Exam Objectives Frequently Asked Questions | MCSE/MCSA Implementing and Administering Security in a Windows 2000 Network: Study Guide and DVD Training System (Exam 70-214)

The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the Exam Objectives presented in this chapter, and to assist you with real-life implementation of these concepts.

Q.		Do I really need to understand the fundamentals of security in order to protect my network?
A.		Yes. You might be able to utilize the configuration options available to you from your equipment provider without a full understanding of security fundamentals. However, without a solid background in how security is accomplished, you will never be able to protect your assets from the unknown threats to your network through misconfiguration, back doors provided by the vendor, or new exploits that have not been patched by your vendor.
Q.		Is 128-bit WEP more secure than 64-bit WEP?
A.		Yes, but only to a small degree. WEP vulnerability has more to do with the 24-bit initialization vector than the actual size of the WEP key.
Q.		Where can I find more information on WEP vulnerabilities?
A.		Besides being one of the sources that brought WEP vulnerabilities to light, www.isaac.cs.berkeley.edu has links to other Web sites that cover WEP insecurities.
Q.		If I have enabled WEP, am I now protected?
A.		No. Certain tools can break all WEP keys by simply monitoring the network traffic (generally requiring less than 24 hours to do so).
Q.		How can I protect my wireless network from eavesdropping by unauthorized individuals?
A.		Because wireless devices are half-duplex devices, you cannot wholly prevent your wireless traffic from being listened to by unauthorized individuals. The only defense against eavesdropping is to encrypt Layer 2 and higher traffic whenever possible.
Q.		Are wireless networks secure?
A.		By their very nature and by definition, wireless networks are not secure. They can, however, be made relatively safe from the point of view of security through administrative efforts to encrypt traffic, implement restrictive methods for authenticating and associating with wireless networks, and so on.
Q.		My AP does not support the disabling of SSID broadcasts. Should I purchase a new one?
A.		Disabling SSID broadcasts adds only one barrier for the potential hacker. Wireless networks can still be made relatively safe even if the AP does respond with its SSID to a beacon probe. Disabling SSID broadcasts is a desirable feature. However, before you go out and purchase new hardware, check to see if you can update the firmware of your AP. The AP vendor might have released a more recent firmware version that supports the disabling of SSID broadcasts. If your AP doesn't support firmware updates, consider replacing it with one that does.