100%(14)14 out of 14 people found this document helpful
This preview shows page 8 - 10 out of 16 pages.
backward compatibility to WEP, by doing simple firmware updates to WEP based devices (Wong, 2003).We are currently monitoring traffic using Wi-Fi Protected Access 2 (WPA2) which was designated by the IEEE in 2004 as 802.11i. Although it still has vulnerabilities it is known to be the most secure standard currently available. WPA2 replaces RC4 and TKIP with stronger versions of encryption and authentication, Advanced Encryption Standard (AES) and Cipher Block Chain Message Authentication Code Protocol (CCMP)(Scarpati, 2017). AES is formed from three symmetric block ciphers that encrypt and decrypt 128-bit data blocks. CCMP protectsdata by allowing only authenticated user to access it. WPA2 made traveling from one access point to another seamless without having to re-authenticate the user (Wong, 2003). While WPA2 using the PSK can be FIPS 140-2 compliant, a standard that specifies the security requirements for protecting sensitive information. There are two conditions to ensure it remains in compliance;the client must support WPA2-Enterprise 802.1x authentication and key derivation must rely on FIPS approved algorithms to function in these modes, and incorporate AES-CCMP encryption and decryption protocols that are FIPS validated. Comparative Analysis of ProtocolsThere are three alternative protocols that could potentially be used, and thus should be examined before being ruled for or against their use on our network: Bluetooth, ZigBee, and the Worldwide interoperability for Microwave Access (WiMAX) protocols. Each with various pros, and cons, and will be examined further below.The Bluetooth protocol sends data over short distances. It is commonly used in a personalarea network (PAN). It uses ultra-high frequency radio waves for data transfer and is primarily
CYBERSECURITY INCIDENT REPORT9used in smaller devices (Ray, 2017). Though it may be a useful tool for headphones or Fitbit connectivity to your cell phone it may leave additional vulnerabilities. Information loss can occurwhen allowing a cell phone, tablet, or laptop, is left in discoverable mode. It increases the risk of unauthorized people accessing sensitive information. Making sure to take the phone out of this mode and turn Bluetooth sharing off will shut down this known vulnerability.The ZigBee protocol offers 128-bit AES encryption, and is typically used in mesh networks, and can perform in an infrastructure mode or as an ad hoc network, and has multiple pathways for data transfer (Ray, 2017). ZigBee network has great power management capabilities, intended for devices where batteries are not intended to be replaced for a long periodof time, and for the quick linking time (Hines, 2016). However, the low powered signals it uses for communication limit the bandwidth much more than Wi-Fi (Hines, 2016). The WiMAX protocol is a wide ranged protocol, which was previously used by some cellphone carriers. WiMAX provides many user applications and interfaces like Ethernet, TDM, ATM, IP, and VLAN. WiMAX technology was designed to compete with remote locations that presently employs satellite for internet connectivity. WiMAX technology can operate on both licensed and non-licensed frequencies (FreeWimaxInfo). Disadvantages of WiMAX includes