Certified Wireless Security Professional Course (CWSP) – Outline

Detailed Course Outline

Hands-On Lab Exercises:

WLAN Controller Security

  • Secure access to the WLAN controller using secure management protocols
  • Configuring multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
  • Configuring the WLAN controller for RADIUS connectivity and authentication
  • Client station connectivity to the controller – including DHCP and browsing
  • Integrated rogue device discovery

Wireless Intrusion Prevention Systems (WIPS)

  • WIPS installation, licensing, adding/configuring sensors, and secure console connectivity
  • Configuration according to organizational policy
  • Properly classifying authorized, unauthorized, and external/interfering access points
  • Identifying and mitigating rogue devices
  • Identifying specific attacks against the authorized WLAN infrastructure or client stations

Using Laptop Analyzers

  • Installing and configuring a WLAN discovery tool
  • Installing, licensing, and configuring a laptop protocol analyzer
  • Installing, licensing, and configuring a laptop spectrum analyzer
  • Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool
  • Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN protocol analyzer
  • Capturing and analyzing a WPA2-Personal authentication in a WLAN protocol analyzer
  • Capturing and analyzing a WPA2-Enterprise authentication in a WLAN protocol analyzer
  • Capturing and analyzing Hotspot authentication and data traffic in a WLAN protocol analyzer
  • Capturing and analyzing Beacons, Probe Requests, Probe Responses, and Association Requests with a WLAN protocol analyzer
  • Viewing a normal RF environment, a busy RF environment, and an RF attack on the WLAN in a spectrum analyzer

Fast Secure Roaming

  • Configure a WLAN infrastructure with two controllers and two APs per controller. Configure APs for specific power and channel settings
  • Install and configure a RADIUS server for PEAP
  • Configure both controllers and an authorized client device for PEAP authentication using the CCMP cipher suite
  • Configure an 802.11 protocol analyzer to capture the BSS transition
  • Perform a slow BSS transition within a controller as a baseline
  • Enable FSR mechanisms within controllers and the client station
  • Perform a fast BSS transition within a controller as a comparison
  • Perform a slow BSS transition between controllers as a baseline
  • Perform a fast BSS transition (if vendor FSR mechanisms permit) between controllers as a comparison
Course Outline

Introduction to WLAN Security Technology

  • Security policy
  • Security concerns
  • Security auditing practices
  • Application layer vulnerabilities and analysis
  • Data Link layer vulnerabilities and analysis
  • Physical layer vulnerabilities and analysis
  • 802.11 security mechanisms
  • Wi-Fi Alliance security certifications

Small Office / Home Office WLAN Security Technology and Solutions

  • WLAN discovery equipment and utilities
  • Legacy WLAN security methods, mechanisms, and exploits
  • Appropriate SOHO security

WLAN Mobile Endpoint Security Solutions

  • Personal-class mobile endpoint security
  • Enterprise-class mobile endpoint security
  • User-accessible and restricted endpoint policies
  • VPN technology overview

Branch Office / Remote Office WLAN Security Technology and Solutions

  • General vulnerabilities
  • Preshared Key security with RSN cipher suites
  • Passphrase vulnerabilities
  • Passphrase entropy and hacking tools
  • WPA/WPA2 Personal – how it works
  • WPA/WPA2 Personal – configuration
  • Wi-Fi Protected Setup (WPS)
  • Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices

Enterprise WLAN Management and Monitoring

  • Device identification and tracking
  • Rogue device mitigation
  • WLAN forensics
  • Enterprise WIPS installation and configuration
  • Distributed protocol analysis
  • WNMS security features
  • WLAN controller security feature sets

Enterprise WLAN Security Technology and Solutions

  • Robust Security Networks (RSN)
  • WPA/WPA2 Enterprise – how it works
  • WPA/WPA2 Enterprise – configuration
  • IEEE 802.11 Authentication and Key Management (AKM)
  • 802.11 cipher suites
  • Use of authentication services (RADIUS, LDAP) in WLANs
  • User profile management (RBAC)
  • Public Key Infrastructures (PKI) used with WLANs
  • Certificate Authorities and x.509 digital certificates
  • RADIUS installation and configuration
  • 802.1X/EAP authentication mechanisms
  • 802.1X/EAP types and differences
  • 802.11 handshakes
  • Fast BSS Transition (FT) technologies