site_logo

Previous Next


  1. Security+ Practice Tests
  2. Security+ Cram Notes
  3. Network+ Practice Tests

Systems and Security : Implementation

1.4 Installing and configuring wireless security settings

Installing and configuring wireless security settings involves securing the wireless network from unauthorized access and protecting sensitive data from being intercepted. The following are steps to consider when securing a wireless network:

1. Choose a secure wireless encryption protocol: The most common encryption protocols are WEP, WPA, and WPA2. WPA2 is the most secure, but WPA is also a strong option.

2. Change the default SSID: The Service Set Identifier (SSID) is the name of the wireless network. It's important to change the default SSID to prevent hackers from finding the network.

3. Enable MAC filtering: MAC filtering allows only authorized devices to connect to the network by verifying the device's MAC address.

4. Disable WPS: WPS (Wi-Fi Protected Setup) is a feature that makes it easy to set up a wireless network, but it can also make it easier for hackers to gain access.

5. Enable WPA2-Enterprise with 802.1X: This is a more secure option that requires user authentication and encryption.

6. Use a strong password: The password for the wireless network should be strong, including a mix of letters, numbers, and symbols.

7. Disable broadcast of the SSID: Disabling the broadcast of the SSID makes it more difficult for unauthorized users to find the network.

8. Disable remote management: Unless it's necessary, it's best to disable remote management of the wireless router to prevent unauthorized access.

9. Keep the firmware up-to-date: Updating the firmware of the wireless router helps to protect against known vulnerabilities.

By following these steps, you can help to secure your wireless network and protect sensitive data.

Installing and configuring authentication protocols

1. Extensible Authentication Protocol (EAP): EAP is a flexible authentication protocol used in wireless networks and point-to-point connections. It allows the use of multiple authentication methods such as certificates, one-time passwords, and biometrics. To configure EAP, you need to set up an authentication server such as RADIUS server and configure the wireless access point to use EAP and connect to the RADIUS server for authentication.

2. Protected Extensible Authentication Protocol (PEAP): PEAP is a variation of EAP that provides an encrypted tunnel for the authentication process. It uses SSL or TLS to secure the communication between the client and the authentication server. To configure PEAP, you need to set up an authentication server such as RADIUS server with a certificate, configure the wireless access point to use PEAP, and configure the client devices to use PEAP with the appropriate certificate.

3. EAP-FAST: EAP-FAST is a proprietary EAP type developed by Cisco Systems. It provides a secure and scalable authentication solution for wireless networks. To configure EAP-FAST, you need to set up an authentication server, configure the wireless access point to use EAP-FAST, and configure the client devices to use EAP-FAST with the appropriate certificate.

4. EAP-TLS: EAP-TLS is an EAP type that uses certificates for authentication. It provides a secure and scalable solution for wireless networks and is often used in enterprise environments. To configure EAP-TLS, you need to set up a RADIUS server with a certificate, configure the wireless access point to use EAP-TLS, and configure the client devices to use EAP-TLS with the appropriate certificate.

5. EAP-TTLS: EAP-TTLS is a variation of EAP that provides a secure and scalable solution for wireless networks. It uses SSL or TLS to secure the communication between the client and the authentication server. To configure EAP-TTLS, you need to set up a RADIUS server with a certificate, configure the wireless access point to use EAP-TTLS, and configure the client devices to use EAP-TTLS with the appropriate certificate.

6. IEEE 802.1X: 802.1X is a network port-based authentication protocol used in wired and wireless networks. It provides a secure and scalable solution for network access control. To configure 802.1X, you need to set up an authentication server, configure the network switch or wireless access point to use 802.1X, and configure the client devices to use 802.1X with the appropriate certificate or credentials.

7. Remote Authentication Dial-in User Service (RADIUS) Federation: RADIUS is a protocol used for remote authentication and authorization. RADIUS federation allows multiple RADIUS servers to be used for authentication in a single network. To configure RADIUS federation, you need to set up multiple RADIUS servers, configure each RADIUS server to trust the others, and configure the network devices to use RADIUS federation for authentication.

Note: The exact steps to install and configure these protocols may vary depending on your specific network setup and device. It is always recommended to consult the documentation of the specific device or operating system you are using.

Note that EAP and other protocols can work with various authentication servers, including RADIUS, LDAP, and Kerberos. The specific authentication server used with EAP /PEAP/ 802.1X etc. depends on the requirements of the network and the available infrastructure. RADIUS is a commonly used authentication server for wireless networks, and EAP-RADIUS is one of the most widely deployed authentication methods for wireless networks. However, it's important to note that EAP is a framework and can work with different authentication servers, not just RADIUS.

Previous Next




simulationexams.com ad

certexams.com ad