Initial Core 2 study project

notes/SEC-3-wireless-security.md

@@ -0,0 +1,251 @@
+# SEC-3: Wireless Security and Authentication Methods
+
+Status: not started
+
+Domain:
+- 2.0 Security
+
+Objective alignment:
+- 2.3 Wireless security
+
+## What You Need To Know
+
+Wireless security questions usually ask which encryption/authentication method is safest or most appropriate.
+
+Core ideas:
+- WEP is obsolete and should not be used.
+- WPA was a temporary improvement over WEP.
+- WPA2 with AES is still common and acceptable.
+- WPA3 is newer and stronger.
+- Personal/PSK uses one shared password.
+- Enterprise/802.1X authenticates users individually, usually with RADIUS.
+
+## Memory Trick
+
+Use **3 beats 2, AES beats TKIP, Enterprise beats shared password**.
+
+Order to remember:
+- **WEP = Weak**
+- **WPA = temporary**
+- **WPA2-AES = solid**
+- **WPA3 = strongest common choice**
+
+Mode shortcut:
+- **Personal = shared pre-shared key**
+- **Enterprise = individual user authentication**
+
+## Wireless Encryption
+
+WEP:
+- Wired Equivalent Privacy.
+- Broken/obsolete.
+- Do not choose it unless the question asks what should be replaced.
+
+WPA:
+- Wi-Fi Protected Access.
+- Temporary replacement for WEP.
+- Uses TKIP.
+
+TKIP:
+- Older encryption method used with WPA.
+- Avoid when better options exist.
+
+WPA2:
+- Stronger replacement for WPA.
+- Uses AES.
+
+AES:
+- Advanced Encryption Standard.
+- Stronger than TKIP.
+
+WPA3:
+- Newer than WPA2.
+- Improves encryption and key exchange.
+- Best default answer when supported.
+
+## Wireless Modes
+
+Open:
+- No password.
+- Avoid for private/business networks.
+
+WPA2/WPA3-Personal:
+- Uses a pre-shared key.
+- Good for home/SOHO networks.
+- Everyone uses the same Wi-Fi password.
+
+WPA2/WPA3-Enterprise:
+- Uses 802.1X.
+- Authenticates users individually.
+- Usually uses RADIUS.
+- Best for business networks when supported.
+
+## Authentication Methods
+
+RADIUS:
+- Remote Authentication Dial-in User Service.
+- Centralized AAA service.
+- Common for VPN, wireless 802.1X, network devices, and server authentication.
+
+TACACS+:
+- Authentication protocol common with Cisco/network device administration.
+- Exam clue: network device admin authentication, especially Cisco.
+
+Kerberos:
+- Ticket-based network authentication.
+- Common in Microsoft/Active Directory environments.
+- Supports SSO-style access in Windows domains.
+
+MFA:
+- Multi-factor authentication.
+- Uses more than one factor type:
+  - Something you know
+  - Something you have
+  - Something you are
+  - Somewhere you are
+  - Something you do
+
+## Scenario Shortcuts
+
+Home Wi-Fi:
+- WPA3-Personal if supported.
+- WPA2-AES if WPA3 is not available.
+
+Business Wi-Fi:
+- WPA3-Enterprise or WPA2-Enterprise with 802.1X/RADIUS.
+
+Legacy weak network:
+- Replace WEP/WPA/TKIP.
+
+VPN authentication server:
+- RADIUS is a common answer.
+
+Cisco/network device admin authentication:
+- TACACS+ is a common answer.
+
+Microsoft domain authentication:
+- Kerberos is a common answer.
+
+## Commands To Enter
+
+Windows:
+
+```powershell
+netsh wlan show interfaces
+```
+
+What it does:
+- Shows current Wi-Fi interface, SSID, authentication, and cipher details.
+- Works only if Wi-Fi is present and connected.
+
+```powershell
+netsh wlan show profiles
+```
+
+What it does:
+- Lists saved Wi-Fi profiles.
+
+```powershell
+ipconfig /all
+```
+
+What it does:
+- Shows network adapter details, including DHCP and DNS information.
+
+```powershell
+ncpa.cpl
+```
+
+What it does:
+- Opens Network Connections.
+
+Linux:
+
+```bash
+nmcli device status
+```
+
+What it does:
+- Shows network devices and connection state when NetworkManager is installed.
+
+```bash
+nmcli connection show
+```
+
+What it does:
+- Shows configured network connections when NetworkManager is installed.
+
+```bash
+iw dev
+```
+
+What it does:
+- Shows wireless interface information if wireless tools are installed.
+
+```bash
+ip addr
+```
+
+What it does:
+- Shows network interfaces and IP addresses.
+
+macOS, if available:
+
+```bash
+networksetup -listallhardwareports
+```
+
+What it does:
+- Lists network hardware ports, including Wi-Fi.
+
+```bash
+airport -I
+```
+
+What it does:
+- Shows current Wi-Fi details on many macOS systems.
+- On some macOS versions, the `airport` command path may require lookup or may be deprecated.
+
+## Mini Lab
+
+Goal:
+- Identify current wireless mode/security without changing router settings.
+
+Windows:
+1. Connect to a known Wi-Fi network.
+2. Run `netsh wlan show interfaces`.
+3. Run `netsh wlan show profiles`.
+4. Run `ipconfig /all`.
+5. Record:
+   - SSID:
+   - Authentication:
+   - Cipher:
+   - DHCP enabled:
+   - DNS server:
+
+Linux:
+1. Run `nmcli device status`.
+2. Run `nmcli connection show`.
+3. Run `ip addr`.
+4. Optional: run `iw dev`.
+5. Record:
+   - Wireless interface name:
+   - Active connection:
+   - IP address:
+
+Router review, if you own/admin the network:
+1. Look at Wi-Fi security mode.
+2. Confirm WEP/TKIP are not used.
+3. Prefer WPA3 or WPA2-AES.
+4. Do not change settings unless you understand the impact.
+
+## Quick Check Before Quiz
+
+You are ready for the SEC-3 quiz when you can answer these without looking:
+- Which wireless security should be avoided?
+- Which is stronger: TKIP or AES?
+- Which mode uses one shared password?
+- Which mode uses 802.1X/RADIUS?
+- Which authentication protocol is common in Microsoft domains?
+- Which authentication protocol is common for VPN/wireless AAA?
+