Free Study Guide for Network Plus 4.3

4.3 Given a scenario, secure a basic wireless network.

Welcome to Exam Notes by CertBlaster! This is our Free Study Guide for Network Plus 4.3. In this installment, we will explore the Network+ Objective 4.3 – “Given a scenario, secure a basic wireless network.”

WPA/WPA2

Wireless network traffic can be seen and captured. WEP (Wired Equivalent Privacy) was the original encrypted WiFi protocol. WEP has some shortcomings, for example, the same static network key is used on all clients. This key can only be changed manually.

WPA (Wireless Protected Access) was developed in order to increase security and dynamically create new keys for every transmission. WPA uses TKIP (Temporal Key Integrity Protocol) which utilizes the RC4 (Rivest Cipher 4) stream cipher. Each packet gets a unique 128-bit key.

The WPA2 certification was introduced in 2004 and replaced the RC4 encryption algorithm with AES (Advanced Encryption Standard) for faster and more secure transmissions. CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is used to replace the now deprecated TKIP. CCMP supports data confidentiality, authentication, and access control. A Pre-Shared Key (PSK) can be created with WPA2-personal in a home or small office.

Circling back to WEP (Don’t use it!), WEP supports two testable authentication methods. OSA (Open System Authentication) requires no key and the client needs only the SSID to begin. SKA (Shared Key Authentication) uses the same key across all wireless nodes and communications can be encrypted.

Authentication and authorization

Authentication on WPA2-Enterprise networks very often use RADIUS servers and the EAP (Extensible Authentication Protocol). EAP is supported by modern operating systems and can be used with physical authentication methods. EAP-TLS uses the public key infrastructure with TLS encryption. EAP-TLS is Certificate based.

PEAP (Protected PEAP) and EAP-FAST (EAP-Flexible Authentication via Secure Tunneling) both create secure tunnels between the endpoints. PEAP creates an outer tunnel before beginning the normal EAP process. This creates an inner tunnel to be used for data.

Geofencing

Many enterprises using WWAN to serve their mobile users use MDM (Mobile Device Management) software in order to secure their mobile assets. The MDM uses the device’s GPS in order to determine whether a device is in an approved area. Access is restricted to clear geographic areas.

Click here to go back to the Network+ 4.0 Table of Content

That’s all for objective we hope you enjoyed our Free Study Guide for Network Plus 4.3.  – “Given a scenario, secure a basic wireless network.” See you in 4.4!

In this short video, you will get a quick overview of the Network+ Exam Objectives:

By continuing to browse this site, you accept the use of cookies and similar technologies that will allow the use of your data by CertBlaster in order to produce audience statistics- see our privacy policy.