2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet253/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   249   250   251   252   253   254   255   256   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

265
WiFi Protected Access
WiFi Protected Access (WPA) improves on WEP encryption by 
implementing the Temporal Key Integrity Protocol (TKIP), eliminating the cryptographic 
weaknesses that undermined WEP. A further improvement to the technique, dubbed 
WPA2, adds AES cryptography. WPA2 provides secure algorithms appropriate for use on 
modern wireless networks. 
Remember that WPA does not provide an end-to-end security solution. It 
encrypts traffic only between a mobile computer and the nearest wireless 
access point. Once the traffic hits the wired network, it’s in the clear again.
Another commonly used security standard, IEEE 802.1x, provides a fl exible framework 
for authentication and key management in wired and wireless networks. To use 802.1x, 
the client runs a piece of software known as the
supplicant
. The supplicant communicates 
with the authentication server. After successful authentication, the network switch or wire-
less access point allows the client to access the network. WPA was designed to interact with 
802.1x authentication servers.
Cryptographic Attacks 
As with any security mechanism, malicious individuals have found a number of attacks to 
defeat cryptosystems. It’s important that you understand the threats posed by various cryp-
tographic attacks to minimize the risks posed to your systems: 
Analytic Attack
This is an algebraic manipulation that attempts to reduce the complexity 
of the algorithm. Analytic attacks focus on the logic of the algorithm itself. 
Implementation Attack
This is a type of attack that exploits weaknesses in the implemen-
tation of a cryptography system. It focuses on exploiting the software code, not just errors 
and fl aws but the methodology employed to program the encryption system. 
Statistical Attack
A statistical attack exploits statistical weaknesses in a cryptosystem, 
such as fl oating-point errors and inability to produce truly random numbers. Statistical 
attacks attempt to fi nd a vulnerability in the hardware or operating system hosting the 
cryptography application. 

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   249   250   251   252   253   254   255   256   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish