Page 791 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 791

Conducting a Site Survey


               One method used to discover areas of a physical environment where
               unwanted wireless access might be possible is to perform a site survey.
               A site survey is the process of investigating the presence, strength, and
               reach of wireless access points deployed in an environment. This task
               usually involves walking around with a portable wireless device, taking

               note of the wireless signal strength, and mapping this on a plot or
               schematic of the building.

               Site surveys should be conducted to ensure that sufficient signal
               strength is available at all locations that are likely locations for
               wireless device usage, while at the same time minimizing or
               eliminating the wireless signal from locations where wireless access
               shouldn’t be permitted (public areas, across floors, into other rooms,

               or outside the building). A site survey is useful for evaluating existing
               wireless network deployments, planning expansion of current
               deployments, and planning for future deployments.


               Using Secure Encryption Protocols


               The IEEE 802.11 standard defines two methods that wireless clients
               can use to authenticate to WAPs before normal network
               communications can occur across the wireless link. These two
               methods are open system authentication (OSA) and shared key
               authentication (SKA). OSA means there is no real authentication
               required. As long as a radio signal can be transmitted between the
               client and WAP, communications are allowed. It is also the case that
               wireless networks using OSA typically transmit everything in clear

               text, thus providing no secrecy or security. SKA means that some form
               of authentication must take place before network communications can
               occur. The 802.11 standard defines one optional technique for SKA
               known as Wired Equivalent Privacy (WEP). Later amendments to the
               original 802.11 standard added WPA, WPA2, and other technologies.


               WEP

               Wired Equivalent Privacy (WEP) is defined by the IEEE 802.11

               standard. It was designed to provide the same level of security and
   786   787   788   789   790   791   792   793   794   795   796