<
 
 
 
 
×
>
hide
You are viewing a Web site, archived on 01:59:59 Oct 15, 2004. It is now a Federal record managed by the National Archives and Records Administration.
External links, forms, and search boxes may not function within this collection.
Information Assurance Support Environment IASE Logo
| |  
""
   
Wireless Security Frequently Asked Questions (FAQs) :
Click on a question below to get the answer.
For additional information, please visit the IASE Solutions Database
Back to the Top
1. What is a Wireless LAN?

Wireless LANs allow authorized users access to the network with out having a physical connection to the network. WLANs transmit information across the air using RF. An Access Point (AP) is a device that is connected to the network and communicates with devices with network adaptors. WLANs offer mobility but they also introduce security issues that need to be addressed.

Back to the Top
2. What other ways might a Wireless LAN be referred to?

IEEE 802. 11 WLAN
WiFi
802.11b

Back to the Top
3. How can wireless technology be used to serve as a wireless bridge?

IEEE 802.11 WLAN systems can use bridging to provide a communication link between two or more networks together to allow the exchange of network traffic. Connection can occur by directly connecting the LAN’s to each other via the APs or using one subnet to connect to several other subnets on another LAN via the subnet APs.

Back to the Top
4. How can I use my Blackberry?

Blackberries should only be used to transmit appropriate unclassified data in an unclassified environment according to a contract agreement and user training.

Back to the Top
5. Do I need a waiver to use a Blackberry?

In order to use a Blackberry you must obtain a waiver registered on the Connection Approval Process website http://cap.nipr.mil.

Back to the Top
6. What are handheld devices?

Tablet PCs, PDAs, text messaging devices, 2-way pagers.

Back to the Top
7. What are the threats in using handheld devices?

Wireless handheld devices range from text-messaging devices to Internet-enabled PDAs and tablet PCs and phones. These devices introduce a number of security risks. The risks range from lost or stolen devices to downloading of malicious programs to the use of communication ports for transmitting data with limited authentication of the devices with which data is exchanged.

Back to the Top
8. What are risk mitigation tools?

Risk mitigation tools are hardware and software applications that are implemented to prevent attacks that may compromise a network. Examples of these tools are: Virus protection, Training, Personnel Identification, VPNs, PKI, and Biometrics. It is important to incorporate risk mitigation tools with WLANs because they can be more susceptible to attacks.

Back to the Top
9. What types of threats can occur to my network via wireless connections?

Threats can occur form the outside and friendly sources. Wireless solutions allow attackers a way to the DoD network without having physical access. In order to prevent denial of service attacks, preventive (management, operational, and technical) measures need to be implemented to protect the network.

Back to the Top
10. What are IR and RF ports?

Most handheld devices have the capability to communicate via Infrared (IR) ports that allow the device to directly interface with another handheld device to exchange data from a remote device.

Back to the Top
11. How can IR and RF ports affect my network?

The handheld device can transmit applications and potentially malicious code. The transmitted data is unencrypted and any user that is close and has their device pointed in the right direction can intercept and read the data.

Back to the Top
12. What is a dial-up connection?

A dial-up connection is a common method of remote access. This is allows a user to get access to a computer or a network over telephone lines.

Back to the Top
13. Why would a dial-up connection present a risk for my network?

Wireless devices have the ability to connect directly to the corporate facility or through a Wireless Internet Service Provider (WISP). Dial-up capability introduces risks if the networked PC is not password protected it is left vulnerable to any one with physical access. The WISP is an untrusted network therefore to establish a remote connection would require additional security.

Back to the Top
14. What is an Ethernet connection?

Ethernet is a networking technology standard used in wired networks that allows communication with other devices connected to the network.

Back to the Top
15. What is encryption?

Encryption is a means of protecting transmitted data to prevent anyone but the intended recipient from reading that data. A mathematical algorithm is performed with the data to convert it to a sequence that appears to be random (pseudo random) and can only be recognized and decoded by the receiver. In WLANs encryption plays a large role in the security of a network. The encryption methods are very important so to prevent attacks and provide a safe transmission of the information across the air. There are several methods of encryption; some have already been compromised.

Back to the Top
16. What are the types of encryption that I can use?

All encryption methods must be FIPS 140-2 compliant. Wired Equivalent Privacy (WEP) is a protocol that uses the RC4 algorithm to encrypt data and is unacceptable because it has already been compromised. 3DES is an encryption method that produces an unbreakable encrypted datastream. Advanced Encryption Standard (AES), a replacement for 3DES, uses symmetric block cipher to encrypt and decrypt data and supports key sizes of 128, 192,and 256 bits. 802.1x is a solution that uses Extensible Authentication Protocol (EAP) and authenticates users via a third party authentication server.

Back to the Top
17. What is FIPS 140-2?

FIPS 140-2 stands for Federal Information Processing Standard. FIPS Publication 140-2 establishes security requirements for cryptographic modules that are used for the processing of sensitive material. This is recognized by all government agencies that wish to procure equipment that contains validated cryptographic modules.

Back to the Top
18. What is a firewall?

A firewall is a device that serves as a barrier between networks controlling data traffic. Firewalls are most commonly placed between the organization’s network and the Internet. They can also be used internally between the corporate financial information and the rest of the company. Firewalls are additional security mechanisms that should be included in all networks, both wired and wireless, and personal devices. With the increased risks that are associated with wireless networks, it is important to include firewalls if possible.
Back to the Top
19. What is an Intrusion Detection System (IDS)?

Intrusion Detection Systems (IDS) is a system that monitors a network to discover if someone is attempting to break into or misuse your system. This is another tool that should be incorporated into a wired and wireless network. However, because there are several attacks that can be presented to a network an IDS is important.

Back to the Top
20. Do I need to have a firewall and an intrusion detection system?

Yes. Wireless devices are equipped with Network Interface Cards that allow for communication between the device and the wired network (via the AP). It is critical that the wireless station be secured particularly when it is connected to the wired network. Firewalls and intrusion detection systems can be used to help protect proprietary information. According to DISA’s Wireless STIG, “The IAO will ensure that a personal firewall and intrusion detection system will be implemented on each 802.11-enabled wireless device, if available.”

Back to the Top
21. Why do I need to evaluate or audit my wireless network periodically?

Security audits/assessments are tools that check the security posture of the WLAN to ensure that the system says secure. Because attacks are continually changing a test schedule should be implemented that includes testing for rogue APs. Rogue APs can be introduced internally by those who install, intentionally or unintentionally, an AP that isn’t configured according to security requirements.

Back to the Top

 
Home Search
Webmaster:IA-web@ncr.disa.mil
Page Revised 05-May-04