Certified Wireless Security Professional Course

Wireless LAN Security is preparation course for the CWSP® certification. The course teaches participants the necessary skills for implementing and managing wireless security in the enterprise by creating layer 2 and layer 3 hardware and software solutions using tools from industry leading manufacturers.

The course consists of 45 hours of hands-on learning, using the latest enterprise wireless LAN security and auditing equipment. The course addresses in detail Wireless LAN Intrusion, Security Policy, and Security Solutions.

All attendees receive hands-on experience in configuring, testing, and implementing a broad variety of layer 2 and layer 3 wireless security solutions, using hardware and software from multiple vendors.

The Wireless LAN Security course offers 45 hours of instructor-led study, incorporating both lecture and hands-on labs. The lab exercises consume more than 80% of the class time, providing thorough hands-on training for all attendees.

Certification: This course may be used - and is the ideal track - for preparing participants for the Certified Wireless Security Professional® exam (exam # PW0-200). That exam is delivered at all Prometric Testing Centers worldwide. The CWSP certification is the first vendor neutral security certification that focuses solely on testing the IT professional's knowledge of home to secure enterprise wireless LAN solutions.

Risk Assessment
Assets to protect
Threats to protect against
Legal protection
Costs
Basic security measures
Threat analysis
Impact analysis

Threat Analysis and Hacking Methodology
Target profiling
Physical security
Social engineering
Wireless bridges
Packet analysis
Information theft
Malicious data insertion
Denial of Service (DoS)
Peer-to-peer hacking
Unauthorized control

Rudimentary Security Measures
SSID
MAC filters
Static WEP
Default configurations
Firmware upgrades
Physical security
Periodic inventory

Intermediate Security Measures
Rogue equipment
Cell sizing
Protocol filters
SNMP
Discovery protocols
Wireless segment configuration
Removing vulnerabilities
Client security
IP Services

Advanced Security Measures
Wireless security policy
Authentication and encryption
Wireless DMZ and VLANs
Audits
Traffic pattern analysis
Authenticated DHCP

Wireless LAN Auditing Tools
Discovery tools
Password crackers
Share enumerators
Network management and control
Wireless protocol analyzers
Manufacturer defaults
Password sniffers
Antennas and WLAN equipment
OS fingerprinting and port scanning
Application sniffers
Networking utilities
Network discovery and management
Hijacking users
RF Jamming and
Dataflooding tools
WEP crackers

Hardware and Software Solutions
RADIUS with AAA Support
RADIUS Details
Kerberos
Static and Dynamic WEP and TKIP
802.1x
Extensible Authentication Protocol (EAP)
VPNs
Encryption Schemes
Routers
Switch-Routers
Firewalls
MobileIP VPN Solutions
Enterprise Wireless Gateways
Switches, VLANs, & Hubs
SSH2 Tunneling & Port Redirection
Thin Client Solutions

Prevention and Countermeasures
802.1x
802.11i
TKIP
AES
Intrusion detection
US Federal and state laws

Implementation and Management
Design and implementation
Equipment configuration and placement
Interoperability and layering
Security management

The CWNA certification is recommended prior to attending the CWSP class. CWNA certification is required before taking the CWSP exam. It is recommended that all participants earn either the Security Certified Network Professional (SCNP) or CompTIA Security+ certification or have at least 12 months experience in a network security related field prior to enrolling in this course.
Hands-on Lab Exercises
These are the actual labs taught in the Wireless LAN Security Course:
> Packet Analysis and Spoofing
> Rogue Hardware and Default Settings
> RF Jamming and Data Flooding
> Information Theft
> Wireless Hijacking and DoS Attacks
> Access Point VPNs                                                                             
> EAP - Cisco® Wireless (LEAP)
> Layered Wireless Security
> Wireless Bridging Security
> 802.1x and EAP-TTLS
> SSH2 Tunneling and Local Port Redirection
> Scalable Wireless VPN Solutions