Wireless Security Settings

Question 1

PSK

Answer 1

Pre-shared key (PSK) → shared wireless password used by all devices on a network, simple to deploy but weaker for security because anyone with the key can join and compromised keys require changing access for everyone.

Used in WPA2

Question 2

GCMP

Answer 2

Galois counter mode protocol (GCMP) → modern wireless encryption protocol introduced with WPA3 that uses advanced encryption standard for encryption and message integrity checks to provide stronger confidentiality and integrity than older protocols.

Question 3

AES

Answer 3

Advanced encryption standard (AES) → strong symmetric encryption algorithm used to protect wireless data confidentiality by encrypting traffic so it cannot be read by unauthorized users.

Question 4

MIC

Answer 4

Message integrity check (MIC) → cryptographic value used to ensure data has not been altered during transmission, helping detect tampering or forgery of wireless frames.

Question 5

GMAC

Answer 5

Galois message authentication code (GMAC) → authentication-only version of Galois counter mode that provides integrity and authenticity without encryption, often paired with encrypted traffic for validation.

Question 6

SAE

Answer 6

Simultaneous authentication of equals (SAE) → secure password-based authentication method used in WPA3 that protects against offline password cracking and replaces the weaker pre-shared key handshake.

Question 7

RADIUS Server

Answer 7

Remote authentication dial-in user service (RADIUS) server → centralized authentication, authorization, and accounting system commonly used with 802.1X to authenticate users and devices on wireless and wired networks.

Question 8

LDAP Server

Answer 8

Lightweight directory access protocol (LDAP) server → directory-based authentication system that stores user identities and credentials, often integrated with wireless authentication to verify user access.

Question 9

TACACS+ Server

Answer 9

Terminal access controller access-control system plus (TACACS+) server → authentication, authorization, and accounting protocol commonly used for device administration that separates authentication from authorization for granular control.

Question 10

EAP

Answer 10

Extensible authentication protocol (EAP) → authentication framework used with 802.1X that supports multiple authentication methods such as certificates, passwords, or smart cards without transmitting credentials in clear text.

Question 11

NAC

Answer 11

Network access control (NAC) → security system that evaluates device identity and security posture during network access, allowing, restricting, or quarantining devices based on compliance with security policies.