Controlling access to information systems and associated networks is necessary for the preservation of their: Confidentiality, integrity and availability

Confidentiality is the protection of data against unauthorized access or disclosure.

Authentication is the process of verifying an identity. When you log onto a network, your user name provides your identity, but your password provides authentication. In a secure connection, the IP address may provide identity, but a digital certificate provides authentication.

Authorization is determining if a user or service has access to a resource. This is usually determined by finding out if that user is a part of a particular group, if that person has paid admission, or has a particular level of security clearance.

Access control is a much more general way of talking about controlling access. Access can be granted or denied based on a wide variety of criteria, such as the network address of the client, the time of day, or the browser which the visitor is using. Access control is analogous to locking the gate at closing time, or only letting people onto the ride who are more than 48 inches tall - it's controlling entrance by some arbitrary condition which may or may not have anything to do with the attributes of the particular visitor.

Mandatory Access Control (MAC)

• Mandatory Access Control is also known as multilevel security and is nondiscretionary.

• Resources are assigned Sensitivity Labels (aka: Security Labels) and, if labels don’t match, access is denied.

Discretionary Access Control (DAC)

• Discretionary Access Control is what to use if you want to restrict users’ access to an object of some kind.

• Each object (like a file) has an owner (user), the owner has control of the object.

• DACs are created by the data owner (like on a folder or printer, etc...)

Rule Based Access Control (RBAC)

• Rule Based Access Control is a form of access control that looks at every request and performs a “match” on the resource request based on a set of conditions. The user is granted access, depending on the result of the match.

• Access Control Lists are the most common form of RBAC.

Role Based Access Control (RBAC)

• Access control decisions are based on responsibilities that an individual user or process has in an organization.

Kerberos

• Kerberos lets a user request an encrypted session ticket through an authentication process.

• The Kerberos ticket can then be used to access network resources.

• The Kerberos system relies heavily on time stamps, all systems need to be time synchronized.

• Kerberos uses symmetric-key cryptography.

• Microsoft Active Directory uses Kerberos authentication.

Challenge-Handshake Authentication Protocol (CHAP)

• CHAP uses a one-way hash function to send a username and password.

• CHAP is mostly used for dial-up connections

Certificates

• Authentication is based on a previously issued digital certificate.

• The X.509 standard is typically used for digital certificates.

• Certificates are considered the best form of digital security for Internetwork traffic

Tokens

• Tokens store information that can be used to authenticate the user.

• Examples of Token based technology are seen with RSA’s SecurID.

Biometrics

• Biometrics is authentication based on human characteristics or smart card based technology.

• Forms of Biometrics:
  • Fingerprints
  • Eye retina scans
  • Voice recognition
  • facial characteristics

• Biometric data can be placed on a smart card to be used for authentication. In terms

• of this, IBM, Microsoft, Novell, and others are developing a standard, called BioAPI.

Multi-Factor

• This is an authentication based on two or more authentication methods.

• An example of two-factor authentication would be requiring a password and a digital certificate.

• Multi-Factor authentication just adds more levels to your security posture and thus enhances it.

Directory Enabled Networking and

Directory-Enabled Networking (DEN) is an industry-standard initiative and specification for how to store a network’s information in a central location. Here are some items to know about DEN:

• DEN defines an object-oriented information model and is based on the Common Information Model (CIM)

• Both models, DEN and CIM, are mapped into the directory as part of the Lightweight Directory Access Protocol (LDAP)

• DEN and CIM are an advance over the Simple Network Management Protocol (Simple Network Management Protocol)

LDAP

Lightweight Directory Access Protocol (LDAP) is a set of protocols for accessing information directories. LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it's a simpler version of X.500, LDAP is sometimes called X.500-lite.

LDAP is used in the structure of Active Directory. Because LDAP is an open protocol, applications need not worry about the type of server hosting the directory.

LDAP arranges security objects in a folder like structure (a hierarchy). The base of this structure is the root.

Attacks

Password Hacking

Random Guessing - Password Guessing or ‘cracking’ is an attack on authentication credentials for any given system. Users who configure their passwords using simple and meaningful things such as pet names or birthdays are subject to having their account used by an intruder that uses this information to guess at the password.

Brute Force - A form of Password Cracking. Brute Force attacks will try every single key combination known to crack your password. The only protection against them is to either have a key length too long to crack anytime in this lifetime, or change the password frequently.

Dictionary - A form of Password Cracking. The term ‘dictionary’ comes from the actual book of known words - this data is transferred into a file and loaded into a tool to try to help a hacker to crack your password. The defense against this is to not use simple-toguess and known dictionary words as passwords.

Social Engineering - Exploiting human weakness to get someone to gain access to systems. (For example: Pretending to be an engineer from another site and requesting a password or befriending an employee of a company to gain physical access.)

Network Systems Attacks

Back Door - This is any opening left in a functional piece of software that allows ‘unknown’ entry into the system / or application without the owner’s knowledge. Many times, back doors are left in by the software creators.

Software Exploitation - Attacks against a system’s bugs or flawed code. Use Hot Fixes and Service packs to fix them.

Privilege Escalation - Escalation occurs when a legitimate user account is given more access than the account should have. for example: A user runs a program or script that exploits the environment to make the user an administrator.

Denial of Service (DOS) - A denial of service attack is an attack used to achieve the disruption of any network service. This attack is designed to shut down services, or to cause them to loose function, but does not specifically target data.

Distributed Denial of Service (DDOS) is the distributed form of DOS attack where a hacker uses many systems across the Internet to launch simultaneous attacks to achieve a more effective denial of service attack.

Types of DOS:

• Buffer Overflow - A Buffer Overflow occurs when more data is sent into a data buffer than the buffer was designed to handle. The data may be a flood, or just a single string of data that is larger than the buffer. Most network devices or services have buffers (web servers, email, DNS, routers, etc...).

• SYN Attack - exploits the three-way handshaking mechanism of the TCP/IP protocol. The attacker starts thousands of TCP connections to a host, but never completes the connections. Once enough connetions are left half open, the host can accept no more connections.

• Smurfing - Exploits ICMP (ping) transmits an echo request packet to a network’s broadcast address with a spoofed source address. The victim is then quickly overwhelmed by a large number of echo replies.

• Ping of Death - Used to attempt to crash your system by sending oversized packets to a host. Ping of death can actually be run from older versions of Windows, Linux and Cisco routers.

• Chargen - This results from a flaw with TCP port 19 where, if you connect via the port, you can run what’s called a Character Generator attack.

Network Traffic Attacks

Spoofing - Providing false information about the source of an attack. Altering outgoing packets at the source of the attack to appear as if they originated elsewhere, like a trusted host or another subnet.

Man in the Middle - Man in the Middle attacks involve a malicious attacker intercepting communications and fooling both parties into believing they are communicating privately with each other when they are actually being watched. The attacker can then do anything to the transmission they are now a part of, including eavesdropping or planting information.

Replay - A Replay attack occurs when a Hacker uses a Sniffer to grab packets off of the wire. After packets are captured, then the hacker can simply extract information from the packets, such as authentication information and passwords. Once the information is extracted, the captured data can be placed back on the network or replayed.

TCP/IP Hijacking - This is also called “Session Hijacking”. A hacker can take over a TCP session between two machines. A popular method is using source-routed IP packets. DNS Poisoning DNS Poisoning occurs when your DNS files are poisoned with bad information. In other words, if you have an A record that points to a trusted host, a hacker can change it and point you in the wrong direction for malicious intent.

Tools and Techniques

Port Scanning - Port Scanning is performed by running a vulnerability scanner on a system to see what ports are open. This is usually used by a hacker to identify a system's vulnerabilities in preparation for an attack.

Sniffing - Sniffing capture packets that flow through a network, attempting to receive information. Sniffing is typically used to capture passwords, but can be used to gather almost any type of information flowing across a network.

War Dialing - This is the process of running modem scanning tools against a PBX or any given dialup modem for the purpose of penetration. A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem. The program will dial a range of numbers you ask it to dial and will log failure and success ranges in a database.

War Driving - This is the process of using an attack tool to penetrate wireless systems from outside the facility where the wireless system sits. A wireless Ethernet card set to work in promiscuous mode is needed to War drive, and you will also need a powerful antenna if you are going to remain at a distance from the facility hosting the wireless network.

Viruses

A virus is a piece of malicious code that can replicate itself, and spread itself to other systems. A virus has no productive purpose, and exists to continue spreading itself, often damaging computer systems, or creating further vulnerabilities. Just a few virus types:

• Trojan Horse - A Trojan horse appears to be a legitimate program of some sort, but actually contains malicious code.

• Logic Bomb - Logic Bombs will lie dormant until one or more logical conditions are met to trigger a malicious exploit. These logical conditions can be anything from a date to a time.

• Worms - A Worm is a form of malicious code that will exploit networking vulnerabilities to spread itself from system to system on its own accord.

• E-Mail - Email viruses rely on a users email client software to replicate itself by mailing itself to a user's email contacts.

AntiVirus Protection

• Antivirus software looks for the virus code in files, pieces of specific code make up the virus signature.

• Always update your Anti-Virus definitions. This allows your anti-virus software to spot signatures of new viruses.

Hoaxes - Hoax warnings are typically scare alerts started by malicious people - and passed on by innocent users who think they are helping the community by spreading the warning. A hoax may warn of an impending virus, or be about a missing child, or appear as a chain letter. Hoaxes can cause as much email congestion as some weak viruses. .

Important Ports 

You will need to have the list of ports memorized by number and function:

Communication Security

Remote Access

Remote access is the ability to get access to a computer or a network from a remote location.

Virtual Private Network (VPN)

• • A VPN (virtual private network) is a way to use a public infrastructure to provide remote offices or users with secure access to their home network.

• • A virtual private network allows a company to use a public medium, like the Internet, safely

• • A virtual private network uses encryption methods to tunnel across a public medium

• • A virtual private network can be cheaper, but the bandwidth is not always guaranteed

• • A virtual private network can also connect business units together to form an Extranet

Internet Protocol Security (IPSEC)

IPSEC is a security protocol that will work at the network layer of the OSI model, while most other security systems would work at the application layer of the OSI model. IPSec supports two modes of security: transport and tunnel mode.

• Tunnel mode makes use of pre-shared keys to establish a tunnel with encrypted header and data on each packet. This mode should be used when establishing a connection across the Internet for business data connections (VPN)

• In transport mode, the data portion of the IP packet is encrypted, but the IP header is not.

IPSEC provides two services:

• Authentication Header (AH), which allows authentication of the sender of data

• Encapsulating Security Payload (ESP), which supports encryption of data. Think: Encryption, Security, Privacy

ISAKMP defines payloads for exchanging key generation and authentication data

Point-to-Point Tunneling Protocol (PPTP)

• Point-to-Point Tunneling Protocol is a WAN protocol that allows for tunneling.

• Not as secure as L2TP, PPTP allows for simple VPN connections.

Layer Two Tunneling Protocol (L2TP)

• The Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP)

• Used to enable the operation of a VPN over the Internet.

• Uses IPSec to provide certificate based authentication and encryption to a connection.

• The two main components that make up L2TP are:
  • L2TP Access Concentrator (LAC)
  • L2TP Network Server (LNS)

Remote Authentication Dial-In User Service (RADIUS)

• • RADIUS stands for Remote Authentication Dial-In User Service

• • RADIUS is a client/server protocol and it maintains user profiles in a central database

• • RADIUS authenticates dial-in users, authorizes their access, and enables remote access servers to communicate with a central server

Terminal Access Controller Access Control System (TACACS and TACACS+)

• • TACACS stands for Terminal Access Controller Access Control System

• • TACACS+ is an extension of the TACACS system that allows for multi factor authentication

• • TACACS is an old authentication protocol that allows a remote access server to forward a user's credentials to an authentication server

E-Mail

Secure Multi-Purpose Internet Mail Extensions (S/MIME)

• S/MIME stands for Secure Multi-Purpose Internet Mail Extensions

• S/MIME is a method of sending e-mail that uses the RSA encryption

• S/MIME is in most Web browsers from Microsoft and Netscape

Pretty Good Privacy (PGP)

• Pretty Good Privacy (PGP) is an application (program) used to encrypt and decrypt e-mail to keep it secure.

• It comes in single license use, which is free, and in corporate versions, which must be purchased. You can download it from the above link.

• PGP, developed by Philip R. Zimmermann in 1991, has become the tool of choice for e-mail security.

• PGP is used to encrypt email so it can’t be hacked on route.

• PGP uses keys and a secret pass phrase, a variation of the public key system PGP comes in two public key versions:
  • Rivest-Shamir-Adleman (RSA)
  • Diffie-Hellman

Spam

• Spam is the email form of junk mail. It is unsolicited mail (you never asked to receive it).

• It can cause extra network traffic and cost users time in dealing with it.

• Prevent spam on your email account by never giving out an email address to a web site, and never post your email on a web site.

SMTP Relay

• Spamming has become a large menace lately and the best way to distribute it is through other people’s email systems.

• SMTP relays are most often used to send spam because, if a hacker can exploit your system, then he can send his trash through your Internet email relay.

• The email relay is enabled when your SMTP server allows all users (*) the ability to send.

• Disable the all users (*) feature on your SMTP server to prevent email relay.

Instant Messaging

• Instant Messaging is a peer-to-peer network service, which makes it extremely insecure compared to other messaging systems.

• Users of Instant Messaging clients are especially prone to Hostile code delivered by file transfer.

Web Security

Secure Sockets Layer (SSL)

• Asymmetric encryption algorithm (uses public and private key)

• SSL is commonly used for web based e-commerce and e-mail authentication.

• Encrypts traffic between client and web server or email server

• SSL comes in two basic strengths: 40 and 128 bit encryption

• An SSL session is ‘stateful’ - SSL Handshake protocol coordinates the states of the client and server and form a negotiation

• There are six steps to the SSL handshake:

Transport Layer Security (TLS)

• TLS is the successor to the Secure Sockets Layer (SSL)

• TLS is a protocol that ensures privacy on the Internet

• TLS ensures that eavesdropping or tampering does not happen

• TLS is composed of two layers:
  o TLS Record Protocol
  o TLS Handshake Protocol

• The TLS protocol is based on Netscape's SSL3

• TLS and SSL are not interoperable

Hypertext Transfer Protocol /Secure (HTTP/S)

• HTTPS is known as (HTTP over SSL) Hypertext Transfer Protocol over Secure Socket Layer

• HTTPS is a Web protocol developed by Netscape and is built into the browser and encrypts/decrypts user page requests.

• It uses port 443 instead of HTTP port 80 and uses a 40-bit key for the RC4 stream encryption algorithm.

• The Uniform Resource Locator (URL) looks different than for http: https://

FTP

• The protocol used, FTP (File Transfer Protocol), is problematic because all authentication credentials are sent in clear text.

• This makes FTP vulnerable to eavesdropping, sniffing and data capture. Packet sniffing can be used to obtain username and password information in clear text.

• FTP allows the use of anonymous access. To secure a FTP server, disable anonymous access.

• If the server is misconfigured, then hackers can anonymously come in and use your FTP server to store and transfer their data.

Secure FTP (S/FTP)

• Secure FTP supports Secure Sockets Layer (SSL) to secure a connection

• Requires a SFTP capable client and server

Web Vulnerabilities

Java Script

• Most JavaScript hacks involve issues with user privacy.

• JavaScript runs in a client's browser, and can be seamlessly included in web pages and emails.

• JavaScript runs in a 'Virtual Machine', and is limited in what it can do on a client system.

ActiveX

• Developed by the Microsoft ActiveX can be embedded in a web page like Java Applets

• The ActiveX control security model is different from Java applets:
  o Java security is restricted where the behavior of the applet is set for safe actions
  o ActiveX places no restrictions on what a control can do

• Using a system called "Authenticode", an ActiveX control could be digitally "signed" by its author so it’s not altered without warning.

Cookies

• A cookie is a mechanism, developed by the Netscape Corporation, which makes up for the stateless nature of the HTTP protocol.

• A cookie is only used to store data on your system in a simple text file associated with your session with the web server.

• Only the server that placed the cookie reads the cookie, and the servers cannot access information that they did not put there.

Basics of Cryptography

Algorithms

Hashing

• Mathematically converting a text string into a representative number.

• Used to encrypt and decrypt digital signatures and ensure data has not been changed.

Asymmetric

• With asymmetric cryptography, a pair of keys is used to encrypt and decrypt a message.

• Also known as a Public Key Cryptology.

• Encryption and authentication can take place without sharing private keys.

Symmetric

• Uses a single (secret) encryption key. The same key is used for both encryption and decryption.

• Stream-cipher or Block are Symmetric-key algorithms used for encryption

Concepts of using cryptography

Digital Signatures

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message and is not to be confused with a digital certificate.

• Easily transportable,

• Can’t be imitated by something else

• Can be automatically time stamped

Non-Repudiation - the ability to make sure that the sender cannot deny the authenticity of their signature on a document they send.

Public Key Infrastructure (PKI)

Public Key Infrastructure is a system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. PKIs are currently evolving and there is no single PKI nor even a single agreed-upon standard for setting up a PKI. However, nearly everyone agrees that reliable PKIs are necessary before electronic commerce can become widespread.

A PKI uses a public and a private key pair that is shared through a trusted authority.

1. A client contacts a server 
2. The server responds, sending its digital certificate, which authenticates the server and provides the servers public key. 
3. Client generates a unique "session key" to encrypt all communications with the server. 
4. Client encrypts the session key with the server's public key so only the server can read the session key.  
5. A secure session is now established--all communications will be encrypted and can only be decrypted by the two parties in the session. It all takes only seconds and requires no action by the user.

• • The authority is called a certificate authority or CA for short. The CA issues certificates

• • The public key infrastructure uses a digital certificate for identification

• • A public key infrastructure consists of:
  o A CA that issues and verifies the digital certificate
  o A registration authority that acts as a verifier
  o A directory where the certificates are held
  o A certificate management system

• • For security reasons, the private key should never be shared with anyone or sent across the Internet

• • A certificate contains the following:
  o A name
  o A serial number
  o Expiration dates
  o A copy of the certificate holder's public key
  o The digital signature of the certificate-issuing authority

• • Some digital certificates conform to the X.509 standard

Remember that certificates can be revoked: a Certificate Revocation List (CRL) is a way to do this with a PKI.

Each CA (Certificate Authority) periodically issues a signed data structure called a Certificate Revocation List (CRL) this is used if a private key becomes compromised before its certificate’s normal expiration. (X.509)

OCSP (Online Certificate Status Protocol) is another way that PKI can deal with certificate validity. OCSP overcomes the chief limitation of CRL: the fact that updates must be frequently dowloaded to keep the list current at the client end. When a user attempts to access a server, OCSP sends a request for certificate status information. The server sends back a response of "current", "expired," or "unknown."

A discussion of Trust Models in connection with PKIs usually describes PKIs as falling into one of four categories:

• Hierarchical

• Network/mesh

• Trust list

• Key ring

The Network/mesh trust model requires multiple parties to be present before access to the token is granted and administrative functions can be performed on PKI

Data Encryption Standard (DES) is a popular symmetric-key encryption method developed in 1975 and standardized by ANSI in 1981 as ANSI X.3.92. DES uses a 56-bit key and uses the block cipher method, which breaks text into 64-bit blocks and then encrypts them

Advanced Encryption Standard (AES) uses the Rijndael algorithm for securing sensitive but unclassified material by U.S. Government agencies, and is an example of symmetric cryptography. 

Infrastructure Security

Devices

In this section of the Cramsession, you will see what devices fall into the Security+ technician’s realm of responsibility. If you plan on taking the exam, you should already be familiar with these devices, so we will just briefly cover them.

Firewalls

• Firewalls are devices  that protect your inside network from what you consider a public / outside network. The outside network can be business partners, the Internet or anything else you want to monitor and filter traffic for

• Firewalls are multihomed devices (or have more than segment attached to them) as they generally separate networks

• A firewall can also have a third port (or more) to incorporate a Demilitarized Zone (DMZ) for public access to web servers, and other publicly accessible systems

Routers

• Routers are devices that forward packets based on Source and Destination addressing. Routers can add security to your network via ACL’s (access control lists)

• Normally, the router is the first line of defense in any network, as it sits in front of the Firewall. Thus, it needs to be monitored for exploitation

Switches

• Switches are devices that forward frames based on MAC address.

• Switches keep data from flowing to unintended hosts, thus can be used to defeat some packet sniffing attempts.

• Switches can provide security via VLANs. VLANs, or Virtual Local Area Networks, are logical configurations of physical ports into separate broadcast domains.

• What’s secure about this is that VLANs remain separate unless you ‘want’ them to communicate with each other. For example, you can separate the Human Resources department from the Users community by putting these two groups into two separate VLANs

Modems

• Modems are devices that allow user access from an out of band connection (phone line)

• Modems need your attention because they are constantly exploited via War Dialers

RAS

• Remote Access Servers are systems that allow you to connect to a server, usually via modem, to be authenticated

• If you are authenticated, then you can have remote access to local system files you are authorized to use

• Since RAS systems are publicly accessible system, you need to add them to your list of auditable systems.

Security Topologies

Network Address Translation (NAT)

• NAT is the translation of one IP address to another. NAT can translated addresses from public networks to private networks and anything in between

• NAT reduces the need for a large amount of publicly known IP addresses because you can set up a small pool of them that all your users will have

• NAT adds security at the addressing level: With NAT internal hosts are hidden from the public network.

Demilitarized Zone (DMZ)

The DMZ is the ‘no mans land’ in between your company's private network and the outside public network. The DMZ is normally an isolated segment of your entire network where you set up your publicly accessible network servers Web servers, FTP servers, and DNS servers go here.

VPN

• Virtual Private Networks are networks that are connected over a public medium, like the Internet, and use encryption for security. The encryption forms what’s called a ‘tunnel’, from one network to another

• Clients can access corporate networks this way and businesses can form Extranets to other businesses (B2B communications) over VPN technology

Extranet

An extranet is a private network that uses VPN technology to connect to your other business suppliers, vendors, partners, customers, etc.

Network Monitoring/Diagnostic

Network Monitoring, and the tools to do the monitoring, also fall in the Security+ Technicians realm.

Workstations and Servers

You need to make sure you always pay attention to workstation and server based vulnerabilities in your security assessment.

Mobile Devices

Mobile devices that operate via wireless or infrared should be on the list for security monitoring as well. Most infrastructures today are littered with mobile and handheld devices, not to mention laptops.

The problem with these devices is that if you lose one of them, and it’s not secured, then the information it holds can be compromised.

Security Baselines

Add text here

Disable Unnecessary Services

When a computer offers a service on the network, the service acts as a door through which attackers can attempt to enter. You should be aware of all services that are running on servers and client computers alike. When an unnecessary service is running on a computer, disable it. Reducing the possible entry points on each system makes attacking that system harder. Each additional service increases the risk of compromising the host, the services that run on the host, and potential clients of these services.

Updates (Hotfixes, Service Packs, Patches)

With the complexity of modern operating systems and software, it is common for security "holes" to exist. A security hole is a vulnerability in a system or service that an attacker can exploit to gain entry or deny access to your system. When these holes are identified by software vendors, a solution to the problem is made in the form of a HotFix (Patch) or Service Pack.

• A Hot Fix - a quick solution released by the vendor, often a replacement of system files, or change in configuration. Usually released to address a specific problem, and small in size

• A Service Pack - a collection of hot fixes or patches installed at one time and which is usually quite large in size, and released periodically by the vendor.

Intrusion Detection Systems (IDS)

Intrusion Detection Systems are used to manage security by gathering and analyzing data as well as to identify possible security breaches

Breaches include both types of intrusions:

• Attacks from outside your organization

• Misuse and attacks from within your organization

Intrusion Detection can:

• Look for known patterns (signatures) to identify attacks.

• Alert administrators to an intrusion attempt.

• Disconnect the attacker from resources.

• Even shut down servers that may have been compromised.

Intrusion detection functions include:

• Monitoring and analyzing both user and system activities

• Analyzing system configurations and vulnerabilities

• Assessing system and file integrity

• Ability to recognize patterns of typical attacks

• Analysis of abnormal activity patterns

• Tracking user policy violations

Honey Pots

A honey pot is a system that can be set up anywhere (but usually on the Internet) and is left open in order to attract attackers. It is used as a trap and thus is normally audited, watched, and analyzed very carefully in hopes to nail an attacker before he hacks a production system.

Wireless

Wireless LAN (WLAN)

A wireless LAN is one in which a user can connect to a network through a wireless connection. IEEE 802.11 specifies the technologies for wireless LANs and this standard includes an encryption method: WEP.

Wired Equivalent Privacy (WEP)

WEP is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard: 802.11b. WEP uses encryption to protect the vulnerable link between clients and access points. Only clients with the WEP key can authenticate to the wireless access point.

In context of wireless networks, WEP (Wired Equivalent Privacy) was designed to Provide the same level of security as a wired LAN (Local Area Network).

Wireless Application Protocol (WAP)

WAP is a specification for a set of communication protocols to standardize the way that wireless devices communicate.

The WAP layers are:

• Wireless Application Environment (WAE)

• Wireless Session Layer (WSL)

• Wireless Transport Layer Security (WTLS)

• Wireless Transport Layer (WTP)

Wireless Transport Layer Security (WTLS)

Wireless Transport Layer Security (WTLS) is the security level for WAP applications. It is based on TLS and was developed to address the specific security vulnerabilities of mobile devices.

802.11x

802.11 is a family of specifications for wireless local area networks (WLANs) and was developed by the IEEE.

There are currently four specifications in the family: 802.11, 802.11a, 802.11b, 802.11g

Site Surveys

A site survey is required for proper implementation of a wireless network. No one can tell exactly how wireless equipment will operate in every circumstance without a survey.