98%(42)41 out of 42 people found this document helpful
This preview shows page 12 - 15 out of 19 pages.
both encryption and decryption (UMUC. 2019). WPA Enterprise mode uses 802.1x authentication with Extensible Authentication Protocol (EAP). It is more complicated to set up but it provides the security required for a wireless network within a business. Users are provided login credentials which are required in order to connect to the network, which can be revoked by an administrator at any time. The user never has access to the encryption keys (Geier, 2010).
PROJECT 2 INCIDENT RESPONSE 13WPA transitioned to WPA2 in 2004 when the 802.11i wireless security standard was finalized (Krazit, 2004). WPA2 uses an Advanced Encryption Standard (AES) and Cipher Block Chain Message Authentication Code Protocol (CCMP) instead of the RC4 and TKIP. It is also Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS PUB 140-2) compliant.FIPS PUB 140-2 is the standard used to approve cryptographic modules for the government. WPA2 is the most secure and it has the least amount of vulnerabilities. Our company has now switched to utilizing WPA2 for the added security reliability as well for the additional data protection provided by CCMP. Since the release of our BYOD policy there has been numerous discussions about the possibility of incorporating Bluetooth devices into the whitelist of approved devices. Even though the addition of Bluetooth devices would be convenient, the risk of additional vulnerabilities doesn’t outweigh the convenience of use. When a device is set to discoverable mode, which is required in order to link to the Bluetooth device, there is an increased probability of an unauthorized user gaining access to sensitive data. In order to mitigate this unnecessary risk, our company disabled all Bluetooth sharing capabilities while connected to the company network. V. Remote Configuration ManagementThrough the use of remote configuration management our company administrators have the capability to remotely access any device that is connected to the company network, through the use of a Remote Management Server (RMS). This management software provides administrators the ability remotely access any device that is connected to the company network without physically having the device. The BYOD policy requires any device that is connected to the network to meet specific requirements before being granted access. Through these
PROJECT 2 INCIDENT RESPONSE 14authentication methods the risk of a rouge device gaining access is reduced. If the RMS is unableto establish communication with any device or if a questionable device continues to send out invalid credentials, the device is flagged and the activity is logged.The RMS demonstrated its significance during the previously mentioned security incidentregarding an undocumented device which gained access to the company network. Removing and disabling the unknown device before any damage or loss of data within the network occurred was a priority task. Through the use of configuration management, IT administrators were able to