Introduction:
Wireless networks are expanding at a dramatic rate. As organizations provide
greater mobility to their users, the risk of threats to information assurance
grows and the need for secure networks becomes of paramount concern.
In this course, you gain the skills to defend against attacks and maintain
security within your wireless network. You learn to detect weakness in
your existing network, and design and configure a cost-effective security
solution.
Learning Objectives:
- Secure wireless networks against threats and attacks
- Analyze and react to wireless denial-of-service (DoS) attacks
- Encrypt your traffic for privacy and authenticity
- Implement WPA and the 802.11i security standards to protect your Wi-Fi
network
- Leverage 802.1X and EAP authentication within an enterprise WLAN
- Create a secure roaming infrastructure
- Employ wireless intrusion detection systems (WIDS)
This course is valuable for anyone who manages, operates, audits
or implements secure networks.
Hands-On-Training:
You gain hands-on experience securing a wireless network. Exercises include:
- Discovering and sniffing WLANs
- Conducting DoS attacks
- Decoding and analyzing 802.11 frames
- Cracking WEP keys
- Configuring WPA on APs and clients
- Setting up 802.1X authentication
- Installing and presenting digital certificates to a RADIUS server
- Comparing and contrasting EAP-TLS and PEAP
- Deploying wireless IDS
- Roaming in a secure environment
Course Contents
Wireless Security Technologies
Security requirements
- Availability
- Confidentiality
- Data integrity
- Authenticity
WLAN operation and standards
- 802.11 (Wi-Fi) standards: .11a, .11b, .11g, .11i, .11e, .11n
- Discovering WLANs using NetStumbler and AirMagnet
- Intercepting Wi-Fi traffic
- Infrastructure models and roaming
Surveying other wireless technologies
- Bluetooth WPANs (802.15)
- WiMAX WWANs (802.16)
Responding to DOS Attacks
Jamming and RF interference
- Identifying interference sources
- Malicious and inadvertent interference
802.11 protocol attacks
- Exploiting the Collision Avoidance (CA) mechanism
- Forcing client de-authentication
Encrypting For Privacy and Authenticity
Contrasting encryption techniques
- Public and secret key cryptography
- Symmetric vs. asymmetric algorithms
- RC4
- AES
- RSA
Guaranteeing message integrity
- Hashing with MD5 and SHA
- Protecting data with digital signatures
Authenticating with digital certificates
- Verifying key ownership
- Chains of authority
Securing WI-FI with WPA
WEP authentication and encryption
- Comparing Open and Shared-Key authentication
- Calculating & checking integrity with ICV
- Encrypting with RC4's pseudorandom number generator (PRNG)
Exposing WEP flaws
- Weak initialization vectors (IVs)
- Dictionary attacks
- Static keys
Providing security with WPA
- Retaining existing hardware
- Correcting WEP deficiencies
- Deploying pre-shared key (PSK) authentication
Ensuring privacy with WPA
- 802.11i key hierarchies
- Rolling keys dynamically with TKIP
- Verifying message integrity with MIC
802.1X Authentication and CCMP
Leveraging the 802.1X standard
- Incorporating EAP messaging techniques
- Transporting EAP messages with RADIUS and EAPOL
Choosing EAP implementations
Extending WPA to create a robust secure network (RSN)
- Encrypting traffic with AES-CCMP
- Counter mode and CBC-MAC integrity protection in a single operation
Creating Secure WLAN Topologies
Designing the wireless security landscape
- Defining the trusted boundary
- Centralized vs. distributed control
- Enforcing access controls
- Establishing user credentials
Configuring security for roaming
- Maintaining security contexts
- 802.11i pre-authentication
- Roaming in a VPN environment
Monitoring and Auditing WLANS
- Wireless intrusion detection systems (WIDS)
- Creating wireless signatures
- Detecting rogue access points
- Monitoring access attempts
- Generating audit trails
| 
