Qualified Wireless Analysis & Defender Bootcamp Q/WAD®
GOT YOUR CWNA™ & CWSP™? Now.. Get Qualified!
Harness the Power of WLAN Analysis & Penetration Testing, Assessment, Hacking & Defending.
Analyzing and Pen Testing Wireless Networks
5 days of hands-on intense wireless tools for scanning, securing and assessing enterprise-class wireless LANs. Case studies, demos and labs address in detail, 802.11 frame structure and exchange processes, wireless LAN performance, wireless assessments, security analysis, wireless LAN troubleshooting
and new exclusive EKAHAU TRAINING and CERTIFICATION.
Are your WIFI tools deaf and ignorant to 2.4 GHz? Class includes one Wi-Spy per attendee! Wi Spy visualizes your 2.4 GHz devices (microwave ovens, cordless phones, security cameras, Wi-Fi, Zigbee, etc) optimize wireless networks & troubleshoots your entire wireless landscape!
Hacking & Defending Wireless Networks
2-days of hacking wireless in detail, how to break 802.11 its vulnerabilities & how to fix.
- Weaknesses and vulnerabilities of open wireless networks
- Packet analysis & locating wireless rogue access points- AirMagnet demo, ATNS, WIPS, Tipping PT
- Available counter measures and solutions to stop the wireless leaks
- How to defend your wireless LAN from hackers (AirTight Networks Sentry & AirDefense)
- Demos incl: deflecting wireless jamming & data flooding, spoofing and more.
Bottom line: You'll leave knowing how to Pen Test, assess and defend your network from wireless hacking and how to locate unauthorized wireless access points before the hacker takes over your wireless network .
Class Fee: | ||
Time: | 8:00am - 6pm | |
Location: | Click here to view the class schedule | |
Learning Level: | CWNA™ and CWSP™ preferred | |
CPE Credits: | 40 | |
Prerequisites: | Understanding of TCP/IP protocols | |
Method of Delivery - Residential On Ground
Method of Evaluation: 1. 95 % attendance 2. 100 % completion of Lab
Grading: Pass = 95% Attendance and 100% Completion of Labs and Practical
Fail => 95% Attendance and > 100% Completion of Labs and Practical
Qualified Wireless Analysis Defender Q/WAD®
Students who complete the class will acquire the necessary skills for pen testing, analyzing and troubleshooting any wireless LAN implementation. You will gain extensive hands-on training installing, configuring, and utilizing five market-leading analysis products: and can take the QWAD exam.
Air Defense
Take the Guesswork Out of Wireless LAN Design & Management


Download a 15-Day Trial Version
of AirDefense Architect
Airtight Networks
Find Rogues Quickly - Precise Location Tracking
SpectraGuard Enterprise shuts down unauthorized Wi-Fi
Precisely locate any access point or client
- Display rogue devices for quick removal
- Unique probability graph shows location
- Optional integration with SpectraGuard Planner
Ekahau Site Survey Training and Certification
easy planning, quick site surveys, state-of-the-art visual representation, and advanced analysis, optimization, and reporting features.
T301 Ekahau Wi-Fi Location Tag
Leveraging the award-winning Ekahau Positioning Engine (EPE) software platform.
More information
Ekahau Positioning Engine
Combining the latest 802.11 wireless networking technology with location info...
More information
Ekahau Site Survey
One of the distinctive strengths of the Ekahau Site Survey 2.2 (ESS) is its p...
More information
AirTight Networks' SpectraGuard Enterprise has key elements of an effective wireless intrusion prevention system (WIPS):
- detecting and correctly classifying wireless threats – to catch all threats, while minimizing false alarms
- preventing (multiple, simultaneous) wireless threats – while continuing to scan for new ones
- accurately locating the wireless threats on a floor map – so they can be removed.
Most Robust Wireless Threat Prevention
- Full visibility of both the air space and the wired network
- Unique Network Detector mode lowers costs
- Proper identification of External APs
QWAD® Wireless Analysis, Hacking and Defending Topics:
Weakness and vulnerabilities of open wireless networks
Packet analysis & locating wireless rogue access points- AirMagnet demo
Available counter measures and solutions to stop the wireless leaks with Airtight IPS.
How to break and fix your wireless LAN to keep out hackers
Demos incl: wireless jamming & data flooding, spoofing, scanning and more
Latest wireless exploit goals and methodologies
How to complete a report including all security violations detected
Review existing security policies / access point configuration
Detect and identify the wireless network including channels and ESSID
Determine if WEP is enabled on all remotely accessible access points
Inspect the IV for weak key generation.
Inspection of the beacon broadcast frame and record the information it broadcasts
Monitor for rogue access points from outside or inside the building
Monitor network perimeter for signal leakage into unwanted areas
Collect IP or MAC addresses of access points and clients
Understanding the mind set needed to perform penetration testing on wireless networks
Advanced information-gathering techniques for wireless networks
Expert wireless discovery tools and techniques
Identifying & exploiting wireless weaknesses with live tools
Advanced enumeration of wireless devices, platforms and protocols
Cracking contemporary wireless authentication and authorization
Exploiting complex protocols, such as SSH, SSL, and IPSEC
Using payload generators
Advanced wireless testing tools and techniques
Penetration testing of "Wetware"
Penetration testing and the law
Bottom line: You'll leave knowing how to defend your network from wireless hacking and how to locate unauthorized wireless access points before the hacker takes over your wireless network .
Air Defense Colubris Networks Cisco Systems Ekahau Cognio YellowJacket WiSpy |
Proxim Symbol Technologies Funk Software Microsoft TamoSoft Zoom Telephonics |
Metasploit |
Class Outline
DAY ONE: Introduction
course overview
professional security testing
not tools, tools, tools
wired versus wireless
creating a security posture
defining a methodology
OSSTMM
NIST
CHECK
ISACA
OWASP
SU Seven Steps of a Methodology
Step 1: Organize and plan
Step 2: Non-intrusive target search
Step 3: Intrusive target search
Remote target assessment
Local target assessment
Data analysis
Report
Relationship of pen testing to the methodology
Nine steps of pen testing
LAB One – intelligence gathering
assessing wireless architectures
6 dumbest ways to secure a wireless LAN
LAB Two protocol analysis
wired
wireless
LAB and field trip – applied skills in practice
wireless site survey and assessment
DAY TWO:
Exam Review – 2 hours
Step 1 - Organize the project
Step 2 – Non-intrusive target search
LAB Three – Non-intrusive target search
Step 3 – Intrusive target search
LAB Four.One – Scanning wireless devices
DAY THREE:
EXAM Review – 1 hour
Step 4 – Remote target assessment
LAB Five.One – Wireless and wired banner grabbing
LAB Five.Two – Enumeration techniques
LAB Five.Three – Team building
LAB – Applied skills in practice
Wireless security the Yellowjacket way
DAY FOUR:
Exam review – 1 hour
LAB Six.One
Core demo
LAB Six.Two
System and network hacking
Lab Six.Three
Web Application hacking
Step 5 – local target assessment
LAB Seven – applied skills in practice
Wireless IPS
DAY FIVE:
Denial of Service
LAB Eight – DoS with Deauth packets
LAB Nine – rogue AP detection and defense
LAB Ten – Enterprise wireless
Next steps and roadmap from here.
Exam starts 2 PM.
*Class fees are subject to change