Realtime website analytics

 

  

ADVANCE YOUR CAREER - Earn More, Be More than Certified
Q/ISP IA Cyber Defense Graduate Certificate



Certified Wireless Network Admin/ Wireless Security Professional 8-Day Bootcamp

CWNA class starts Tuesday - Friday. CWSP class starts Monday - Thursday, no weekend class dates scheduled.
97% exam pass rate for SU attendees!

This course targets experienced networking professionals who wish to gain critical skills in wireless networking security, including how hackers attack networks and the means for preventing them from doing so. The CWNA CWSP Wireless LAN & Security bootcamp course consists of hands on learning using the latest enterprise wireless LAN security and wireless auditing equipment.

This 8 day BootCamp drills into Wireless LAN Administration and Wireless Security course addresses in detail the most up-to-date WLAN intrusion and DoS tools and techniques, functionality of the 802.11i amendment to the 802.11 standard, the inner-workings of each EAP type used with wireless LANs today, and every class and type of WLAN security solution available on the market - from wireless intrusion prevention systems to wireless network management systems.


With the burgeoning growth of wireless LAN installations, all IT professionals must become knowledgeable about security, and wireless security in particular. CWSP WLAN Security, the preparation course for the CWSP™ certification, teaches students the necessary skills for implementing and managing wireless security in the enterprise by creating layer2 and layer3 hardware and software solutions with tools from industry leading manufacturers.

This hands-on, defense in-depth class has 15+ labs to give you the chance to use wireless products from vendors like CISCO, AirMagnet, AirTight Networks, AirDefense, AirFortress, Cognio, Meru, Aruba, Trapeze, Ekahau, YDI and more.

Our expert instructors take you through everything you need to know to do a proper wireless site survey, design and implement a WLAN and will advance into the crucial aspects of hacking and testing vulnerabilities on your wireless networks showing you security threats and weaknesses of wireless LANs. And 4 top wireless analysis tool labs.

CWNP is the top ranking Wireless Networking Certification today. A vendor-neutral certification that requires mastery of Wireless fundamentals. SU is an authorized CWNP partner. Confused about CWNP? Learn More

By earning both the CWNA & CWSP credentials, network engineers and administrators demonstrate that they have the skills necessary to administer, install, configure and troubleshoot wireless network systems.

Class Duration: These hands on classes consists of 80 hours.

Bootcamp Fee $4,690 FREE ALPHA WiFi Adapter!

 

Time: 8:30am -6 pm
Location: Click here to view the class schedule
Prerequisites: TCPIP Advanced
CPE Credits: 80

FREE ALFA Technical Details

4" + 5dBi Rubber Duck Antenna and 15" +9dBi Rubber Duck Antenna Included
802.11b/g, 1000mW of power which is more powerful than any other WiFi adapter on the market
Very Secure with 64/128/256bit WEP Encryption, TKIP, WPA,WPA2, 802.11i
Drivers included on CD for Windows 98SE, 2000, ME, WinCE 5.0, XP, 2003, Vista, Mac OS X 10.3/10.4 and GNU/Linux.
Supports Windows, Macintosh, and Linux

Instructor: Highly qualified instructor with CWNA™/ CWSP™/ CWAP Q/EH, Q/SA
Texts, Practice Tests, EXAM Vouchers included

We're here to help!
CALL NOW 877-357-7744
All attendees receive hands-on experience configuring, testing, and implementing a broad variety of layer2 and layer3 wireless security solutions using hardware and software from the following vendors:
  • Colubris Networks
  • Cisco Systems
  • Bluesocket
  • Aruba Networks
  • Motorola/Symbol
  • Fortress Technologies
  • AirMagnet
  • Ekahau
  • Trapeze Networks
  • Xirrus Networks
  • TamoSoft
  • WildPackets
  • Network Chemistry
  • AirTight Networks
  • AirDefense
  • AirMagnet
  • Periodik Labs
  • Juniper Networks
  • Microsoft
  • Van Dyke Software
  • Aruba Networks

Certified Wireless Network Administrator Day 1-4

Hands-on Lab Exercises

These are the actual labs taught in the course:
Spectrum Analysis
This lab is designed to familiarize the student with a laptop-based spectrum analyzer.

Area of interest include:

  • Swept Spectrogram
  • Real Time FFT
  • FFT Duty Cycle
  • Channel Utilization
  • Interference with Wi-Fi Channels
  • Interfering Device Discovery

In the first sections of this lab, students will install the spectrum analyzer software followed by loading the pre-recorded spectrum captures for review as a class.  In the last section of this lab, the instructor may optionally do a live capture of the RF environment for classroom discussion purposes.  Doing a live capture requires spectrum analysis hardware (typically a USB or CardBus radio adapter).

Wireless LAN Security

This lab is built around measuring WLAN throughput under various circumstances and is separated into three sections:

  • Section A: Greenfield mode throughput (802.11b vs. g vs. a vs. n)
  • Section B: Mixed mode throughput
  • Section C: Adjacent and co-channel interference

Understanding the "speeds and feeds" of all Wi-Fi technologies is crucial to optimizing WLAN installations, applications, and good network design.  This lab demonstrates the varying throughputs for Wi-Fi connectivity standards by using FTP to transfer large files from client devices to servers.  You will see and compare actual throughputs of each different standard technology and the impact of using mixed technologies.

Using Laptop Analyzers

This lab is focused on the use of laptop analyzers for WLAN discovery and protocol analysis.  Understanding security and performance related protocol analysis will aid the WLAN administrator in policy compliance, proper implementation, and troubleshooting.  The following steps will be covered in this lab exercise.

  • Installing and configuring a WLAN discovery tool.
  • Installing and configuring a laptop protocol analyzer
  • Locating 2.4 GHz and 5 GHz WLANs
  • Capturing and analyzing Management, Control, and Data frames
  • Capturing and analyzing a WPA2-Personal authentication

A protocol analyzer is provided on the student CD.

Site Survey

Two specific classes of site survey methodology exist and are used in the WLAN market today. This exercise is separated into two sections identifying each methodology:

  • Section A: Manual site surveys (sometimes called, “the walkabout”)
  • Section B: Predictive analysis (sometimes called, “automated site surveying”)

Within each class exist two distinct categories.  Manual site surveying can be categorized as active mode or passive mode, one or both modes can be used at any given time.

Predictive analysis software tools are based on a mathematical model of a facility blueprint and can be performed in two distinct ways.  First, importing an AutoCAD (vector graphic) drawing allows the predictive analysis software tool to understand detailed complex layers of a facility's construction, including wall attenuation, attenuation between floors, and channel interference.  Second, importing of raster graphics, such as .jpg or .bmp, allows for faster but often less accurate modeling.

Neither methodology is 100% accurate, since each has its own individual weaknesses.  Used together, the surveyor can create a more complete RF snapshot of any facility.

In this exercise, students will conduct both manual and predictive analysis surveying, using software and hardware tools (determined by the instructor or specific class needs).

Basic WLAN Security

The Wi-Fi Alliance has standardized security mechanisms for SOHO and enterprise environments. Two distinct classes of security mechanisms exist:

  • WPA compliant
  • WPA2 compliant

Within each class are two categories: Personal and Enterprise.  WPA implies a pre-802.11i snapshot that addresses only TKIP encryption.  WPA2 implies 802.11i compliant CCMP (default) and/or TKIP.  Enterprise implies the use of 802.1X/EAP authentication mechanisms, and Personal implies that passphrases are the authentication mechanism being used.

Wi-Fi Alliance Security Mechanism Authentication Mechanism Cipher Suite Encryption Mechanism

WPA-Personal

Passphrase

TKIP

RC4

WPA-Enterprise

802.1X/EAP

TKIP

RC4

WPA2-Personal

Passphrase

CCMP (default)

TKIP (optional)

AES (default)

RC4 (optional)

WPA2-Enterprise

802.1X/EAP

CCMP (default)

TKIP (optional)

AES (default)

RC4 (optional)

Wi-Fi Alliance security mechanisms are only applicable at Layer 2 of the OSI model. Other security mechanisms for WLANs exists such as VPNs and secure applications, but this lab exercise addresses only those security mechanisms provided by the 802.11-2007 standard.

Wireless Intrusion Prevention Systems

This lab is focused on Wireless Intrusion Prevention Systems (WIPS).   WIPS are known for three specific functions: security monitoring, performance monitoring, and reporting.  In this lab exercise, we will focus only on security monitoring and reporting.  Areas of particular interest include:

  • Installation and configuration of WIPS
  • Properly classifying authorized, rogue/unauthorized, and   external/interfering access points or clients
  • Event monitoring and notification
  • Identifying and mitigating rogue devices

Note:

Although WIPS can identify, and often act upon, hundreds of wireless attacks, we will only use one type of common attack in this lab exercise to demonstrate WIPS functionality.  If time permits, the instructor may perform additional attacks that can be recognized and perhaps mitigated.

Course Outline

The following list contains the materials covered in the lecture portion of the course:

1.WLAN Infrastructure

  • The Basic Service Set
  • Access Points
    • Basic AP Operation
  • WLAN Controllers
  • Wi-Fi Stations
    • Wi-Fi Client Software
  • Independent Basic Service Set (IBSS)
    • Service Set Identifier
    • The Extended Service Set

2.WLAN Standards

  • WLAN Organizations
    • The IEEE
    • The Wi-Fi Alliance
    • IETF
  • The IEEE 802.11 Standard
    • The 802.11 Physical Layer
    • The 802.11 MAC Layer
  • 802.11 Amendments
    • 802.11a (OFDM)
    • 802.11b (HR/DSSS)
    • 802.11g (ERP)
    • 802.11n (HT)
      • 802.11n Improvements
        • Speed
        • Range
        • Power Consumption
      • MIMO Operation
  • 802.11 and Wi-Fi
    • 802.11 Amendments and Wi-Fi Certifications

3.RF Fundamentals

  • Channels and Bands
    • 2.4 GHz Channels
    • 5 GHz Channels
  • Modulation and Coding
    • DSSS
    • OFDM
  • RF Math
    • Watts and Milliwatts (mW)
    • Decibels (dB), dBi, and dBm
  • Multipath
    • Identifying Multipath
    • Solving Multipath Problems

4.Antennas and Outdoor Wireless

  • Link Budgets
    • Reading Signal Strength
    • Transmitter Power
    • Measuring Antenna Gain
    • Cables, Connectors, and Accessories
    • Signal Propagation
  • Antenna Operation
    • Baseband RF to Radio Waves
  • Antenna Types
    • Omnidirectional Antennas
    • Semidirectional Antennas
    • Highly Directional Antennas
  • Antenna Coverage Patterns
    • Antenna Beamwidth
    • Antenna Mounting

5.WPA/WPA2 Authentication

  • 802.11 Security Amendments
  • 802.11i Robust Security Networks
    • RSN Authentication Options
  • Preshared Key
    • Small Network
    • PSK Vulnerability
    • Preshared Key Design
  • 802.1X
    • Extensible Authentication Protocol
    • 802.1X/EAP Design
  • 802.1X/EAP Authentication
  • Mutual Authentication and Key Negotiation
    • Enterprise Authentication
    • EAP-TLS
    • EAP-PEAP
    • Choosing an EAP Type

6.WPA/WPA2 Encryption

  • WLAN Encryption
    • Wired Equivalent Privacy
  • WPA/WPA2 Encryption Options
  • RC4 Encryption
    • Secure Stream Cipher
  • TKIP Improvements
    • TKIP Operation
  • AES-CCMP
    • AES-CCMP Similarities to TKIP
    • AES-CCMP Operation
  • 802.11i Encryption Summary
    • Automatic Encryption Selection
    • Encrypting in the Real World

7.WLAN Operation

  • 802.11 Channel Access
  • CSMA/CA
    • A Clear Channel
  • Interframe Spacing
  • Random Backoff Time
    • The Contention Window
    • Winning Arbitration
  • Acknowledgements
    • After the Acknowledgement
  • An Arbitration Example
    • Timelines
    • IFS Timeless
    • Backoff Timelines
    • Frame Timelines
    • ACK Timelines
  • Effects of Arbitration

8.Mixed Mode Operation

  • Mixed Mode Networks
  • 802.11b/g Mixed Mode
    • Protection Mechanism
    • Enabling Protection
  • 802.11g/n Mixed Mode )
    • 802.11n Greenfield
    • 802.11 g/n Mixed Mode AP
    • Nearby 802.11g AP
  • 802.11n 2.4 GHz Problems
  • 802.11n 5 GHz
  • Mixed Mode Best Practices

9.Security Design

  • RSN Concerns
    • General Security Approach
  • Wireless Data Security
    • Eavesdropping
    • Encryption Options
  • Network Security
  • Guest Access
    • Captive portals
    • Captive portal vulnerabilities
  • RF Denial
    • Client Testing Software
    • DoS: Connection Loss
    • DoS Response
    • Network Rogue APs
    • Rogue AP Response
  • MAC Address Spoofing
  • Endpoint Security
    • Evil Twin Rogue APs
    • ESS
    • NAC
  • Enterprise WIDS
    • Enterprise WIDS Types
    • Enterprise WIDS Monitoring
    • WIDS Rogue Prevention
    • Enterprise WIDS Summary
  • Security Design Best Practices

10.Troubleshooting Station Connections

  • Common Station Problems
  • Radio On/Off Switches
  • Wi-Fi Client Utilities
    • Automatic SSID Configuration
    • Manual SSID Configuration
    • Security Configuration
  • Power Management Protocols
    • Power states and modes
    • 802.11 Power Management
    • Automatic Power Save Delivery
    • Power Management Settings

11.WLAN Analysis

  • Packet Capture
    • Passive Monitoring
    • Monitor Mode
  • Protocol Analysis Software
  • The Wi-Fi Connection
    • Beyond Basic Troubleshooting
    • The 802.11 State Machine
  • Discovery Analysis
  • Authentication and Association/li>
  • Roaming
  • Secure Connections
    • WEP Connections
    • PSK Connections
    • 802.1X/EAP Connections
  • Connection Loss

12.WLAN Channel Analysis

  • Analyzing the Channel
  • Using the Protocol Analyzers
    • Filtering
  • Basic 802.11 Overhead
    • Wi-Fi Collisions
  • Channel Efficiency
    • 802.11 Retrys
  • Performance Degradation
    • Interference Types
  • Spectrum Analyzers
    • Distributed Spectrum Analyzers
    • Spectrum Analyzer Troubleshooting

 

13.Enterprise Infrastructure Design

  • Basic AP Configuration
  • Enterprise WLAN Needs
    • Optional AP Settings
  • Wireless Network Management Systems
    • Controller-less WLANs
  • Wireless VLANs
    • Wireless VLAN Security
  • Power over Ethernet
    • Power sourcing equipment
    • Powered devices
    • Detection and classification
  • Picocells
    • Power Output Settings
    • Channel Reuse
    • Redundancy
  • Client Isolation
  • RTS/CTS
    • RTS/CTS Protocol
    • RTS/CTS Thresholds
    • RTS/CTS Uses
  • AP Optimization Best Practices

14.Station Optimization

  • Station Configuration
  • Additional Station Settings
    • Roaming Tendency
    • Disable Upon Wired Connect
    • Single Sign-on
  • Station Optimization Best Practices

15.QoS Configuration

  • Legacy WLANs
    • QoS Needs
  • QBSS Load
  • Enhanced Distributed Channel Access
    • AIFSN Lengths
    • The Contention Window (QoS)
    • Transmit Opportunity
    • TXOP and Contention-Free Burst
  • Priority Settings
  • QoS Configuration Best Practices

16.Channel Optimization

  • RF Difficulties
    • Handling RF Problems
  • Roaming
    • Roaming Behavior
    • Roaming Problems
    • Cell Overlap
  • Common WLAN Types
    • Basic-Coverage WLANs
    • High-Density WLANs
    • Application-Based WLANs
  • Alternative technologies
    • Role-based access control
    • Transmit beamforming
    • Virtual Cells
    • Controller-less management
    • Multi-radio APs
  • Channel Optimization Best Practices

17.Site Surveys

  • Radio Frequency Problems
  • Site Surveys
    • Pre-Installation Surveying
  • Kit Preparation
  • WLAN Simulation Software
    • Predictive Coverage
    • High Cost, High Benefit
  • Post-Installation Surveying
    • Performing Spot Checks
  • Live Survey Software
    • Coverage Mapping
    • Survey Reporting
  • Site Survey Best Practices

18.Next-Generation WLANs

  • Next-Generation Improvements
  • Automatic RF management
    • Band Steering
    • Airtime management
  • Wi-Fi Direct
  • Secure Roaming
    • Fast Transition Basics
    • Fast Transition Options
    • WMM Voice Enterprise
  • Mesh Networks
    • Mesh Networking Technology
    • Outdoor Access
    • Consumer Wi-Fi Technologies
  • Home Media Streaming
    • Direct Link Setup
    • Software-Based APs
    • Software-Based AP Uses
  • Wi-Fi Cellular Calling

1. Introduction to WLAN Security Technology

  • Security policy
  • Security concerns
  • Security auditing practices
  • Application layer vulnerabilities and analysis
  • Data Link layer vulnerabilities and analysis
  • Physical layer vulnerabilities and analysis
  • 802.11 security mechanisms
  • Wi-Fi Alliance security certifications

2. Small Office/Home Office WLAN Security Technology and Solutions

  • WLAN discovery equipment and utilities
  • Legacy WLAN security methods, mechanisms, and exploits
  • Appropriate SOHO security

3. WLAN Mobile Endpoint Security Solutions

  • Personal-class mobile endpoint security
  • Enterprise-class mobile endpoint security
  • User-accessible and restricted endpoint policies
  • VPN technology overview

4. Branch Office/Remote Office WLAN Security Technology and Solutions

  • General vulnerabilities
  • Preshared Key security with RSN cipher suites
  • Passphrase vulnerabilities
  • Passphrase entropy and hacking tools
  • WPA/WPA2 Personal
    • How it works
    • Configuration
  • Wi-Fi Protected Setup (WPS)
  • Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices

5. Enterprise WLAN Management and Monitoring

  • Device identification and tracking
  • Rogue device mitigation
  • WLAN forensics
  • Enterprise WIPS installation and configuration
  • Distributed protocol analysis
  • WNMS security features
  • WLAN controller security feature sets

6. Enterprise WLAN Security Technology and Solutions

  • Robust Security Networks (RSN)
  • WPA/WPA2 Enterprise
    • How it works
    • Configuration
  • IEEE 802.11 Authentication and Key Management (AKM)
  • 802.11 cipher suites
  • Authentication services (RADIUS, LDAP) in WLANs
  • User profile management (RBAC)
  • Public Key Infrastructures (PKIs) used with WLANs
  • Certificate Authorities and x.509 digital certificates
  • RADIUS installation and configuration
  • 802.1X/EAP authentication mechanisms
  • 802.1X/EAP types and differences
  • 802.11 handshakes
  • Fast BSS Transition (FT) technologies



AirMagnet Trio/Reporter - Performance and Security Analysis
AirMagnet Distributed with Hardware Sensors



Ekahau Site Survey Training and Certification

easy planning, quick site surveys, state-of-the-art visual representation, and advanced analysis, optimization, and reporting features.

WildPackets

 WildPackets iNetTools
AiroPeek NX - Performance and Security Analysis
AiroPeek NX - Distributed Analysis with RF Grabber

WiSPY - $99!

Wi-Fi Integration : Information such as SSID, Channel and dBm are overlayed on the 2.4 GHz data. (This does not use the Wi-Spy hardware. It uses the computer's Wi-Fi card) Video Tutorial

Networked Wi-Spy : Connect to a Wi-Spy through an IP address. (See Recon for Wi-Spy )

Configuration Options : Zoom into a channel with greater resolution, for detailed troubleshooting.

Signature Identification : A “Signatures” sidebar makes it easy to match the shape appearing in your graph to the device signature (from MetaGeek's growing Signatures Library) – so you can identify the interference. More

Data Inspector : Shows frequency, amplitude, time, and other data of any point in any view. Read More

Embedded Notes : Textual information can now be added to any recording by embedding user notes. Read More

Wi-Fi Reports

SSID Overlay

Wireless Devices

Chanalyzer turns data collected from a Wi-Spy into highly interactive charts and graphs, allowing users to “visualize” their wireless landscape. Together, Wi-Spy and Chanalyzer enable both enterprise and small business users to visualize, troubleshoot, and optimize their wireless networks.


Air Defense
AirDefense BlueWatch is the industry's first Bluetooth monitoring solution



Airtight Networks

Most Robust Wireless Threat Prevention

Full visibility of both the air space and the wired network is required to ensure bullet proof detection and prevention. Only AirTight provides Network Detector capability enabling full visibility of your wired network without requiring a Sensor on each subnet.

Patent-pending technology prevents all major categories of threats from compromising your network
Unique Network Detector mode lowers costs
Proper identification of External APs
Find Rogues Quickly with Precise Location Tracking
SpectraGuard Enterprise automatically shuts down unauthorized Wi-Fi communication to protect your  network immediately. To permanently remove the security threat, precise location tracking quickly pinpoints both rogue APs and Clients.

Precisely locate any access point or client

Display rogue devices on your floor plans for quick removal
Unique probability graph shows the most likely location
Optional integration with floor plans from SpectraGuard Planner


Multi Wireless Device Monitoring and prevention

Certified Wireless Security Professional Day 5-8

These are the actual labs taught in the Wireless LAN Security Course:

  • Packet Analysis & Spoofing
  • Rogue Hardware & Default Settings
  • RF Jamming & Data Flooding
  • Information Theft
  • Wireless Hijacking and DoS Attacks
  • Access Point VPNs
  • Scalable Wireless VPN Solutions
  • EAP - Cisco Wireless (LEAP)
  • Layered Wireless Security
  • Wireless Bridging Security
  • 802.1x and EAP-TTLS
  • SSH2 Tunneling & Local Port Redirection

Course Outline

WLAN Controller Security

The WLAN controller is currently the center piece of 802.11 security. All other pieces of the WLAN security puzzle orbit around the WLAN controller. For this reason, gaining an in-depth understanding of how to secure access to the controller and how to use the controller to secure the WLAN is essential.

This lab is focused on WLAN controller security, and primarily covers the following areas:

  1. Secure access to the WLAN controller using secure management protocols
  2. Configuring multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
  3. Configuring the WLAN controller for RADIUS connectivity and authentication
  4. Client station connectivity to the controller - including DHCP and browsing
  5. Integrated rogue device discovery

Wireless Intrusion Prevention Systems (WIPS)

This lab is focused on Wireless Intrusion Prevention Systems (WIPS). WIPS are known for three overriding functions: security monitoring, performance monitoring, and reporting. In this lab exercise, we will focus only on security monitoring and reporting. Areas of particular interest include:

  1. WIPS installation, licensing, adding/configuring sensors, and secure console connectivity
  2. Configuration according to organizational policy
  3. Properly classifying authorized, unauthorized, and external/interfering access points
  4. Identifying and mitigating rogue devices
  5. Identifying specific attacks against the authorized WLAN infrastructure or client stations

Using Laptop Analyzers

This lab is focused on the use of laptop analyzers for spectrum analysis, protocol analysis, and WLAN discovery. Understanding driver issues, security-related protocol analysis (authentication and encryption), and spectrum analysis will aid the wireless security professional in policy compliance, proper implementation, and troubleshooting. The following steps will be covered in this lab exercise.

  1. Installing and configuring a WLAN discovery tool
  2. Installing, licensing, and configuring a laptop protocol analyzer
  3. Installing, licensing, and configuring a laptop spectrum analyzer
  4. Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool
  5. Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN protocol analyzer
  6. Capturing and analyzing a WPA2-Personal authentication in a WLAN protocol analyzer
  7. Capturing and analyzing a WPA2-Enterprise authentication in a WLAN protocol analyzer
  8. Capturing and analyzing Hotspot authentication and data traffic in a WLAN protocol analyzer
  9. Capturing and analyzing Beacons, Probe Requests, Probe Responses, and Association Requests with a WLAN protocol analyzer
  10. Viewing a normal RF environment, a busy RF environment, and an RF attack on the WLAN in a spectrum analyzer

Fast BSS Transitions (FT)

This lab is focused on fast BSS transition (FT) within an Extended Service Set. Moving quickly and securely between access points attached to a single controller or multiple controllers is a requirement of real-time mobility devices such as wVoIP phones and mobile video devices. An in-depth understanding of the standards-based and proprietary processes of a WLAN infrastructure system's ability to deliver FT services means the difference between a successful deployment and a complete failure. The following steps will be covered in this lab exercise.

  1. Configure a WLAN infrastructure with two controllers and two APs per controller. Configure APs for specific power and channel settings
  2. Install and configure a RADIUS server for PEAP
  3. Configure both controllers and an authorized client device for PEAP authentication using the CCMP cipher suite
  4. Configure an 802.11 protocol analyzer to capture on a specific channel
  5. Using an 802.11 frame generator function, deauthenticate the authorized client station to force intra- and inter-controller roaming
  6. Perform a slow BSS transition within a controller as a baseline
  7. Enable FT mechanisms within controllers and the client station
  8. Perform a fast BSS transition within a controller as a comparison
  9. Perform a slow BSS transition between controllers as a baseline
  10. Perform a fast BSS transition (if vendor FT mechanisms permit) between controllers as a comparison

The following list contains the materials covered in the lecture portion of the course:

Introduction to WLAN Security Technology

  • Security policy
  • Security concerns
  • Security auditing practices
  • Application layer vulnerabilities and analysis
  • Data Link layer vulnerabilities and analysis
  • Physical layer vulnerabilities and analysis
  • 802.11 security mechanisms
  • Wi-Fi Alliance security certifications
Small Office / Home Office WLAN Security Technology and Solutions
  • WLAN discovery equipment and utilities.
  • Legacy WLAN security methods, mechanisms, and exploits
  • Appropriate SOHO security
WLAN Mobile Endpoint Security Solutions
  • Personal-class mobile endpoint security
  • Enterprise-class mobile endpoint security
  • User-accessible and restricted endpoint policies
  • VPN technology overview
Branch Office / Remote Office WLAN Security Technology and Solutions
  • General vulnerabilities
  • Preshared Key security with RSN cipher suites
  • Passphrase vulnerabilities
  • Passphrase entropy and hacking tools
  • WPA/WPA2 Personal - how it works
  • WPA/WPA2 Personal - configuration
  • Wi-Fi Protected Setup (WPS)
  • Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices
Enterprise WLAN Management and Monitoring
  • Device identification and tracking
  • Rogue device mitigation
  • WLAN forensics
  • Enterprise WIPS installation and configuration
  • Distributed protocol analysis
  • WNMS security features
  • WLAN controller security feature sets

Enterprise WLAN Security Technology and Solutions

  • Robust Security Networks (RSN)
  • WPA/WPA2 Enterprise - how it works
  • WPA/WPA2 Enterprise - configuration
  • IEEE 802.11 Authentication and Key Management (AKM)
  • 802.11 cipher suites
  • Use of authentication services (RADIUS, LDAP) in WLANs
  • User profile management (RBAC)
  • Public Key Infrastructures (PKI) used with WLANs
  • Certificate Authorities and x.509 digital certificates
  • RADIUS installation and configuration
  • 802.1X/EAP authentication mechanisms
  • 802.1X/EAP types and differences
  • 802.11 handshakes
  • Fast BSS Transition (FT) technologies

CWNA Exam Details

  • Exam Number: PW0-104
  • Cost: Free (exam voucher is included with your course)
  • Availability: Register at Pearson VUE
  • Duration: 90 minutes
  • Questions: 60
  • Question Types: Multiple choice / multiple answer
  • Passing Score: 70% (80% for instructors)
  • Available Language: English

CWSP Exam Details

  • Exam Number: PW0-204
  • Cost: Free (exam voucher is included with your class)
  • Availability: Register at Pearson VUE
  • Duration: 90 minutes
  • Questions: 60
  • Question Types: Multiple choice / multiple answer
  • Passing Score: 70% (80% for instructors)
  • Available Language: English



*Class fees are subject to change

 

Top 

View Class Schedule 

More Detection Courses

Privacy Policy
Webmaster
Contact Us
Opt-Out Translate Advertise Brochure
Copyright © 2011 Security University, Inc. All rights reserved.

 
Current Schedule
Site Map SU Policies Webmaster Contact Us Opt-Out Testimonials Advertise Brochure
Copyright © 2012 Security University, Inc. All rights reserved.
Translate this page to