5.1- Wireless WiFi Security (Doshi) Flashcards Preview

CISA 3.0 - ISACA > 5.1- Wireless WiFi Security (Doshi) > Flashcards

Flashcards in 5.1- Wireless WiFi Security (Doshi) Deck (21)
Loading flashcards...
1
Q

Protection of wireless WiFi Security

A

Enable MAC filtering and encryption

Disable SSID and DHCP

2
Q

Enable Media Access control (MAC) filtering

A

It allows access to only selected devices, any other device trying to access the network will be rejected

3
Q

Why would you Enable encryption?

A

(1) Encryption protects data in transit and not data on the devices.
(2) The two types of encryption are WEP and WAP 2.
(3) WAP2 is the strongest encryption standard for wireless connection.

4
Q

Why would you disable SSID?

A

SSID makes network visible to all

5
Q

Why DHCP should be disabled?

A

Dynamic Host Configuration Protocol (DHCP) automatically assigns IP addresses to anyone connected to the network. With DHCP disabled, static IP addresses must be used which reduces the risk of unauthorized access.

6
Q

Common attack methods to Wireless Network

A

War driving, war walking, war chalking.

7
Q

War driving

A

Hackers drive around to sniff wireless network

Auditor uses the same technique to test wireless security

8
Q

War walking

A

Hackers walk around ( hotel, mall, public area) to sniff wireless network

9
Q

War chalking

A

War chalking is the drawing of symbols in public places to advertise an open Wi-Fi network. These symbols are subsequently used by others to exploit weak wireless networks.

10
Q

Which of the following should be disabled to increase security of wireless network against unauthorized access?

A. MAC (Media Access Control) address filtering
B. Encryption
C. WPA-2 (Wi-Fi Protected Access Protocol)
D. SSID (service set identifier) broadcasting

A

D. SSID (service set identifier) broadcasting

A Service Set Identifier (SSID) is the network name broadcasted by a router and it is visible for all wireless devices. When a device searches the area for wireless networks it will detect the SSID.

Disabling SSID broadcasting adds security by making it more difficult for unauthorized users to find the network. For better security controls, MAC filtering and WPA-2 should be enabled (and not disabled).

11
Q

Which of the following technique is more relevant to test wireless (Wi-Fi) security of an organization?

A. WPA-2
B. War dialling
C. War driving
D. Social Engineering

A

C. War driving

‘War Driving’ technique is used by hacker for unauthorized access to wireless infrastructure. War driving is a technique in which wireless equipped computer is used to locate and gain access to wireless networks. Same is done by driving or walking in and around building. ‘War Driving’ is also used by auditors to test wireless. WPA-2 is an encryption standard and not a technique to test the security. War dialling is a technique for gaining access to a computer or a network through the dialling of defined blocks of telephone numbers.

12
Q

Which of the following should be a concern to an IS auditor reviewing a wireless network?

A. System hardening of all wireless clients.
B. SSID (service set identifier) broadcasting has been enabled.
C. WPA-2 (Wi-Fi Protected Access Protocol) encryption is enabled.
D. DHCP (Dynamic Host Configuration Protocol) is disabled at all wireless access poin

A

B. SSID (Service Set IDentifier) broadcasting has been enabled.

Disabling SSID broadcasting adds security by making it more difficult for unauthorized users to find the network.

13
Q

Dynamic Host Configuration Protocol (DHCP)is disabled at all wireless access points. Which of the following statement is true when DHCP is disabled for wireless networks?

A. increases the risk of unauthorized access to the network.
B. decreases the risk of unauthorized access to the network.
C. automatically provides an IP address to anyone.
D. it disables SSID (Service Set Identifier).

A

B. decreases the risk of unauthorized access to the network.

Dynamic Host Configuration Protocol (DHCP) automatically assigns IP addresses to anyone connected to the network. With DHCP disabled, static IP addresses must be used and hence risk of unauthorized access can be reduced.
Option C is incorrect because DHCP does not provide IP addresses when disabled.
Option D is incorrect because disabling of the DHCP will not automatically disables SSID.

14
Q

Best method to ensure confidentiality of the data transmitted in a wireless LAN is to:

A. restrict access to predefined MAC addresses.
B. protect the session by encrypting with use of static keys.
C. protect the session by encrypting with use dynamic keys.
D. initiate the session by encrypted device.

A

C. protect the session by encrypting with use dynamic keys.

In any given scenario, confidentiality of the data transmitted in a wireless LAN is BEST protected, if the session is encrypted using dynamic keys (as compared to static keys). When using dynamic keys, the encryption key is changed frequently, thus reducing the risk of the key being compromised and the message being decrypted. Option A and D will not ensure data confidentiality during transit.
Encryption of the data on the connected device addresses the confidentiality of the data on the device, not the wireless session. When using dynamic keys, the encryption key is changed frequently, thus reducing the risk of the key being compromised and the message being decrypted. Limiting the number of devices that can access the network does not address the issue of encrypting the session.

15
Q

Usage of wireless infrastructure for use of mobile devices within the organization, increases risk of which of the following attacks?

A. Port scanning
B. Social Engineering
C. Piggybacking
D. War driving

A

D. War driving

‘War Driving’ technique is used by hacker for unauthorized access to wireless infrastructure. War driving is a technique in which wireless equipped computer is used to locate and gain access to wireless networks. Same is done by driving or walking in and around building. A war driving att uses a wireless Ethernet card, set in promiscuous mode, and a powerful antenna to penetrate wireless systems from outside.

16
Q

For man-in-the-middle attack, which of the following encryption techniques will BEST protect a wireless network?

A. Wired equivalent privacy (WEP)
B. MAC-based pre-shared key (PSK)
C. Randomly generated pre-shared key (PSK)
D. Service set identifier (SSID)

A

Randomly generated pre-shared key (PSK)

SSID is not an encryption technique.MAC address of a computer is fixed and often accessible. A randomly generated PSK is stronger than a MAC-based PSK. WEP has been shown to be a very weak encryption technique and can be cracked within minutes. The SSID is broadcast on the wireless network in plaintext.

17
Q

How a confidentiality of the data transmitted in a wireless LAN is BEST protected?

A

If the session is encrypted using dynamic keys (as compared to static keys)

18
Q

(1)In any given scenario, following are the best practises for Wireless (Wi-Fi) security:

A

(a) Enable MAC (Media Access Control) address filtering.
(b) Enable Encryption to protect data in transit.
(c) Disable SSID (service set identifier) broadcasting.
(d) Disable DHCP (Dynamic Host Configuration Protocol).

19
Q

In any given scenario, ‘War Driving’ technique is used by hacker for for unauthorised access to wireless infrastructure.

A

War driving is a technique in which wireless equipped computer is used to locate and gain access to wireless networks. Same is done by driving or walking in and around building. ‘War Driving’ is also used by auditors to test wireless.

20
Q

In any given scenario, WPA-2 (Wi-Fi Protected Access) is the

A

strongest encryption standard for the wireless connection.

21
Q

In any given scenario, confidentiality of the data transmitted in a wireless LAN is BEST protected,

A

if the session is encrypted using dynamic keys (as compared to static keys)