Đang chuẩn bị liên kết để tải về tài liệu:
CompTIA Network+ Certification Study Guide part 25

Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ

CompTIA’s Network+ certification Study Guide part 25 is a globally-recognized, vendor neutral exam that has helped over 235,000 IT professionals reach further and higher in their careers. The 2009 Network+ exam (N10-004) is a major update with more focus on security and wireless aspects of networking. Our new study guide has been updated accordingly with focus on network, systems, and WAN security and complete coverage of today’s wireless networking standards. | 226 CHAPTER 5 Wireless Networking incorporates a checksum in each frame. Any frame not found to be valid through the checksum is discarded. Used on its own WEP does not provide adequate WLAN security. WEP must be implemented on every client as well as every AP to be effective. WEP keys are user definable and unlimited. They do not have to be predefined and can and should be changed often. Despite its drawbacks you should implement the strongest version of WEP available and keep abreast of the latest upgrades to the standards. The IEEE 802.1x specification uses the Extensible Authentication Protocol EAP to provide for client authentication. Common Exploits of Wireless Networks Examining the common threats to both wired and wireless networks provides a solid understanding in the basics of security principles and allows the network administrator to fully assess the risks associated with using wireless and other technologies. Threats can come from simple design issues where multiple devices utilize the same setup or intentional denial of service attacks which can result in the corruption or loss of data. Malicious users aren t the source of all threats. Problems can also be caused by a conflict of similar resources such as with 802.11b networks and cordless telephones. With wireless networks going beyond the border of the office or home chances are greater that users actions might be monitored by a third party. Electronic eavesdropping or sniffing is passive and undetectable to intrusion detection devices. Tools that can be used to sniff networks are available for Windows such as Ethereal and AiroPeek and UNIX such as TCPDump and ngrep . Sniffing traffic allows attackers to identify additional resources that can be compromised. Exam Objectives Fast Track 227 Even encrypted networks have been shown to disclose vital information in cleartext such as the network name that can be received by attackers sniffing the WLAN. Any authentication information that is broadcast can

TÀI LIỆU LIÊN QUAN