Term
|
Definition
- Allows multiple Radius servers from different orgs
- Allows users to use their normal credentials
- Eduroam |
|
|
Term
|
Definition
- Cisco
- replaced LEAP
- Does not require client or server certificate |
|
|
Term
|
Definition
- Connects to network
- produces a web page that prompts for authentication |
|
|
Term
|
Definition
- EAP
- PEAP
- EAP-FAST
- EAP-TLS
- EAP-TTLS
- IEEE 802.1x
- RADIUS Federation |
|
|
Term
|
Definition
- PSK vs. Enterprise vs. Open
- WPS
- Captive portals |
|
|
Term
| Wireless Security Methods |
|
Definition
- PSK vs. Enterprise vs. Open
- WPS
- Captive portals |
|
|
Term
|
Definition
|
|
Term
|
Definition
- authentication protocol used in wireless networks and Point-to-Point connections
- designed to provide more secure authentication for 802.11
- authenticates the server with a public key certificate and carries the authentication in a secure Transport Layer Security (TLS) session
- Created by Cisco, Microsoft, and RSA
- used in authenticating to a Microsoft MS-CHAPv2 database
- requires only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication
- uses server-side public key certificates to authenticate the server.
- It then creates an encrypted TLS tunnel between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server's public key.
-The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted |
|
|
Term
|
Definition
- foundational authentication protocol
- a framework for providing the transport and usage of keying material and parameters |
|
|
Term
|
Definition
- port-based network access control
- used with authentication system: RADIUS, LDAP, TACACS+
- Supplicant, Authenticator, and Authentication server |
|
|
Term
|
Definition
- Using EAP by tunneling it inside of an EAP tunnel
- Allows the use of multiple authentication types withing a TLS encrypted tunnel
-
- send whatever type of authentication you like through that tunnel |
|
|
Term
|
Definition
- widely used as of 2018
- common way to encrypt traffic to web servers
- encrypts the authentication method |
|
|
Term
|
Definition
-2004
-Uses CCMP Counter Mode, Cipher Block Chaining, Message Authentication Code
-Uses AES w/128 bit key, 128 bit block size |
|
|
Term
|
Definition
-8 digit number really 7 digits + checksum
-Validates first 4 digits 10,000 combinations
-Then validates last 3 digits 1,000 combinations
-No lockout counter |
|
|
Term
|
Definition
-Combines root key with IV
-Adds sequence counter
-64 bit integrity check
-Deprecated in the 802.11-2012 standard |
|
|
Term
| Wireless Authentication Modes |
|
Definition
-Open
-WPA Personal with PSK
-WPA Enterprise with authentication |
|
|
Term
|
Definition
-Uses 8 digit pin
-NFC
-USB Key
-Alternative to passphrase |
|
|
Term
|
Definition
-Wireless encryption protocol
-Deemed weak in 2002
-Easy to hack |
|
|
Term
|
Definition
-Made to fix weakness in WEP
-Used TKIP with RC4 with larger encryption key 128
-Uses larger IV |
|
|
Term
|
Definition
| Used in encryption to prevent replay attacks |
|
|
