Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
62 CHAPTER 4 Wireless Networking<br />
WEP characteristics:<br />
■<br />
■<br />
■<br />
■<br />
WEP utilizes a shared-key authentication that allows for encryption and<br />
decryption of wireless transmissions.<br />
Up to four keys can be defined on an AP or a client, and they can be rotated<br />
to add complexity for a higher security standard in the WLAN policy.<br />
The driving force behind WEP was privacy. In cases that require high degrees<br />
of security, other mechanisms should be utilized such as authentication,<br />
access control, password protection, and virtual private networks (VPNs).<br />
Despite its flaws, WEP still offers a better level of security than open wireless<br />
connections.<br />
EXAM WARNING<br />
Most APs advertise that they support WEP in 64-bit encryption, but often the 128-bit option<br />
is also supported. For corporate networks, 128-bit encryption-capable devices should be<br />
considered as a minimum.<br />
With data security enabled in a closed network, the settings on the client for the<br />
SSID and the encryption keys must match the AP when attempting to associate<br />
with the network or it will fail. WEP provides security and privacy in transmissions<br />
held between the AP and the clients. Some of the other benefits of implementing<br />
WEP include the following:<br />
■<br />
■<br />
■<br />
■<br />
■<br />
All messages are encrypted using a CRC-32 checksum to provide some<br />
degree of integrity.<br />
Privacy is maintained through the RC4 encryption. Without possession of<br />
the secret key, the message cannot be decrypted.<br />
WEP is extremely easy to implement. All that is required is to set the<br />
encryption key on the APs and on each client.<br />
WEP provides a basic level of security for WLAN applications.<br />
WEP keys are user-definable and unlimited. WEP keys can, and should, be<br />
changed often.<br />
EXAM WARNING<br />
Do not confuse WAP and WEP. Although it may seem that WEP is the privacy system for<br />
WAP, you should remember that WTLS is the privacy mechanism for WAP and WEP is the<br />
privacy mechanism for 802.<strong>11</strong> WLANs.<br />
WPA AND WPA2<br />
Because of the relative ease that WEP with a preshared key can be broken, the Wi-<br />
Fi Alliance has created a new encryption standard called Wi-Fi protected access<br />
(WPA). WPA enhances security over WEP by using the Temporal Key Integrity<br />
Protocol (TKIP) to address some of the weaknesses of WEP including per-packet