5.1 Given a scenario, implement appropriate wireless security measures.
- Encryption protocols:
Wired Equivalent Privacy (WEP) encryption is an outdated technology that was used to protect wireless networks. WEP is based on encrypting data transmitted between two wireless devices. It has become a somewhat insecure technology and should only be used in cases where it is the only technology supported.
Wi-Fi Protected Access (WPA) is an improved standard of encryption for wireless protection, which eliminates some of the weaknesses associated with WEP and was designed to be the replacement for WEP. Most WEP devices can be upgraded to WPA. It is available in two versions, WPA-Enterprise for large networks, and WPA-Personal for small business and home networks. WPA typically uses the TKIP encryption protocol with a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet.
WPA2 is an updated version of WPA. Like WPA, WPA2 is available in both Enterprise and Personal versions. WPA2 uses an Advanced Encryption Standard (AES) rather than the TKIP protocol used by WPA and when supported, is recommended as a stronger, more secure form of wireless protection.
- WPA Enterprise
- MAC address filtering
A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces by the manufacturer of the device and is typically stored in the devices read-only memory or other firmware.
MAC address filtering, or link-layer filtering, is a feature that allows or denies network access by computers and devices based on their MAC address.
- Device placement
- Signal strength