Realtime website analytics

 

 

ADVANCE YOUR CAREER - Earn More, Be More than Certified
Q/ISP CyberSecurity Master Certificate


CWSP Certified Wireless Security Professional - UPDATED! training for CWSP
Certification



SU's CWSP training materials are the MOST RESPECTED Wireless Security CertificationTraining in the world! Since 1999 SU has delivered the most effective and complete wireless certification training that gets your wireless secure!

This CWSP course targets experienced wireless professionals who are looking for critical hands-on skills in wireless security, including how hackers attack w-networks and the learn how to preventing them from doing so. CWNA or equivilant required for CWSP Certification class.

The CWSP ® Wireless Hacking Security course consists of hands on learning using the latest enterprise wireless security tools and security auditing equipment. This course addresses in detail the most up-to-date WLAN intrusion, DDoS tools and techniques, functionality of the wireless standard, the inner-workings of each EAP type used with wireless LANs today, and every class and type of WLAN security solution available on the market - from wireless intrusion prevention systems to wireless network management systems you learn skills for implementing and managing wireless security in the enterprise with layer2 and layer3 hardware and software solutions. Practical is required for class completion.

Class Duration: The 5 day class consists of 40 hours of hands on learning using the latest enterprise wireless LAN security and auditing equipment. This class addresses in detail Wireless LAN Intrusion, Security Policy, and Security Solutions.

EXAM VOUCHER AND PRACTICE TEST included in your class fee!

Class Fee: $2,995 Alfa included in class fee
Time: 8:00am - 6pm
Location: Click here to view the class schedule
Learning Level: Advanced
CPE Credits: 40
Prerequisites: You should have TCP/IP and Qualified/Wireless Professional (Q/WP) or a CWNA Class or Certification
   

We're here to help!
CALL NOW 877-357-7744
All attendees receive hands-on experience configuring, testing, and implementing a broad variety of layer2 and layer3 wireless security solutions using hardware and software from the following vendors:
  • AirTight
  • Cisco Systems®
  • Trapeze Networks
  • AirMagnet Fluke
  • Ekahau
  • Proxim
  • Funk Software
  • Microsoft
  • WildPackets
  • AirSpy
  • Aruba Networks

Are your WIFI tools deaf and ignorant to 2.4 GHz? Class includes one Wi-Spy discount per attendee! Wi Spy visualizes your 2.4 GHz devices (microwave ovens, cordless phones, security cameras, Wi-Fi, Zigbee, etc) optimize wireless networks & troubleshoots your entire wireless landscape!

Course Outline

1. Introduction to WLAN Security Technology

  • Security policy
  • Security concerns
  • Security auditing practices
  • Application layer vulnerabilities and analysis
  • Data Link layer vulnerabilities and analysis
  • Physical layer vulnerabilities and analysis
  • 802.11 security mechanisms
  • Wi-Fi Alliance security certifications

2. Small Office/Home Office WLAN Security Technology and Solutions

  • WLAN discovery equipment and utilities
  • Legacy WLAN security methods, mechanisms, and exploits
  • Appropriate SOHO security

3. WLAN Mobile Endpoint Security Solutions

  • Personal-class mobile endpoint security
  • Enterprise-class mobile endpoint security
  • User-accessible and restricted endpoint policies
  • VPN technology overview

4. Branch Office/Remote Office WLAN Security Technology and Solutions

  • General vulnerabilities
  • Preshared Key security with RSN cipher suites
  • Passphrase vulnerabilities
  • Passphrase entropy and hacking tools
  • WPA/WPA2 Personal
    • How it works
    • Configuration
  • Wi-Fi Protected Setup (WPS)
  • Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices

5. Enterprise WLAN Management and Monitoring

  • Device identification and tracking
  • Rogue device mitigation
  • WLAN forensics
  • Enterprise WIPS installation and configuration
  • Distributed protocol analysis
  • WNMS security features
  • WLAN controller security feature sets

6. Enterprise WLAN Security Technology and Solutions

  • Robust Security Networks (RSN)
  • WPA/WPA2 Enterprise
    • How it works
    • Configuration
  • IEEE 802.11 Authentication and Key Management (AKM)
  • 802.11 cipher suites
  • Authentication services (RADIUS, LDAP) in WLANs
  • User profile management (RBAC)
  • Public Key Infrastructures (PKIs) used with WLANs
  • Certificate Authorities and x.509 digital certificates
  • RADIUS installation and configuration
  • 802.1X/EAP authentication mechanisms
  • 802.1X/EAP types and differences
  • 802.11 handshakes
  • Fast BSS Transition (FT) technologies
These are the actual labs taught in the course:

WLAN Controller Security

The WLAN controller is currently the center piece of 802.11 security. All other pieces of the WLAN security puzzle orbit around the WLAN controller. For this reason, gaining an in-depth understanding of how to secure access to the controller and how to use the controller to secure the WLAN is essential.

This lab is focused on WLAN controller security, and primarily covers the following areas:

  1. Secure access to the WLAN controller using secure management protocols
  2. Configuring multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
  3. Configuring the WLAN controller for RADIUS connectivity and authentication
  4. Client station connectivity to the controller - including DHCP and browsing
  5. Integrated rogue device discovery

Wireless Intrusion Prevention Systems (WIPS)

This lab is focused on Wireless Intrusion Prevention Systems (WIPS). WIPS are known for three overriding functions: security monitoring, performance monitoring, and reporting. In this lab exercise, we will focus only on security monitoring and reporting. Areas of particular interest include:

  1. WIPS installation, licensing, adding/configuring sensors, and secure console connectivity
  2. Configuration according to organizational policy
  3. Properly classifying authorized, unauthorized, and external/interfering access points
  4. Identifying and mitigating rogue devices
  5. Identifying specific attacks against the authorized WLAN infrastructure or client stations

Using Laptop Analyzers

This lab is focused on the use of laptop analyzers for spectrum analysis, protocol analysis, and WLAN discovery. Understanding driver issues, security-related protocol analysis (authentication and encryption), and spectrum analysis will aid the wireless security professional in policy compliance, proper implementation, and troubleshooting. The following steps will be covered in this lab exercise.

  1. Installing and configuring a WLAN discovery tool
  2. Installing, licensing, and configuring a laptop protocol analyzer
  3. Installing, licensing, and configuring a laptop spectrum analyzer
  4. Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool
  5. Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN protocol analyzer
  6. Capturing and analyzing a WPA2-Personal authentication in a WLAN protocol analyzer
  7. Capturing and analyzing a WPA2-Enterprise authentication in a WLAN protocol analyzer
  8. Capturing and analyzing Hotspot authentication and data traffic in a WLAN protocol analyzer
  9. Capturing and analyzing Beacons, Probe Requests, Probe Responses, and Association Requests with a WLAN protocol analyzer
  10. Viewing a normal RF environment, a busy RF environment, and an RF attack on the WLAN in a spectrum analyzer

Fast BSS Transitions (FT)

This lab is focused on fast BSS transition (FT) within an Extended Service Set. Moving quickly and securely between access points attached to a single controller or multiple controllers is a requirement of real-time mobility devices such as wVoIP phones and mobile video devices. An in-depth understanding of the standards-based and proprietary processes of a WLAN infrastructure system's ability to deliver FT services means the difference between a successful deployment and a complete failure. The following steps will be covered in this lab exercise.

  1. Configure a WLAN infrastructure with two controllers and two APs per controller. Configure APs for specific power and channel settings
  2. Install and configure a RADIUS server for PEAP
  3. Configure both controllers and an authorized client device for PEAP authentication using the CCMP cipher suite
  4. Configure an 802.11 protocol analyzer to capture on a specific channel
  5. Using an 802.11 frame generator function, deauthenticate the authorized client station to force intra- and inter-controller roaming
  6. Perform a slow BSS transition within a controller as a baseline
  7. Enable FT mechanisms within controllers and the client station
  8. Perform a fast BSS transition within a controller as a comparison
  9. Perform a slow BSS transition between controllers as a baseline
  10. Perform a fast BSS transition (if vendor FT mechanisms permit) between controllers as a comparison

The following list contains the materials covered in the lecture portion of the course:

Introduction to WLAN Security Technology

  • Security policy
  • Security concerns
  • Security auditing practices
  • Application layer vulnerabilities and analysis
  • Data Link layer vulnerabilities and analysis
  • Physical layer vulnerabilities and analysis
  • 802.11 security mechanisms
  • Wi-Fi Alliance security certifications
Small Office / Home Office WLAN Security Technology and Solutions
  • WLAN discovery equipment and utilities.
  • Legacy WLAN security methods, mechanisms, and exploits
  • Appropriate SOHO security
WLAN Mobile Endpoint Security Solutions
  • Personal-class mobile endpoint security
  • Enterprise-class mobile endpoint security
  • User-accessible and restricted endpoint policies
  • VPN technology overview
Branch Office / Remote Office WLAN Security Technology and Solutions
  • General vulnerabilities
  • Preshared Key security with RSN cipher suites
  • Passphrase vulnerabilities
  • Passphrase entropy and hacking tools
  • WPA/WPA2 Personal - how it works
  • WPA/WPA2 Personal - configuration
  • Wi-Fi Protected Setup (WPS)
  • Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices
Enterprise WLAN Management and Monitoring
  • Device identification and tracking
  • Rogue device mitigation
  • WLAN forensics
  • Enterprise WIPS installation and configuration
  • Distributed protocol analysis
  • WNMS security features
  • WLAN controller security feature sets

Enterprise WLAN Security Technology and Solutions

  • Robust Security Networks (RSN)
  • WPA/WPA2 Enterprise - how it works
  • WPA/WPA2 Enterprise - configuration
  • IEEE 802.11 Authentication and Key Management (AKM)
  • 802.11 cipher suites
  • Use of authentication services (RADIUS, LDAP) in WLANs
  • User profile management (RBAC)
  • Public Key Infrastructures (PKI) used with WLANs
  • Certificate Authorities and x.509 digital certificates
  • RADIUS installation and configuration
  • 802.1X/EAP authentication mechanisms
  • 802.1X/EAP types and differences
  • 802.11 handshakes
  • Fast BSS Transition (FT) technologies


Tools that you will use only in Security University classes!

AirMagnet/ Fluke


AirMagnet Trio/Reporter - Performance and Security Analysis
AirMagnet Distributed with Hardware Sensors



Ekahau Site Survey Training
and Certification


easy planning, quick site surveys, state-of-the-art visual representation, and advanced analysis, optimization, and reporting features.

WildPackets

WildPackets iNetTools
AiroPeek NX - Performance and Security Analysis
AiroPeek NX - Distributed Analysis with RF Grabber

WiSPY - $99!

Wi-Fi Integration : Information such as SSID, Channel and dBm are overlayed on the 2.4 GHz data. (This does not use the Wi-Spy hardware. It uses the computer's Wi-Fi card) Video Tutorial

Networked Wi-Spy : Connect to a Wi-Spy through an IP address. (See Recon for Wi-Spy )

Configuration Options : Zoom into a channel with greater resolution, for detailed troubleshooting.

Signature Identification : A “Signatures” sidebar makes it easy to match the shape appearing in your graph to the device signature (from MetaGeek's growing Signatures Library) – so you can identify the interference. More

Data Inspector : Shows frequency, amplitude, time, and other data of any point in any view. Read More

Embedded Notes : Textual information can now be added to any recording by embedding user notes. Read More

Wi-Fi Reports

SSID Overlay

Wireless Devices

Chanalyzer turns data collected from a Wi-Spy into highly interactive charts and graphs, allowing users to “visualize” their wireless landscape. Together, Wi-Spy and Chanalyzer enable both enterprise and small business users to visualize, troubleshoot, and optimize their wireless networks.


Airtight Networks

Most Robust Wireless Threat Prevention

Full visibility of both the air space and the wired network

Unique Network Detector mode lowers costs
Proper identification of External APs
Find Rogues Quickly with Precise Location Tracking
SpectraGuard Enterprise shuts down unauthorized Wi-Fi


Precisely locate any access point or client

Display rogue devices for quick removal
Unique probability graph shows location
Optional integration with SpectraGuard Planner


*Class fees are subject to change

 

Q/WSP Exam Details

  • Exam Number: Q/WSP
  • Cost: Included in class fee (exam voucher is included with your class)
  • Availability: Register at Security University
  • Duration: 90 minutes
  • Questions: 60
  • Question Types: Multiple choice / multiple answer
  • Passing Score: 70% (80% for instructors)
  • Available Language: English

 

 

 
Current Schedule
Site Map SU Policies Webmaster Contact Us Opt-Out Testimonials Advertise Brochure
Copyright © 2014 Security University, Inc. All rights reserved.
Translate this page to