site_logo

Previous Next


  1. Security+ Practice Tests
  2. Security+ Cram Notes
  3. Network+ Practice Tests

Systems and Security : Implementation

1.4 Installing and configuring wireless security settings

Methods

The methods for installing and configuring wireless security settings include:

Pre-shared key (PSK): This method uses a shared secret key that is agreed upon by the wireless access point (AP) and the wireless client. The secret key is used to encrypt and decrypt wireless traffic, providing a basic level of security. There are two types of PSK: personal (for home use) and enterprise (for business use). The personal PSK is easier to set up, but less secure than the enterprise PSK, which requires a RADIUS server to authenticate clients.

WiFi Protected Setup (WPS): This is a simple method of setting up a secure wireless network without the need to manually configure encryption keys. It uses a combination of push-button and PIN methods to securely connect a client device to the AP.

Captive portals: This method is commonly used in public places like coffee shops, hotels, and airports. A captive portal is a web page that is displayed when a client device connects to a wireless network. The user must authenticate or accept terms and conditions before they can access the internet.

In summary, EAP works with any authentication server, not just RADIUS. However, the authentication server that is used in conjunction with EAP may vary depending on the method used to set up wireless security.

Installation considerations

-Site surveys
-Heat maps
-WiFi analyzers
-Channel overlaps
-Wireless access point (WAP) placement
-Controller and access point security

When installing wireless security settings, there are several important considerations to keep in mind. One of the first steps is to conduct a site survey, which helps you understand the physical layout of your environment and how the wireless signals will propagate. This information can be used to create heat maps that help you visualize the wireless signal coverage and strength.

Additionally, using WiFi analyzers can help you determine the optimal channels to use and help you identify any channel overlaps that may cause interference. Placement of wireless access points is also important as they should be placed in a way that ensures maximum coverage while avoiding dead spots.

Another important consideration is the security of the wireless network. This includes securing both the wireless access points and the wireless network controllers. Implementing strong authentication methods and encryption protocols, such as WPA2-AES, is essential to prevent unauthorized access to the network. Also, using captive portals to control access to the network and limit the risk of malicious actors exploiting vulnerabilities in the network.

1.5 Implementing secure mobile solutions

Implementing secure mobile solutions involves various strategies to secure mobile devices, applications, and communications. Some of the strategies include:

1. Mobile device management (MDM): MDM helps in managing and securing mobile devices by enforcing security policies, wiping lost or stolen devices, and managing software updates.

2. Mobile application management (MAM): MAM helps to secure and manage mobile applications by controlling access to sensitive data, managing updates, and preventing unauthorized access.

3. Containerization: Containerization is the use of virtualization technology to isolate and secure data and applications. This helps in keeping sensitive data protected and prevents unauthorized access to it.

4. Mobile threat defense (MTD): MTD is a security solution that protects mobile devices from various types of threats such as malware, phishing attacks, and unauthorized access.

5. Encryption: Encryption helps to secure sensitive data by converting it into an unreadable format that can only be decrypted with a secret key. Mobile devices should be encrypted to prevent unauthorized access to sensitive data.

6. Remote wipe: Remote wipe is a feature that allows an organization to wipe sensitive data from a lost or stolen device, ensuring that the data does not fall into the wrong hands.

7. Network security: Network security is crucial for mobile devices as they connect to various networks, both public and private. Organizations should implement secure network protocols, such as Virtual Private Networks (VPNs), to protect mobile device communications.

8. Mobile device access control: Access control policies should be implemented to prevent unauthorized access to mobile devices, applications, and data. This can include multi-factor authentication, device passcodes, and remote lock features.

Previous Next




simulationexams.com ad

certexams.com ad