEE 802.11 protocol stack consists of the logical link control layer, the medium access control layer, and the _________ layer.

The main threat involving wireless access points is unauthorized access to the network.The principal approach for preventing success is the __________ standard for port-based network access control.

The MPDU authentication phase consists of three phases.They are: connect to AS, EAP exchange and _________ .