Involves multiple wireless access points working together to create a unified and extended coverage area for users in a large building or facility
Extended Service Set Configuration
Occurs when the channels selected for adjacent wireless access points do not have enough space between the channels
Adjacent Channel Interference
Process of planning and designing a wireless network to provide a solution
Site Survey
Graphical representation of the wireless coverage, the signal strength, and frequency utilization data at different locations on a map
Heat Map
Outdated 1999 wireless security standard meant to match wired LAN security for wireless networks
WEP
Introduced in 2003 as a temporary improvement over WEP while the more robust IEEE 802.1 I standard was in development
WPA
Improved data protection and network access control by addressing weaknesses in WPA version
WPA2
Latest version using SAE encryption and introducing new features like SAE, Enhanced Open, updated cryptographic protocols, and management protection frames
WPA3
Enhances security by offering a key establishment protocol to guard against offline dictionary attacks
SAE
Major enhancement in wireless security, especially for networks using open authentication.
Enhanced Open/Opportunistic Wireless Encryption (OWE)
Uses a newer variant of AES known as the AES GCMP
Cryptographic Protocol
Support 128-bit AES for personal networks and 192-bit AES for enterprise networks with WPA3
Galois Counter Mode Protocol (GCMP)
Required to protect network from key recovery attacks
Management Protection Frames
Plays a vital role in network security by centralizing user authentication to permit only authorized users to access network resources
AAA Protocol
Separates the functions of AAA to allow for a more granular control over processes
TACACST+
Confirm user identity for network security and authorized access
Authentication Protocols
Critical aspect of software development that focuses on building applications that are secure by design
Application Security
Acts as a gatekeeper to ensure that applications only act on well-designed and uncontaminated data
Input Validation
These rules delineate acceptable and unacceptable inputs
Validation Rules
Small pieces of data stored on the user’s computer by the web browser while browsing a website
Cookies
Transmitted over secure HTTPS connections to prevent potentials to prevent potential eavesdroppers from intercepting the cookie data
Secure Cookies
A method of debugging an application by reviewing and examining its source code before the program is ever run
Static Code Analysis (SAST)
Testing method that analyzes an application while it’s running
Dynamic Code Analysis
Finds software flaws by bombarding it with random data to trigger crashes and security vulnerabilities
Fuzzing
-
Data Protection37
-
Cryptographic Solutions20
-
Fundamentals of Security59
-
Threat Actors40
-
Physical Security25
-
Social Engineering34
-
MALWARE27
-
Third-Party Vendor Risks26
-
Security Infrastructure93
-
Governance and Compliance39
-
Vulnerabilities and Attacks49
-
Asset and Change Management36
-
Cyber Resilience and Redundancy51
-
Security Techniques58
-
Security Architecture40
-
Incident Response33
-
Alerting and Monitoring20
-
Identity and Access Management Solution57
-
HARDENING25
-
Vulnerability Management20
-
Malicious Activity31
-
Security Awareness13
-
Investigating an Incident10
-
Orchestration and Automation31
-
Areas Need Improvement13
-
Test-Data Monitoring10
