Wireless LAN Security

Duration 5 days

Price £1,895.00 plus VAT

Edinburgh 1st September 2008

London Phone for Dates

Course Description
Wireless LAN Security, the preparation course for the CWSPT certification. This is a rigourous course designed to provide delegates with the skills necessary for implementing and managing wireless security in the enterprise using hardware and software solutions with tools from industry leading manufacturers.

Who should attend?
This course targets experienced networking professionals who wish to gain critical skills in wireless networking security, including how hackers attack networks and the means for preventing them from doing so. With the burgeoning growth of wireless LAN installations, all IT professionals must become knowledgeable about security, and wireless security in particular.

Prerequisites:
The CWNA certification is required prior to attending the CWSP class or taking the CWSP exam. It is recommended that all students earn either the Security Certified Network Professional (SCNP) or CompTIA Security+ certification or have at least 12 months experience in a network security related field prior to enrolling in the course.

Certification:
This course may be used - and is the ideal track - for preparing students for the Certified Wireless Security ProfessionalT exam (exam # PW0-200), which is delivered at all Prometric Testing Centers worldwide. The CWSP certification is the first vendor neutral security certification that focuses solely on testing the IT professional's knowledge of securing enterprise wireless LAN solutions.

Delivery Method: Instructor-led, classroom-delivery with structured, hands-on activities.

Course Description

Risk Assessment

  • Assets to protect
  • Threats to protect against
  • Legal protection
  • Costs
  • Basic security measures
  • Threat analysis
  • Impact analysis

Threat Analysis & Hacking Methodology

  • Target profiling
  • Physical security
  • Social engineering
  • Wireless bridges
  • Packet analysis
  • Information theft
  • Malicious data insertion
  • Denial of Service (DoS)
  • Peer-to-peer hacking
  • Unauthorized control

Rudimentary Security Measures

  • SSID
  • MAC filters
  • Static WEP
  • Default configurations
  • Firmware upgrades
  • Physical security
  • Periodic inventory

Intermediate Security Measures

  • Rogue equipment
  • Cell sizing
  • Protocol filters
  • SNMP
  • Discovery protocols
  • Wireless segment configuration
  • Remove vulnerabilities
  • Client security
  • IP Services

Advanced Security Measures

  • Wireless security policy
  • Authentication & encryption
  • Wireless DMZ and VLANs
  • Audits
  • Traffic pattern analysis
  • Authenticated DHCP

Wireless LAN Auditing Tools

  • Discovery tools
  • Password crackers
  • Share enumerators
  • Network management and control
  • Wireless protocol analyzers
  • Manufacturer defaults
  • Password sniffers
  • Antennas and WLAN equipment
  • OS fingerprinting and port scanning
  • Application sniffers
  • Networking utilities
  • Network discovery and management
  • Hijacking users
  • RF Jamming and Dataflooding tools
  • WEP crackers

Hardware & Software Solutions

  • RADIUS with AAA Support
  • RADIUS Details
  • Kerberos
  • Static and Dynamic WEP and TKIP
  • 802.1x
  • Extensible Authentication Protocol (EAP)
  • VPNs
  • Encryption Schemes
  • Routers
  • Switch-Routers
  • Firewalls
  • MobileIP VPN Solutions
  • Enterprise Wireless Gateways
  • Switches, VLANs, & Hubs
  • SSH2 Tunneling & Port Redirection
  • Thin Client Solutions

Prevention & Countermeasures

  • 802.1x
  • 802.11i
  • TKIP
  • AES
  • Intrusion detection
  • US Federal and state laws

Implementation and Management

  • Design