Join Lisa Bock for an in-depth discussion in this video Understanding PSK authentication, part of IT Security Foundations: Core Concepts.
- Wireless security settings offer choices to authenticate. Wired Equivalency Privacy was the first encryption protocol designed for wireless communications. The idea is that it would be as secure as a wired connection. However, it is insecure as it is easily attacked. It is still offered as an option because of legacy hardware that cannot use the more modern WPA. WEP open provides no shared authentication, and should only be used as a last resort.
WEP Key uses a shared secret key to ensure authentication by issuing a challenge response between the client and access point for verification. When using a pre-shared key, all entities involved share the same key, which can be a password, a pass phrase, or a hexadecimal string to secure the traffic between entities. With WEP Key, the access point sends challenge text to the client. The client then sends encrypted challenge text to the access point.
Authentication is successful if the access point decrypts the same challenge text. WPA is Wi-Fi Protected Access, a wireless standard designed to improve upon the security features of WEP by using Temporal Key Integrity Protocol, or TKIP, which hashes the key and uses integrity checking to ensure the keys haven't been modified. WPA2 is more secure. It is based on the IEEE 802.11i standard that requires AES, a more secure encryption algorithm, and 802.11 1x, which is port-based authentication.
Although WPA2 is the standard of choice, not all hardware supports using AES. WPA can be used in one of two modes, WPA Enterprise, which needs a RADIUS server for an Enterprise network, and WPA Personal, which is WPA-Pre-Shared Key for residential and small businesses.
Note: This course maps to a number of the exam topics on the Microsoft Technology Associate (MTA) Security Fundamentals 98-367 certification exam and is recommended test prep viewing.
- Evaluating risks, threats, and vulnerabilities
- Minimizing the attack surface
- Avoiding worms and viruses
- Protecting your system from spyware
- Making web browsers more secure
- Securing wireless transmissions
- Encrypting files, folders, and drives
- Using virtual private networks