Introduction to 802.11 Wireless LANS
- Standards organizations responsible for shaping the 802.11 Wireless Lan Protocol
- How Standards compliance is enforced for 802.11 WLAN vendors
- Examine the 802.11 standard and various amendments
- Discuss additional networking standards that are commonly used to enhacnce 802.11 WLAN
- Radio Frequency Fundamentals
- Physical Aspects of RF propagation
- Types of losses and attenuation that affect RF communications
- Types of modulation used for wireless communications
- How channels and bandwidth are related to each other in wireless networks
- Three types of Spread Spectrum used in wireless networking
- RF Math Calculations
- RF Units of measure
- Basic RF Mathematics
- RF signal measurements
- Understand link budgets
- Define and calculate system operating margin (SOM)
- 802.11 Service Sets
- Explain three types of service sets defined for use within 802.11 WLANs
- Roaming within a WLAN
- Load Balancing as a method to improve congestion in WLANs
- RF Power Output Regulations
- Understand international, regional, and local RF spectrum management organizations
- Understand RF channels in the unlicensed 2.4 GHz and 5 GHz frequency ranges
- Power over Ethernet
- Recognize the two types of devices used in Power over Ethernet (PoE)
- Recognize the differences between the tow types of Power Sourcing Equipment (PSE)
- Understand the two ways in which power can be delivered using PoE
- Understand the importance of planning to maximize the efficiency of PoE
Spectrum Technologies
- Uses of Spread Spectrum
- Frequency Hopping
- Direct Sequencing
- Comparing DSSS to FHSS
- Co-location and Throughput Analysis
- Wireless LAN Operation
- Ad Hoc networks
- Infrastructure networks
- Bridged Networks
- Repeater Networks
- Mesh Networks
- WLAN Switched networks
- Enterprise Wireless Gateway networks
- Enterprise Encryption Gateway networks
- Virtual AP networks
- Evolution of WLAN architectures
- WLAN management
Wireless LAN Security
- Security Policy and Procedures
- Legacy 802.11 Security Components
- 802.11i Security Components
- WPA – personal
- WPA – Enterprise
- WPA 2 – personal
- WPA2 - Enterprise
- Types of Network Attacks
- Baseline Security Practices (SOHO, SMB, Enterprise)
- 802.11 Analysis and Troubleshooting
- Introduction to 802.11 Protocol Analysis
- 802.11 Data Frames
- 802.11 Control Frames
- 802.11 Management Frames
- Frame Fragmentation
- Power Saving Operations
- Transmission Rates
- Coordinating 802.11 Frame Transmission
- Differences between CSMA/CD and CSMA/CA
- Distributed Coordination Function (DCF)
- Quality of Service in 802.11 WLANS
- Antennas
- Antenna characteristics and behaviors
- Types of antennas commonly used with WLANS
- Advances Antenna Systems
- Antenna Placement and mounting
- Antenna Safety
- Types of antenna cables, connectors and accessories
- Site Surveying
- Understanding the need for a site survey
- Defining Business Requirements and justification
- Facility Analysis
- Interviewing Network Management and users
- Identifying Bandwidth Requirements
- Determining contours of RF coverage
- Documenting installation problems
- Locating Interference
- Reporting Methodology and procedures
- Understanding specifics of each vertical market
- Understanding the customers network topology
- Creating appropriate documentation during and after the site survey
- Understanding Safety Hazards
- Using appropriate hardware and software to perform the survey
- Understand the need for spectrum analysis
- Manual RF site surveys
- Predictive site Surveys
- Dense AP deployment
Qualified/ Wireless Security Professional
Wireless Certification Q/WP002 QUALIFIED/ WIRELESS SECURITY PROFESSIONAL
This course targets experienced networking professionals who wish to gain critical skills in wireless networking security, including how hackers attack networks and the means for preventing them from doing so.
Class Duration: The class consists of 72 hours of hands on learning using the latest enterprise wireless LAN security and auditing equipment. This class addresses in detail Wireless LAN Intrusion, Security Policy, and Security Solutions.
Learning Objectives:
- Wireless Security concepts
- Wireless security policy creation and alignment
- Security design and control methods
- Return on investment strategies and methods
- Automated tools and management strategies
Who Should Attend:
Information Security Officers, Information Systems Managers, Telecommunications and Network Administrators and Engineers, Consultants, Systems and Data Security Analysts, Compliance Officers, Chief Security Officers, and others concerned with wireless security
Lesson Plan 16 hrs lecture/ 24 hrs labs:
All attendees receive hands-on experience configuring, testing, and implementing a broad variety of layer2 and layer3 wireless security solutions using hardware and software from the following vendors:
KU Outcomes
* Knowledge of wireless risk management processes (e.g., methods for assessing and mitigating risk).
* Students will be able to plan, organize and perform wireless penetration testing on a simple network.
* Students will be able to analyze wireless system components and determine how they will interact in a composed system.
* Students will be able to analyze a wireless system design and determine if the design will meet the system security requirements
The Wireless LAN Security course is 72 hours of instructor-led study, incorporating both lecture and hands-on labs. The lab exercises consume more than 80% of the class time, providing thorough hands-on training and escalating technical workshops for all attendees.
Certification: This course may be used - and is the ideal track - for preparing students for the QUALIFIED Wireless Security Professional™ exam (exam # PW0-200), which is delivered at all Prometric Testing Centers worldwide. The Q/WSP certification is the first vendor neutral security certification that focuses solely on testing the IT professional's knowledge of securing enterprise wireless LAN solutions.
Prerequisites: Understanding of TCP/IP Protocols is required prior to taking the Q/WSP exam. It is recommended students have experience in a network security related field prior to enrolling in the course.
Hands-on Lab Exercises: These are the actual labs taught in the Wireless LAN Security Course:
- Packet Analysis & Spoofing
- Rogue Hardware & Default Settings
- RF Jamming & Data Flooding
- Information Theft
- Wireless Hijacking and DoS Attacks
- Access Point VPNs
- Scalable Wireless VPN Solutions
- EAP - Cisco Wireless (LEAP)
- Layered Wireless Security
- Wireless Bridging Security
- 802.1x and EAP-TTLS
- SSH2 Tunneling & Local Port Redirection
The Wireless LAN Security course consists of hands on learning using the latest enterprise wireless LAN security and auditing equipment. This course addresses in detail the most up-to-date WLAN intrusion and DoS tools and techniques, functionality of wireless standard, the inner-workings of wireless LANs to WLAN security solutions, to wireless intrusion prevention systems and wireless network mgt systems.
WLAN Intrusion
Intrusion Tools
Intrusion Techniques
LAB – WLAN Intrusion Tools and Techniques
Physical Security
Controlled Physical access to premises and infrastructure
Social Engineering
Policy Adherence
Proper use of Security Solutions
MAC Layer Security
Use of VLANs for layer-2 segmentation in WLANs
PrE-shared key security solutions
802.1X/EAP framework and security solutions
Extensible Authentication Protocol (EAP) framework and comparisons
Detailed discussion of each EAP type used in today’s WLANs including in-dedpth frame exchange graphics
Wi-Fi Protected Areas
802.11i terms, framework, and in-depth operational explanations
802.11i/RSN functional graphics and frame capture explanations
Explanations of how 02.1X/EAP solutions changed to 802.11i/RSN solutions
802.11i frame format explanations and graphics
The 802.11i amendment
IP Security – Network Layer Security PPTP VPN
IP Framewoark and implementation discussion in detail
LAB – 802.1X/EAP & VLAN based Security Solutions
Lesson 2
Hardware and Software Solutions
“Fat” access points
WLAN switches/controllers
WLAN bridges
SOHO/SMB solutions
Enterprise Encryption Gateways (EEGs)
Enterprise Wireless Gateways (EWGs)
WLAN routers
WLAN Network Management Systems (WNMS)
WLAN mesh routers
WLAN Intrusion Detection/Prevention Systems (WIDS/WIPS)
Lab Exercises
Secure WLAN Bridging
WLAN Switching
Enterprise Encryption Gateways (EEGS)
Enterprise W ireless Gateways (EWGs)
SOHO?SMB solutions
WLAN Routers
Lesson 3
Application Security
Secure Shell (SSH1/SSH2) as a terminal application and VPN solution
SSLv3/TLSv1 for E-mail, FTP, and web browsing
SNMPv3 for authenticated and encrypted network management
Authentication, Authorization, and Accounting (AAA) Systems
Local Authentication in APs, EWGs, WLAN switches, and WLAN routers
RADIUS & Kerberos authentication and proxy services
LDAP authentication
Per-user and per-Group authorization options
Role Based access control (RBAC)
Bandwidth management
Lesson 4
IDS Solutions- Protocol Analyzers
Hardware and software types available
Performance and security analysis
Connectivity Troubleshooting
Channel/spectral monitoring
Distributed analysis with WIDS
Three Types of WIDS – explanation of each
LAB Exercises
WLAN Network Management Systems
WLAN Intrusion Detection Systems