Security+ SY0-601: 3.4: Wi-Fi Security

This entry is part 26 of 47 in the series [ Security+ SY0-601 ]

Chapter 20: Wi-Fi Security

Critical Vocabulary

SSID

BSSID

ESSID

MAC filtering

Signal strength

Band and Bandwidth

Antenna Types

Fat vs. Thin APs

Controller-based vs. Standalone

Cryptographic Protocols

WEP (not on 601)

WPA (not on 601)

WPA2: WiFi Protected Access 2

WPA3: WiFi Protected Access 3

CCMP: Counter-mode/CBC-MAC Protocol

SAE: Simultaneous Authentication of Equals (New on the 601 exam.)

Authentication Protocols

EAP: Extensible Authentication Protocol

PEAP: Protected Extensible Authentication Protocol

EAP-FAST

EAP-TLS

EAP-TTLS

IEEE 802.1x

https://1.ieee802.org/security/802-1x/

RADIUS: Remote Authentication Dial-in User Service Federation

Methods

Key Protos

PSK: Pre-shared key (password)

Enterprise (directory/certificate)

Open

WPS: WiFi Protected Setup

Info
WPS is wildly dangerous! It allows authentication via pushbutton or via an 8-digit PIN number over wireless.

 

https://www.youtube.com/watch?v=knllpZF508k

Captive portals

Installation considerations

Site surveys

Heat maps

WiFi analyzers

Channel overlaps

Wireless access point (WAP) placement

Controller and access point security

WiFi Scanners/Crackers

Kismet

Netstumbler

CoWPAtty

 

Series Navigation<< Security+ SY0-601: 3.3: Secure Network DesignSecurity+ SY0-601: 3.5: Secure Mobile Solutions >>