Page 851 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 851

the Counter Mode with Cipher Block Chaining Message
               Authentication Code Protocol (CCMP), which is based on the AES

               encryption scheme.

               Understand EAP. EAP (Extensible Authentication Protocol) is not a
               specific mechanism of authentication; rather it is an authentication
               framework. Effectively, EAP allows for new authentication
               technologies to be compatible with existing wireless or point-to-point
               connection technologies.

               Understand PEAP. PEAP (Protected Extensible Authentication
               Protocol) encapsulates EAP methods within a TLS tunnel that

               provides authentication and potentially encryption.

               Understand LEAP. LEAP (Lightweight Extensible Authentication
               Protocol) is a Cisco proprietary alternative to TKIP for WPA. This was
               developed to address deficiencies in TKIP before the 802.11i/WPA2
               system was ratified as a standard.

               Understand MAC Filtering. A MAC filter is a list of authorized

               wireless client interface MAC addresses that is used by a wireless
               access point to block access to all nonauthorized devices.

               Understand SSID Broadcast. Wireless networks traditionally
               announce their SSID on a regular basis within a special packet known
               as the beacon frame. When the SSID is broadcast, any device with an
               automatic detect and connect feature is not only able to see the
               network, but it can also initiate a connection with the network.

               Understand TKIP. TKIP (Temporal Key Integrity Protocol) was

               designed as the replacement for WEP without requiring replacement
               of legacy wireless hardware. TKIP was implemented into 802.11
               wireless networking under the name WPA (Wi-Fi Protected Access).

               Understand CCMP. CCMP (Counter Mode with Cipher Block
               Chaining Message Authentication Code Protocol) was created to
               replace WEP and TKIP/WPA. CCMP uses AES (Advanced Encryption
               Standard) with a 128-bit key.


               Understand captive portals. A captive portal is an authentication
               technique that redirects a newly connected wireless web client to a
               portal access control page.
   846   847   848   849   850   851   852   853   854   855   856