Security vulnerabilities of vc

Assignment Help Computer Network Security
Reference no: EM133318

QUESTION 1

Think about a number of wireless devices (nodes) which are connected to the Internet via a single access point (AP).

2240_WIRELESS NETWORK SECURITY.png

 

a. Provide three reasons why security is more of a concern in this type of wireless network?

(b) Catalogue the three main goals of information security.

(c) Elucidate how CSMA/CA is used with Wireless LANs.

(d) Give details for the differences between war driving and war flying.

(e) Which two forms have favoured adoption of 802.11g over 802.11a?

(f) Portray the diverse steps adopted by an attacker during wireless hacking process.

QUESTION 2

The 802.11 security architecture and protocolis k/n as Wired Equivalent Privacy (WEP) and it is accountable for providing authentication, confidentiality and data integrity in 802.11 networks.

(a) Briefly, describe the differences the flanked by Open System Authentication and Shared Key Authentication, as used in WEP. Which one is more secure?

(b) The absence of any key establishment protocol in WEP led to multiple problems. File any three problems.

(c) Describe the purpose of using beacons while connecting to wireless LANs.

(d) What are the two WEP key lengths?

(e) Elucidate what is meant by the term Initialisation Vector (IV).

(f) WEP has been known to have various security vulnerabilities, leading to its failure.

i. Illustrate any three vulnerabilities of using WEP.

ii. Briefly explicate how FMS attack can be performed and give any one common tool used by attackers.

iii. Though, even today WEP encryption is still used in some networks. Explain how to best make use of WEP in such networks.

QUESTION 3

(a) Provide one reason why WPA2 encryption is preferred over WEP?

(b) By using an appropriate drawing, describe how the 802.1x authentication model is mapped to Wi-Fi.

(c) What do the subsequent acronyms stand for?

i. RADIUS

ii. EAPOL

(d) Give two prominent features of using AES in counter mode for WPA2.

(e) One of the main causes in using EAP is the ability to leverage multiple types of authentication mechanisms. Point out any two such authentication mechanisms.

(f) Regard (notice) the following a list of loopholes found in WEP. Explain how WPA fix each of these loopholes:

i. No protection against replay attacks.

ii. No support for a station to validate a network.

iii. Revealing the master key to attacks like FMS (due to generation of per-packet key)

QUESTION 4

Radio Frequency Identification (RFID) is about devices and technology that use radio signals to swap over the identifying data.

(a) Present two typical uses of RFID systems.

(b) Describe the difference between active and passive tags.

(c) Describe how complacency can cause serious security problems to businesses adopting RFID technology.

(d) Portray two common techniques that fraudsters can adopt in order to temporarily disable RFID tags.

(e) Briefly depict any two types of radio frequency manipulation attacks.

(f) Briefly put in plain words on the following attacks to RFID systems:

i. Relay attack

ii. Side channel attack

(f) Unauthorized tag reading has often been a security challenge for RFID systems. illustrate two mechanisms that can be adopted to enforce confidentiality during transmission of RFID components.

QUESTION 5

(a) Regard (notice) the branch of a Wireless Mesh Network (WMN) where a mobile station MS is within the transmission range of TAP3 and relies on it to get Internet connectivity.

i. Describe the function of a TAP.

ii. Give two benefits of adopting WMNs.

iii. Why is the security of multi-hop routing vital in WMNs

iv. Explain any one technique that an adversary can use to attack the routing mechanism in this scenario.

v. Give two causes why WMNs are not ready for wide-scale deployment.

(b) Vehicular Communications (VC), which is still a research area, is expected to play a central role in the effort to create safer and more efficient driving states after a few decades.

i. Briefly, explain three security vulnerabilities of VC.

ii. Why is privacy an issue in vehicular networks, considering that today's vehicles have license plates?

iii. Network volatility is one of the most significant operational challenges to vehicular communications, thus making security a hard problem. Argue.

(c) Briefly elucidate how the denial of services attacks is performed on mobile nodes by attackers. Also, describe how Mobile IP prevents such denial of service attacks.

QUESTION 6

An overall rise in mobility, coupled with the falling cost of Wi-Fi tools (rigging), has led to a proliferation of Wi-Fi hot spots in public areas, such as coffee shops and airports, to provide Internet accessibility. Though, this proliferation has also engendered growing security concerns.

(a) By the use of a drawing, describe the typical architecture for Wi-Fi hotspots.

(b) List three security vulnerabilities of the controller in Wi-Fi hotspots.

(c) In terms of Wi-Fi hotspot security, explain what a service theft attack is.

(d) Discriminate between active session hijacking and passive session hijacking.

(e) Converse on the defensive security mechanisms that can be employed in order to better secure public Wi-Fi hotspots.

Reference no: EM133318

Questions Cloud

Discretionary and mandatory access control : Logic bombs, War dialing, Ping of death attack, steganography, RSA scheme, digital signature, A chain of certificates, A certificate revocation list, A trust anchor, asymmetric algorithm used by PGP, IPSec mode, IP virtual Private Networks
Network security : SLE, ARO, and ALE, behavioural biometric technology, Enterprise Information Security Policy, Issue Specific Security Policy, System Specific Security Policy, firewalls protect network, creating a DMZ during firewall implementation, use of SSL to se..
Digital forensic investigation : computer security incident, Trojan Defence, anti-forensics technique, chain of custody, FAT file system, SQLOracleHacks.txt, SQLOracleAttacks.txt, SQLInjection.html
Computer security incident : Locard's Exchange Principle, electronic crime scene, modules or DLLs a process, router forensics, Configuration and user, Local logs process and memory, Network Information, File system, Portray the NTP vulnerability of some Cisco IOS routers
Security vulnerabilities of vc : single access point (AP), wireless network, CSMA/CA, goals of information security, Wireless LANs, wireless hacking process, Wired Equivalent Privacy (WEP), Open System Authentication and Shared Key Authentication, Initialisation Vector (IV), RADIU..
Owasp top 10 web application security risks : Reflected XSS and Stored XSS attack, threat Modeling methodologies, Extended Stack Pointer (ESP) and the Extended Base Pointer (EBP), Canary-based defense to buffer overflow attacks in C language, admin.aspx, Index hijacking, cross-site request fo..
Cryptosystem : Block cipher, Primitive root, Confusion, Diffusion, Digital signature, Conventional Symmetric-Key Encryption
Cyber weapon : Single Sign On (SSO), Single Sign On (SSO), netstat -an, arp -a, ipconfig /displaydns, MS Config. Means, MS Config. Means, network reconnaissance

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd