Vous êtes sur la page 1sur 9

Chapter 8: Wireless LAN Security and Vulnerabilities TRUE/FALSE 1.

Information security involves more than protecting the information itself. ANS: T REF: 257

2. Employees pose only a small threat to networks. ANS: F REF: 260

3. Cryptography is a new invention of the 20th Century. ANS: F REF: 264

4. Open system authentication and shared key authentication are the only two types of wireless authentication available under the 802.11 standard. ANS: T REF: 274

5. Wireless DoS attacks are exactly the same as wired DoS attacks. ANS: F MULTIPLE CHOICE 1. What disadvantage of wireless networks provides the biggest stumbling block to the adoption of wireless technology? a speed c security . . b cost d complexity . . REF: 280

ANS: C

REF: 256

2. ____ ensures that the information is correct and that no unauthorized person or malicious software program has altered that data. a Integrity c Confidentiality . . b Availability d Access control . .

ANS: A

REF: 257

3. A ____ is not malicious but often seeks to expose security flaws. a cracker c spy . . b script kiddie d hacker

ANS: D

REF: 259

4. Which type of attacker typically has a high skill level? a hacker c spy . . b cracker d All of the above . .

ANS: D

REF: 260

5. ____ was initially founded by the U.S. Department of Defense and is now part of the Software Engineering Institute at Carnegie Mellon University. a Computer Emergency Response Team Coordination Center (CERT/CC) . b InfraGard . c National Security Institute (NSI) . d SysAdmin, Audit, Network, Security (SANS) Institute .

ANS: A

REF: 261

6. Which characteristic of information is guarded by access control? a availability c confidentiality . . b integrity d robustness . .

ANS: A

REF: 262 c . d . is expensive does not work well

7. MAC address filtering ____. a is difficult to implement . b requires pre-approved authentication .

ANS: B

REF: 264

8. Which aspect of information security does WEP protect? a availability c confidentiality . . b integrity d All of the above . .

ANS: C

REF: 264

9. When the recipient receives the encrypted text, it must be decrypted with the cipher and the key to produce the original ____. a plaintext c ciphertext . . b detext d deciphertext . .

ANS: A

REF: 265

10. According to the IEEE 802.11 cryptography objectives, how strong should WEP be? a difficult c extremely . . b reasonably d unbreakable . .

ANS: B

REF: 266

11. A WEP key can be a passphrase created by entering ____ ASCII characters. a 3 c 10 . . b 7 d 16 . .

ANS: D

REF: 266

12. In WEP, the CRC generates a(n) ____ based on the contents of the text. a initialization vector c checksum . . b cipher d key . .

ANS: C

REF: 269

13. RC4 is a ____ cipher that accepts keys up to 128 bits in length. a stream c cyclic . . b key d logical . .

ANS: A

REF: 270

14. ____ is another name for open systems authentication. a Public key encryption c WEP . .

b Symmetric key encryption .

d .

SSID filtering

ANS: D

REF: 271

15. In a brute force attack, what key combination would follow 00001? a 00000 c 00010 . . b 00002 d 10000 . .

ANS: B

REF: 273

16. A standard personal computer can easily create over ____ possible password combinations per second. a 100 c 1,000,000 . . b 1,000 d 1,000,000,000 . .

ANS: C

REF: 274

17. MAC address filtering is vulnerable because there are programs available that allow users to ____ a MAC address. a spoof c modify . . b break d disable . .

ANS: A

REF: 275

18. In a 64-bit packet sent using WEP, how many bits are actually encrypted? a 10 c 40 . . b 24 d 64 . .

ANS: C

REF: 276

19. A ____ attack on WEP involves viewing collisions to derive plaintext values. a capture c weak key . . b keystream d pseudo-random number . .

ANS: B

REF: 278

20. On wireless networks, ____ attacks are commonly done by attackers setting up a fake access point. a spoof c DoS . . b weak key d man-in-the-middle . .

ANS: D

REF: 279

21. A wireless DoS attack may involve an attacker sending a series of ____ frames to a wireless device. a disassociation c misaddressed . . b drop d incomplete . .

ANS: A COMPLETION

REF: 280

1. The term _________________________ is frequently used to describe the tasks of guarding information that is in a digital format. ANS: information security REF: 256 2. While most attacks take advantage of vulnerabilities that someone has already uncovered, a(n) ____________________ attack occurs when an attacker discovers and exploits a previously unknown flaw. ANS: day zero REF: 259 3. Access ____________________ is intended to guard one of the three CIA characteristics of information, namely the availability of information. ANS: control REF: 262 4. Using the same (shared) secret key to both encrypt as well as decrypt is called ____________________ cryptography. ANS: private key REF: 266 5. In a(n) ____________________ attack, an attacker attempts to create every possible key combination by using a program to systematically change one character at a time in a possible default key, and then using each newly generated key to decrypt a message.

ANS: brute force REF: 273 MATCHING Match each term with the correct statement below. a 4 cipher f 9 computer spy b 8 keystream g 2 hacker c 5 cracker h 1 filter d 3 default key i 6 jam e 7 script kiddies .

1. limit a users admission to the access point 2. person who uses his or her advanced computer skills to attack computers but not with a malicious intent 3. key value that is used to encrypt wireless data transmissions when they are sent 4. encryption algorithm 5. person who violates system security with malicious intent 6. attacker floods the radio frequency spectrum with noise 7. unskilled or novice users who break into computer systems with malicious intent 8. series of 1s and 0s equal in length to the text plus the ICV 9. person who has been hired to break into a computer and steal information 1. ANS: H 2. ANS: G 3. ANS: D 4. ANS: A 5. ANS: C 6. ANS: I 7. ANS: E 8. ANS: B REF: 262 REF: 259 REF: 267 REF: 265 REF: 259 REF: 280 REF: 259 REF: 269

9. ANS: F SHORT ANSWER

REF: 260

1. What are the three characteristics of information that must be protected by information security? ANS: ConfidentialityConfidentiality ensures that only authorized parties can view information. IntegrityIntegrity ensures that the information is correct and that no unauthorized person or malicious software program has altered that data. AvailabilityAlthough a secure computer must restrict access attempts by unauthorized users, it must still make the data available to authorized users. REF: 257 2. Describe one trend that is making security increasingly difficult. ANS: Speed of attacks - With modern tools at their disposal, attackers can quickly scan systems to find weaknesses and then launch attacks with unprecedented speed. Sophistication of attacksSecurity attacks are becoming more complex. Some attacker tools vary their behavior so the same attack appears differently each time, making detection very difficult. Faster detection of weaknessesThe number of newly discovered system vulnerabilities doubles annually,making it more difficult for software developers to keep pace. Distributed attacksAttackers can now use hundreds or thousands of computers in an attack against a single computer or network. REF: 258-259 3. What is a cracker? ANS: A cracker is a person who violates system security with malicious intent. Like hackers, crackers have advanced knowledge of networks and the skills to exploit them. Unlike ethical hackers who claim to be only searching for security weaknesses, crackers destroy data, deny service to legitimate users, or otherwise cause serious problems on computers and networks. Crackers can be identified by their malicious actions: they intend to do harm to any computer they can break into. REF: 259 4. Briefly describe the goal of InfraGard. ANS: The goal of InfraGard is to improve and extend information sharing between private industry and the government, particularly the FBI, when dealing with critical national infrastructures. Composed of a consortium of private industry and the U.S. federal government, coordinated through the FBI, their URL is www.infragard.net. REF: 261 5. Briefly describe cryptography and discuss its history.

ANS: Cryptography comes from two Greek words: crypto, meaning hidden, and graph, meaning writing. Cryptography is the science of transforming information so that it is secure while it is being transmitted or stored. Cryptography does not attempt to hide the existence of the data (that is known as steganography); instead it scrambles the data so that it cannot be viewed by unauthorized users. Cryptography dates back several centuries. One of the most famous ancient cryptographers was Julius Caesar. When sending written messages to his generals, Caesar took the original message, known as the plaintext, and shifted each letter three places down in the alphabet, so that an A was replaced by a D, a B was replaced by an E, and so forth, to create an encoded ciphertext. Changing the original text to a secret message using cryptography is known as encryption. When Caesars generals received his messages, they reversed the process (such as replacing a D with an A) to change the secret message back to its original form. This is called decryption. REF: 264-265 6. Describe the five steps in the process of WEP encryption. ANS: 1. The information to be encrypted has a cyclic redundancy check value calculated. This CRC generates a checksum based on the contents of the text. WEP (wired equivalent privacy) calls this the integrity check value (ICV) and appends it to of the text. 2. The WEP shared secret key used for encryption is combined initialization vector (IV).The IV is a 24-bit value that changes each time a packet is encrypted. This random IV value helps ensure that another number (created in the next step) can be created. If only the default key was used to create a random number then the number generated could be the same each time. Varying the IV each time ensures that the random number is indeed random. In this sense the IV (along with the default key) is used as a seed for generating a random number. 3. The shared secret key and IV are then entered into a pseudo-random generator (PRNG) that creates a random number. This output is known keystream. The keystream is essentially a series of 1s and 0s equal in the text plus the ICV. 4. The two values (text plus ICV and the keystream) are then combined the exclusive OR (XOR) operation to create the ciphertext. 5. The IV is added to the front (pre-pended) of the ciphertext and the ready for transmission. The IV is in plaintext and is not encrypted. REF: 269 7. Describe open system authentication. ANS: After discovering the network through passive scanning or active scanning and receiving the necessary information, the wireless device sends an association request frame to the AP that carries information about the data rates that the device can support along with the service set identifier (SSID) of the network it wants to join. After receiving the association request, the access point considers the request by comparing the SSID received with the SSID of the network. If the two match then the wireless device is authenticated. REF: 270 8. Describe at least four weaknesses of open system authentication.

ANS: Beaconing the SSID is the default mode in all access points, so an uninformed user who installs an AP is broadcasting the SSID by default. Not all access points allow beaconing to be turned off. Many access points that do allow beaconing to be turned off discourage users from doing so. Turning off SSID beaconing prevents devices from freely roaming from one access point to another, because the device must know the SSID of each AP in order to be authenticated. This inconvenience discourages turning off SSID beaconing. The SSID is initially transmitted in plaintext (unencrypted) form when the device is negotiating with the access point. If an attacker cannot capture an initial negotiation process, it can force one to occur. The SSID can be retrieved from an authenticated device. Many users do not change the default SSID and these are well known. REF: 272 9. What is a dictionary attack? ANS: Unlike a brute force attack in which all possible combinations are used, a dictionary attack takes each word from a dictionary and encodes it in the same way the passphrase was encoded. Attackers then compare the encoded dictionary words against those in the encrypted frame. When attackers find a match, they know which dictionary word made up the passphrase. REF: 274 10. Describe a man-in-the-middle attack. ANS: Man-in-the-middle attacks on computer information are common. This type of attack makes it seem that two computers are communicating with each other, when actually they are sending and receiving data with a computer between them, or the man in the middle. Man-in-the-middle attacks can be active or passive. In a passive attack, the attacker captures the sensitive data that is being transmitted and then sends it on to the original recipient without his presence being detected. In an active attack, the contents of the message are intercepted and altered before they are sent on. REF: 279