A security administrator is reviewing logs and notices multiple attempts to access the HVAC
controls by a workstation with an IP address from the open wireless network. Which of the
following would be the best way to prevent this type of attack from occurring again?
A.
Implement VLANs to separate the HVAC
B.
Enable WPA2 security for the wireless network
C.
Install a HIDS to protect the HVAC system
D.
Enable Mac filtering for the wireless network
Answer is C.
0
1
I think the answer is A, by implementing a VLAN the open wireless network and HVAC unit controls are separated. A HIDS would only monitor the situation. MAC filtering is not viable in an open wireless network.
0
0
I believe it’s “A”. If you enable MAC filtering on the wireless network then it’s not really a “open wireless network” anymore. If that’s the case you might as well enable WPA2.
0
0
agreed. the answer is clearly A
0
0
I chose A.
B – The network should already be using WPA2
c – Admin already reviewed logs, installing HIDS won’t do anything. If HIPS then it is a different story
D – Not viable. Then you’ll have to enter all MAC address who’ll access the network not viable.
The best solution would be to separate HVAC and do MAC filtering.
0
0
So we have a “workstation with an IP address from the open wireless network” constantly attempting to access the HVAC System.
As a way of a definition, let’s take a look at all the available elements:
1) HVAC: is an abbreviation for “Heating, Ventilation and Air Conditioning” (equipment). This could be any other system really, so it is inconsequential.
2) Open wireless:
• An open wireless connection means there is no password exchange required to connect to the network.
• Most data used over an open wireless connection is easily observed.
• Once connected Open wireless networks are entirely unencrypted; anyone can see all the data you send (even if they aren’t connected to the network).
3) Intrusion Systems
• HIDS = Hostbased Intrusion Detection System (your computer)
• HIPS = Hostbased Intrusion Prevention System
NIDS = Network Intrusion Detection System (network)
B) – Enable WPA2 security for the wireless network.
This then means that by definition of terms, the “open wireless network” is no longer open, since “An open wireless connection means there is no password exchange required to connect to the network. The moment I instigate security, the wireless network is then to be deemed as “closed”.
C) Install a HIDS to protect the HVAC system.
As already mentioned by Mike, we have already detected what the problem is. So a Hostbased Intrusion Detection System would only serve to corroborate what we already know. What we need in here is not to detect what is happening, but to preventing from happening altogether, which necessitates the installation of HIPS
D) – Enable Mac filtering for the wireless network is wrong.
This way only authorized devices shall be allowed to use the “open wireless network”, which is a bit of a contradiction of terms, being the case that the “open wireless network” can from now on only be accessed by devices with certain MAC addresses. So what’s the point of making it “open” since I am now “closing” it as devices will have restricted access by means of MAC filtering?
So the only possible answer is A- Implement VLANs to separate the HVAC
By placing the HVAC in its own, separate VLAN I can restrict access to it without changing the status of the “open wireless network”
0
0