Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

An Airport is planning an enterprise-wide wireless network for employees and air

ID: 3582710 • Letter: A

Question

An Airport is planning an enterprise-wide wireless network for employees and airline staff only. This network will be connected to the airport’s existing wired network. You are given the task of designing this network with the highest degree of security possible:
a. Illustrate and Describe your design indicating all authentication and encryption algorithms used.
b. Describe how the user device discover and associate with the network’s access point.
c. Describe how a user is authenticated in your design.
d. Describe how the keys between the user device and the access point are agreed upon.
e. Describe how each transmission key is determined.

Explanation / Answer

First we need to have wireless controller in place . All the access points registered to this controller , managed and monitored from this central device.
Access point's SSID, Password, encryption details configured via wireless controller.The subnet /VLAN for each access points defined in WLC.
WPA2- Enterprise authentication protocol recommended.
To use WPA2-Enterprise, you’ll need a RADIUS authentication server.RADIUS stands for Remote Authentication Dial In User Service.To authenticate with such a server, a variety of EAP — Extensible Authentication Protocols — can be used. After connecting to the Wi-Fi network, each client would have to log in with a username and password.Traffic to each client would be encrypted with a unique encryption key which isn’t derived from a pre-shared key.

Brief association process:       


Mobile device (supplicant ) when starts association process with Access points(authenticator) ,
authenticator will forward the credentials to authentication servers (Radius server),
which is synced with domain controller for updated credentials. once credentials matched ,
it will ask DHCP server to release the valid IP address for supplicant . Therefore the supplicant gets associated and connected to to wireless network with valid IP address.
Now supplicant can start transmitting the data.

Hope this makes sense. you need to refer 802.1x authentication process in detail to understand the packet level negatiations.

Thanks

Related Questions

An AM radio tuning circuit can be made by connecting an inductor, a resistor, an
Question #2076319
An AM signal is written as xc(t) = Ac(1+µx(t))cos(2pifct) where fc is the carrie
Question #1831695
An AM signal x(t) = a(t)cos(2pif_ct), where the frequency spectrum of a(t) is gi
Question #1716342
An AM transmitter has its maximum modulate frequency limited to 7 kHz. Assume th
Question #2990813
An AMTRAK train starts from Atlanta and heads non-stop to Greensboro (distance:
Question #2277092
An AND-OR gate produces a TRUE output if both A and B are TRUE or C is TRUE. Oth
Question #1801618
An AND-OR gate produces a TRUE output if both A and B are TRUE or C is TRUE. Oth
Question #1930016
An ANOVA procedure is used for data obtained from four populations. Four samples
Question #3127823
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
An AirplaneFlight object is used to keep track of seats booked on a flight, usin
Next
An Al ring of radius 5 cm(r1) and resistance of 3x10^-4 OHM\'s is placed aroudn

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.