Pass your certification exam. Faster. Guaranteed.

Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.

BASIC

Comprehensive practice exam engine!

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement

PRO

All features in the FREE plan, plus:

  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee
  • And much more

WLAN Authentication Transcription

Welcome to our Authentication to WLAN Module. There are several methods that can be used to authenticate wireless local area network users. On public networks, we typically see open authentication. Devices that attempt to connect to an open network are assumed to be authorized by default. You click on the name of the network that you want to connect to, and you're connected.

DHCP, or dynamic host configuration protocol, will automatically assign an IP address and configure the client so that it can access network resources. And the Internet if configured correctly. Networks can also use encryption, such as WEP, WPA, or WPA2 to authenticate users and encrypt the traffic that is being transmitted, and this is common in small offices and home offices.

This type of authentication requires that the wireless device use a secret pre-shared key, or PSK, before they are connected to the network and before they receive the configuration information from the DHCP server. 802.11 WiFi supports three different types of authentication. Open systems have no controls in place. You simply click on the network and you're granted access.

Pre-shared key authentication is used with WEP or WPA, WPA2, PSK, which stands for pre-shared key. With these type of systems the user enters a pass phrase and they are connected to the system. All of the users share the same pass phrase. The third option is enterprise authentication using either RADIUS or TACACS+ servers.

This method requires each individual user to enter a username and password, and provides accountability so that you know who had access to the system and when. Preshared key authentication or PSK has several vulnerabilities. The preshared keys are generally static are not usually changed or updated. So once an individual knows your preshared key there is a good chance they'll be able to use it for a long period of time.

Keys are cached on the client's machine for convenience so they do not have to enter the key every time they want to connect to the internet. If someone has access to one of your employee's machines they may be able to determine the key for your network. Key management is very difficult with pre shared key authentication.

It is not scalable, and when you must support a large number of wireless devices in a domain, you will have to figure out how you will get the new password out to all of your users if you decide to change it. Also, because you're using the same credentials for all your users, there is no accountability or way to prove which user was responsible for any criminal, or malicious activity.

There are free utilities that allow people to crack WEP keys very easily, so WEP should never be used because it is not secure. You can also use WPA or WPA2 for pre shared key authentication. Unfortunately, most devices do not have a lockout for unsuccessful attempts to authenticate, so attackers can use either a dictionary attack, where they try every possible word in a dictionary or a generated list.

Or they can try a brute force attack, where they try every possible combination of keys until they discover the pre-shared key. Once they discover the pre-shared key, they are now able to access your network and the Internet. And since the pre-shared key is not changed very frequently, they could have access for a long period of time.

Stealing wireless access or leaching is still an issue with WPA or WPA2 because Individuals may attempt to steal your resources without permission to connect. You also have to be concerned with rogue access points. An individual in your company brings in their own wireless access point and plugs it in without your knowledge And now creates additional vulnerabilities.

And evil twin attacks are also a problem where an attacker creates a new wireless access point with a name that appears to be friendly, such as your company name, and they basically trick individuals in your organization into connecting to their wireless access point. And they can read all of the traffic to and from your employees, that connected to that evil twin wireless access point.

IEEE802.1X allow enterprise authentication where, Where each user uses an individual username and password. You can authenticate the individual users using Microsoft Chap, and these individuals will login to the router using their username and a password Hash so the router is not actually storing the user's password. These systems typically have triple A servers, which provide authentication, authorization, and accounting for your remote users, using either Radius, or Tack X Plus for authentication.

EAP, or extensible authentication protocol, Is used to provide multi factor authentication that is needed for your enterprise environment. With, PEAP, or Protected Extensible Authentication Protocol, you can use digital certificates for mutual authentication between the server and the client. These technologies also support the use of smart cards, biometric identification, and tokens.

For the CISSP examination, you should remember that the IEEE802.1X standard, allows for enterprise authentication on wireless networks. So that you can have accountability for which individual users connected to your network. It also solves the problem of pre-shared keys and key management where you have to distribute that key to all of your employees in order to allow them to connect to the network.

WPA and WPA2 Enterprise support the IEEE 802.1x standard. This supports scalable authentication where you can centrally manage and control the individuals that access your network. Users can be authenticated by Microsoft chat version 2, by providing their username and password. And radius or both do authentication authorization and accounting So access and usage can be tracked on a per- user basis. Your wireless access points can be centrally controlled and monitored, and it does support port- based authentication of your clients. You can also roam through Throughout a large building or facility, using ESSID, or extended service set identifier. This prevents your employees from having to consistently log on, as they move from different buildings throughout the campus.

The technology supports wireless V-Lands, or virtual local area networks. So, you can segregate clients based on their need to access different resources. And these devices also support rogue access point discovery, so you can determine if an individual plugs in an unauthorized access point on your network. When a laptop or other wireless device connects to the wireless access point, the wireless access point is not responsible for doing any authentication or encryption.

The wireless access point simply forwards the traffic to the radius server. Which is responsible for authenticating the user. Once the user successfully authenticates, they are then connected to the corporate network, where they have access to corporate resources and the Internet. This concludes are authentication to WLAN module. Thank you for watching.

Included in all plans.

1000's of practice test questions

Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.

Exam Readiness Score

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Smart Reinforcement

Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.

THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!

PRO Membership Benefits.

Personalized Learning Plan

Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.

Exam Pass Guarantee

Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.

Eliminate Wasted Study Time

Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.

Coming Soon - Simulated Exam

More PRO benefits are being built all the time!

Membership Options and Pricing.



BASIC Not ready for serious certification attempt and just want to sample it?

FREE

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement

1 Month PRO Only joining us for the final push?
This is for you!

99/month

  • Thousands of practice test questions
  • Fully-featured exam engine
  • Continuous knowledge measurement and feedback
  • Reinforcement questions
  • Detailed exam question explanations
  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee

3 Months PRO MOST POPULAR
Successful students spend 3 months preparing.

79/month USD 237 for 3 months

  • Thousands of practice test questions
  • Fully-featured exam engine
  • Continuous knowledge measurement and feedback
  • Reinforcement questions
  • Detailed exam question explanations
  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee

1 Year PRO Learn and study for your certification at your own pace.

59/month USD 708 per year

  • Thousands of practice test questions
  • Fully-featured exam engine
  • Continuous knowledge measurement and feedback
  • Reinforcement questions
  • Detailed exam question explanations
  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee

Train Your Team.

Subscriptions available for teams of 5 or greater.