Certification - May 2008 - (Page 37) may be exposed. There also is a link into the network here that could be exploited. • Wi-Phishing: An attacker covertly sets up an access point to get wireless-enabled laptops to associate with it as a prelude to an attack. These access points often are a source of malware. • Rogue access points: Access points illicitly set up permission. Rogue access points will enable wireless transmission intercepts and can be used to bypass security controls. • Data loss: Sensitive unencrypted data or data encrypted with poor cryptography is transmitted between two wireless devices and may be intercepted and disclosed. • Insertion attacks: Unauthorized devices are deployed, or new wireless networks are created. • Evil twin traffic interception: An attacker fools legitimate wireless clients into connecting to the attacker’s network by placing an unauthorized access point with a stronger signal in close proximity to the wireless client. Users then attempt to log in to the substitute servers and unknowingly give away passwords and similar sensitive data. improved over WEP. WPA is stronger and the better choice. Some older routers use only WEP, which is insecure and can be broken in minutes. It is debatable if WEP is better than no encryption. • Change router identifier: The default identifier for your access point likely is easy to guess. You should change the default, as hackers know the default identifiers and can use them to try to access your network. Change your identifier to something only you know, and remember to configure the same unique identifier into your wireless router and your computer so they can communicate. • Change default administrative password: Change the wireless router’s default password before you connect it to the Internet. • Disable remote management: Unless you have a specific need to leave it on, turn off remote management. If you leave it enabled, anyone can get into the route and at that point it is owned. • Change default Server Set ID (SSID): The SSID sends out a signal to any listening wireless device in the vicinity, announcing its presence. You don’t Wireless Security To-Do List While out-of-the-box wireless is insecure, it doesn’t have to be that way. With a little effort, you can easily obviate most of the main wireless security risks. By implementing the following items, you can quickly secure your wireless network: • Utilize strong encryption: The most effective way to secure your wireless network is via strong encryption. Most wireless access points have built-in encryption functionality. Unfortunately, many manufacturers leave encryption disabled as a default setting. The two main wireless encryption types available are Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP). Your computer, router and other equipment must use the same encryption. WPA protocol itself is much Scientists have determined that we only use 10% of our brains. Make the most of it. There’s only one way to prepare for your next certification exam and that’s with Self Test. It’s the only tool you’ll need to improve your IT IQ. Self Test Software helps you figure out what you know and gives you the answers to what you don’t. Hey, you’re already smart. We help you be smarter. w w w. s e l f t e s t s o f t w a re . c o m · 1 - 8 0 0 - 2 4 4 - 7 3 3 0 © 2006 Kaplan IT, Inc. All rights reserved. SELF TEST SOFTWARE® Kaplan IT, Inc. All rights reserved. be smarter http://www.selftestsoftware.com http://www.selftestsoftware.com
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.