CCNA Certification All-In-One For Dummies

by Silviu Angelescu
John Wiley & Sons (US). (c) 2010. Copying Prohibited.

Reprinted for Cicero Botelho, CSC

cbotelho@csc.com
Reprinted with permission as a subscription benefit of Skillport,
http://skillport.books24x7.com/

All rights reserved. Reproduction and/or distribution in whole or in part in electronic,paper or

other forms without written permission is prohibited.

CCNACertificationAllInOneForDummies

Chapter 8: Introducing Wireless Networks

Exam Objectives
Describing the purpose and functions of wireless networks
Describing the standards associated with wireless media
Identifying and describing the purpose of the components in wireless networks
Comparing and contrasting wireless security features and capabilities
Wireless networks are short- or medium-range networks that connect host devices using airwaves (radio) instead of
cables. Wireless connections exist in a large variety of applications both for LAN and WAN connections.
Wireless LAN (WLAN)
Probably the most familiar and common wireless networking standard is the IEEE 802.11 wireless fidelity standard for LAN
wireless connection. The IEEE 802.11 standard, also known as Wi-Fi, defines a blueprint and implementation specification
to implement short-range, high-speed wireless connections. The CCNA exam focuses on LAN wireless connections, so it's
important to understand wireless LANs.
Wireless WAN
In terms of WAN applications, wireless connections are used for moderate ranges of up to 20 miles. Several technologies
exist, some of which can concentrate the airwave signals into a directional beam, thereby increasing range. Microwave
transmission is a form of wireless connection that can span very long distances, either on earth or through
telecommunication satellites. Wireless WANs are beyond the scope of the CCNA exam.
Benefits and Costs of Wireless Networks
The main advantage of wireless LANs is the elimination of wired connections:
n

No need to run cables across the building

No need to buy and install connectors

No need to buy and install local distribution patch panels

In short, wireless connections allow tremendous flexibility. The disadvantages are as follows:
n

Lack of reliability

Limited range

Piggybacking

Potential security issues

Security Risks
One of the biggest issues in wireless networks is security. Because data transmission is done through airwaves, and
because TCP/IP does not encrypt data by default, the potential exists for eavesdropping.
Technical Stuff If TCP/IP security protocols are used, even if data packets are sniffed, the contents cannot be read,
unless sniffers can break the encryption. However, most TCP/IP transmissions are unencrypted. So, a security risk clearly
exists when transmitting data over airwaves in wireless networks.
A packet sniffer is a network application that "listens" to IP packets traveling through a network. Packet sniffers usually trap
all IP packets and display or log their contents. Packet-sniffing tools were originally designed for network troubleshooting,
but they are now used for a variety of purposes, including hacking and eavesdropping.

Page 2 / 5
ReprintedforCSC/cbotelho,CSC

JohnWiley&Sons(US),WileyPublishing,Inc.(c)2010,CopyingProhibited

CCNACertificationAllInOneForDummies

Another issue is piggybacking. If your wireless network is open, anyone can connect to it. Your neighbor, or someone
passing by on the street, can use a wireless device to connect to your network. They may not necessarily have bad
intentions (for example, sniffing your data), but they are still using your bandwidth.
The IEEE 802.11 standard defines several mechanisms to mitigate piggybacking and security risks: SSID (service set
identifier), Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and MAC Address Filtering.
Service Set Identifier (SSID)
A service set identifier (SSID) identifies each wireless network. By default, the SSID is broadcast over the airwaves so that
any wireless device and any host operating system can know about the existence of the wireless network. You can turn off
the broadcasting of the SSID over the air. This basically hides the name (the SSID) of the wireless network. Wireless
devices cannot detect the wireless network unless its SSID is broadcast.
However, you can connect a wireless device to a "hidden" wireless network by typing its SSID in the network SSID options
box in the device wireless configuration tool. The idea is this: You know the SSID of your wireless network because you
configured it. Hence, you can type that SSID in the network SSID options box in the device wireless configuration tool.
Your neighbor, or someone walking by on the street, does not know the SSID of your wireless network, and even if she
scans the air for wireless networks, she cannot find your network SSID because it's not broadcast. Unless she knows the
SSID of your network, she cannot connect to your wireless network.
Tools are available that can find wireless networks even if their SSID is hidden (that is, not broadcast). Hiding the SSID
makes it more difficult for piggybackers to find the wireless network.
Tip Hiding the SSID is a bit like an automobile alarm system: It does not prevent pros from stealing the car, but it limits the
number of potential attacks.
Wired Equivalent Privacy (WEP)
WEP is the first wireless security protocol that was introduced to secure the over-the-air communication between wireless
access point (WAP) devices and wireless network interface card (NIC) devices. It's very easy to configure but not very
secure.
WEP uses a 64-bit or 128-bit encryption key generated on the WAP device. The key must be provided to all wireless
devices that need to connect to the secured wireless network. The 128-bit encryption key is a bit more secure (harder to
crack, or "guess") than the 64-bit encryption key. No additional performance penalty is incurred to generate a 128-bit
encryption, but there's more data to transfer over the wireless network. Hence, if network performance is most important,
do not use encryption or use 64-bit encryption. If security is most important, use 128-bit encryption, or better yet, use WPA2.
Wi-Fi Protected Access (WPA)
WPA is a security certification program that was created by the Wi-Fi Alliance to secure wireless networks. The Wi-Fi
Alliance is a group of wireless device manufacturers. The group includes Cisco. One the goals of the WPA program is to
provide a more secure alternative to the Wired Equivalent Privacy (WEP) security protocol previously used in wireless
networks.
Two versions of WPA wireless security exist today: WPA-1 and WPA-2.
WPA-1

WPA-1 is an improvement over WEP. WPA-1 uses Temporal Key Integrity Protocol (TKIP). The basic input-output system
(BIOS) of most wireless network interface cards, even as old as 1999, can be upgraded to support WPA-1. However,
wireless access point (WAP) devices require modification to support WPA-1. Hence, most WAP devices built before 2003
do not support WPA-1. To summarize, most wireless devices, both NICs and WAPs, and host operating systems built after
2003, support WPA-1.
The Wi-Fi Alliance tests and certifies wireless NIC and WAP devices to determine whether they comply with the WPA-1
standard. If they do, a WPA-1 logo is visible on the packaging and on the device.
WPA-2

Page 3 / 5
ReprintedforCSC/cbotelho,CSC

JohnWiley&Sons(US),WileyPublishing,Inc.(c)2010,CopyingProhibited

CCNACertificationAllInOneForDummies

WPA-2 is defined by the IEEE 802.11i standard. This fixes WEP shortcomings as well as some flaws discovered in TKIP
used in WPA-1. WPA-2 does not use TKIP. Instead, it uses the Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol (CCMP) encryption algorithm, which is considered fully secure. WPA-2 is currently the most
secure wireless security protocol.
Not all wireless NIC and WAP devices support WPA-2. Particularly, devices manufactured before 2004 do not typically
comply with the WPA-2 Wi-Fi certification. The Wi-Fi Alliance tests and certifies wireless NIC and WAP devices to
determine whether they comply with the WPA-2 standard. If they do, a WPA-2 logo is visible on the packaging and on the
device.
MAC Address Filtering
Another way to control devices that are allowed to connect to a wireless network is filtering by MAC address. Most WAP
devices allow creating a list of MAC addresses that can connect to the wireless network. The MAC address of each device
that needs to connect to the wireless network is added to the list. The WAP then refuses connection to any wireless device
that is not in the "allowed MAC address" list.
This may be a good solution for small- to medium-size wireless networks. However, it becomes difficult to manage in larger
wireless networks when many wireless devices need to connect.
Prep Test
1. What is the main advantage of wireless LANs?
A. Elimination of wired connections

B. Elimination of crosstalk
C. Elimination of signal attenuation
D. All of the above

2. What is a disadvantage of wireless LANs?

A. Limited range

B. Piggybacking
C. Potential security risks
D. All of the above

3. Describe wireless networks.

A. Short- or medium-range networks that connect host devices using satellites

B. Short- or medium-range networks that connect host devices using airwaves

C. Short- or medium-range networks that connect host devices using optical fiber
D. All of the above

4. Wireless local-area networks (WLANs) are standardized by which of the following standards?
A. IEEE 802.3w

B. IEEE 802.11w
C. IEEE 802.11
D. All of the above

5. WLAN security issues can be mitigated using which of the following?

A. Wi-Fi Protected Access (WPA)

B. MAC address filtering

C. Wired Equivalent Privacy (WEP)
Page 4 / 5
ReprintedforCSC/cbotelho,CSC

JohnWiley&Sons(US),WileyPublishing,Inc.(c)2010,CopyingProhibited

CCNACertificationAllInOneForDummies

D. All of the above

Answers
1. A. The main advantage of wireless connections is the elimination of wired connections. Review "Benefits and Costs of
Wireless Networks."
2. D. All of the above. Wireless networks are typically unreliable, provide a limited range, and are exposed to piggybacking
and packet sniffing. Check out "Benefits and Costs of Wireless Networks."
3. B. Wireless networks connect host devices over short or medium distances using airwaves. Read "Benefits and Costs
of Wireless Networks."
4. C. The IEEE 802.11 standard defines the characteristics and specifications of wireless networks. See "Introducing
Wireless Networks."
5. D. All of the above. Several methods are available to mitigate the inherent security risks of wireless networks, including
WPA, MAC address filtering, and WEP. Review "Security Risks."

Page 5 / 5
ReprintedforCSC/cbotelho,CSC

JohnWiley&Sons(US),WileyPublishing,Inc.(c)2010,CopyingProhibited