Wireless encryption
• All wireless computers are radio transmitters and
receivers - anyone can listen in
- Solution: Encrypt the data
- Everyone gets the password
- Or their own password
• Only people with the password can transmit and
listen
• WPA and WPA2
WPA (Wi-Fi Protected Access)
• 2002: WPA was the replacement for serious
cryptographic weaknesses in WEP (Wired Equivalent
Privacy)
• Don’t use WEP
• Needed a short-term bridge between WEP and
whatever would be the successor
• Run on existing hardware
• WPA: RC4 with TKIP (Temporal Key Integrity Protocol)
• Initialization Vector (IV) is larger and an encrypted
hash
• Every packet gets a unique 128-bit encryption key
Temporal Key Integrity Protocol
- Mixed the keys
- Combines the secret root key with the IV
• Adds sequence counter - prevents replay attacks
- Implements a 64-bit Message Integrity Check
- Protects against tampering
- TKIP has it’s own set of vulnerabilities
- Deprecated in the 802.11-2012 standard
WPA2 and CCMP
• WPA2 certification began in 2004
• AES (Advanced Encryption Standard) replaced RC4
• CCMP (Counter Mode with Cipher Block Chaining
Message Authentication Code Protocol) replaced
TKIP
- CCMP block cipher mode
- Uses AES for data confidentiality
- 128-bit key and a 128-bit block size
- Requires additional computing resources
• CCMP security services
• Data confidentiality (AES), authentication, and access
control
-
Common Ports15
-
Understanding the OSI Model9
-
Introduction to Ethernet5
-
Network Switching Overview4
-
Broadcast Domains and Collision Domains5
-
Protocol Data Units3
-
Network Segmentation3
-
Spanning Tree Protocol4
-
Switch Interface Properties6
-
Static and Dynamic Routing5
-
IGP and EGP3
-
Dynamic Routing Protocols5
-
IPv4 and IPv6 Addressing5
-
Configuring IPv66
-
Prioritizing Traffic4
-
Network Address Translation4
-
Access Control Lists2
-
Circuit Switching and Packet Switching4
-
Software Defined Networking3
-
IPv4 Addresses2
-
Classful Subnetting and IPv4 Subnet Masks3
-
IPv6 Subnet Masks1
-
Calculating IPv4 Subnets and Hosts1
-
Seven Second Subnetting1
-
Assigning IPv4 Addresses3
-
Assigning IPv6 Addresses4
-
Network Topologies/Common Network Types10
-
Internet of Things Topologies8
-
802.11 Wireless Standards6
-
Cellular Network Standards5
-
Wireless Network Technologies8
-
Cloud Services and Delivery Models8
-
An Overview of DNS5
-
DNS Record Types8
-
DHCP Addressing Overview4
-
Configuring DHCP4
-
An Overview of NTP4
-
Copper Cabling7
-
Optical Fiber2
-
Network Termination Points4
-
Network Transceivers6
-
Ethernet Standards3
-
Networking Devices9
-
Advanced Networking Devices17
-
Virtual Networking3
-
Network Storage6
-
WAN Services7
-
WAN Technologies8
-
WAN Termination4
-
Network Documentation11
-
Availability Concepts5
-
Power Management3
-
Recovery Sites3
-
Backup and Recovery5
-
Process Monitoring7
-
Event Management4
-
Performance Metrics2
-
Remote Access10
-
Policies and Best Practices16
-
Physical Security7
-
Authorization, Authentication, and Accounting9
-
Multi-factor Authentication6
-
Access Control6
-
Wireless Encryption4
-
Denial of Service4
-
Social Engineering2
-
Logic Bombs3
-
Rogue Access Points2
-
Wardriving1
-
Phishing2
-
Ransomware4
-
Spoofing3
-
Wireless Deauthentication3
-
Brute Force Attacks2
-
VLAN Hopping3
-
Man-in-the-Middle2
-
Device Hardening10
-
Mitigation Techniques8
-
Switch Port Protection5
-
Network Segmentation3
-
Hardware Tools9
-
Software Tools4
-
Command Line Tools11
-
Wired Network Troubleshooting24
-
Wireless Network Troubleshooting13
-
Network Service Troubleshooting17
