OneSource Professional Training Solutions, Inc. presents
 

Enterprise Wi-Fi Security (CWSP) On-Site Training

Enterprise Wi-Fi Security (CWSP)

Course Description/Agenda

Using the latest enterprise wireless LAN security and auditing equipment in this hands-on course, you will learn, in detail, the most up-to-date WLAN intrusion and DoS tools and techniques. You will learn about functionality of the 802.11i amendment to the 802.11 standard, the inner-workings of each EAP type used with wireless LANs today, and every class and type of WLAN security solution available on the market, from wireless intrusion prevention systems to wireless network management systems.

What You'll Learn

• WLAN security technology and solutions
• WLAN security policy, concerns, and auditing practices
• Layer vulnerabilities and analysis
• WLAN mobile endpoint security solutions
• WPA/WPA2 Personal and Enterprise configurations
• WLAN management and monitoring
• IEEE 802.11 Authentication and Key Management (AKM)

Who Should Attend

Wireless professionals looking to gain cutting-edge wireless security expertise and earn the CWSP credential

Course Prerequisites

• Solid IP networking knowledge
• CWNA certification

Course Outline

1. Introduction to WLAN Security Technology

• Security policy
• Security concerns
• Security auditing practices
• Application layer vulnerabilities and analysis
• Data Link layer vulnerabilities and analysis
• Physical layer vulnerabilities and analysis
• 802.11 security mechanisms
• Wi-Fi Alliance security certifications

2. Small Office/Home Office WLAN Security Technology and Solutions

• WLAN discovery equipment and utilities
• Legacy WLAN security methods, mechanisms, and exploits
• Appropriate SOHO security

3. WLAN Mobile Endpoint Security Solutions

• Personal-class mobile endpoint security
• Enterprise-class mobile endpoint security
• User-accessible and restricted endpoint policies
• VPN technology overview

4. Branch Office/Remote Office WLAN Security Technology and Solutions

• General vulnerabilities
• Preshared Key security with RSN cipher suites
• Passphrase vulnerabilities
• Passphrase entropy and hacking tools
• WPA/WPA2 Personal
  • How it works
  • Configuration
• Wi-Fi Protected Setup (WPS)
• Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices

5. Enterprise WLAN Management and Monitoring

• Device identification and tracking
• Rogue device mitigation
• WLAN forensics
• Enterprise WIPS installation and configuration
• Distributed protocol analysis
• WNMS security features
• WLAN controller security feature sets

6. Enterprise WLAN Security Technology and Solutions

• Robust Security Networks (RSN)
• WPA/WPA2 Enterprise
  • How it works
  • Configuration
• IEEE 802.11 Authentication and Key Management (AKM)
• 802.11 cipher suites
• Authentication services (RADIUS, LDAP) in WLANs
• User profile management (RBAC)
• Public Key Infrastructures (PKIs) used with WLANs
• Certificate Authorities and x.509 digital certificates
• RADIUS installation and configuration
• 802.1X/EAP authentication mechanisms
• 802.1X/EAP types and differences
• 802.11 handshakes
• Fast BSS Transition (FT) technologies

Labs

Lab 1: WLAN Controller Security

• Secure access to the WLAN controller using secure management protocols
• Configure multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
• Configure the WLAN controller for RADIUS connectivity and authentication
• Client station connectivity to the controller, including DHCP and browsing
• Integrated rogue device discovery

Lab 2: Wireless Intrusion Prevention Systems (WIPS)

• WIPS installation, licensing, add/configure sensors, and secure console connectivity
• Configuration according to organizational policy
• Properly classify authorized, unauthorized, and external/interfering access points
• Identify and mitigate rogue devices
• Identify specific attacks against the authorized WLAN infrastructure or client stations

Lab 3: Using Laptop Analyzers

• Install and configure a WLAN discovery tool
• Install, license, and configure a laptop protocol analyzer
• Install, license, and configure a laptop spectrum analyzer
• Locate and analyze 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool
• Locate and analyze 2.4 GHz and 5 GHz WLANs with a WLAN protocol analyzer
• Capture and analyze a WPA2 Personal authentication in a WLAN protocol analyzer
• Capture and analyze a WPA2 Enterprise authentication in a WLAN protocol analyzer
• Capture and analyze Hotspot authentication and data traffic in a WLAN protocol analyzer
• Capture and analyze beacons, probe requests, probe responses, and association requests with a WLAN protocol analyzer
• View a normal RF environment, a busy RF environment, and an RF attack on the WLAN in a spectrum analyzer

Lab 4: Fast Secure Roaming

• Configure a WLAN infrastructure with two controllers and two APs per controller
• Configure APs for specific power and channel settings
• Install and configure a RADIUS server for PEAP
• Configure both controllers and an authorized client device for PEAP authentication using the CCMP cipher suite
• Configure an 802.11 protocol analyzer to capture the BSS transition
• Perform a slow BSS transition within a controller as a baseline
• Enable FSR mechanisms within controllers and the client station
• Perform a fast BSS transition within a controller as a comparison
• Perform a slow BSS transition between controllers as a baseline
• Perform a fast BSS transition (if vendor FSR mechanisms permit) between controllers as a comparison

More Seminar Information

OneSource Professional Training Solutions, Inc. Delivery Method  On-Site Training Also Available As  Seminar