Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Wireless technology has become a major enabler for an increasingly mobile workforce and dynamic workplace environments. This technology creates opportunities for a variety of exploits including unauthorized access and message interception. Its low cost and widespread availability also presents the opportunity for employees and intruders to set up rouge access points that can undermine existing security safeguards in wired networks. In this state-of-the-art CyberSecurity/CyberAudit workshop, you will sort out the often-confusing array of current and emerging wireless technology protocols and examine their operational and security implications. You will get practical tips on how to best secure wireless applications and learn how to “wardrive” and audit wireless technology throughout your organization.

Learning Objectives

  • Identify protocols, standards, and building blocks for 802.11 wireless technology
  • Assess significant risks, including but not limited to: rogue access points, “evil twins”, wireless password cracking, denial of service
  • Locate sources of industry best practices and regulatory requirements for the secure use of 802.11 CyberSecurity
  • Gain familiarity with device management and CyberSecurity configuration options, including wireless controller architectures and lightweight access points
  • Learn effective techniques for discovering, testing, and CyberAudit 802.11 wireless networks

Course Outline

Wireless Network Protocols and Applications

  • Business drivers for using wireless technology
  • Wading through the IEEE 802.11 standards jungle and other WLAN protocols
  • Pervasive CyberSecurity issues

Operating Characteristics of 802.11 Wireless LANs

  • Wireless LAN terminology
  • Fundamentals of radio frequency (wireless) based technology
  • Operational configurations:
    • Access point device roles
    • Antennas and their impact on wireless performance, CyberSecurity, and CyberAudit procedures
    • Broadcast and reception obstacles
    • WLAN CyberSecurity application risks
    • Home user versus commercial WLAN products

Wireless LAN Built-In CyberSecurity Features

  • WLAN configuration features contributing to better security
  • First generation WLAN authentication and encryption CyberSecurity features/issues
  • Recent WLAN CyberSecurity enhancements
  • Wi-Fi alliance certification of wireless product compliance with WPA and WPA2 specifications
  • Tools and techniques for CyberAudits of wireless LAN configurations

Centralized and Decentralized Methods for Securing WirelessCyberSecurity

  • Sorting through the multitude of EAP CyberSecurity choices
  • Extending your network DMZ to secure wireless LAN connectivity
  • Wireless intrusion detection systems
  • Protecting the mobile/remote wireless client workstation
  • Centralized WLAN management

Methods for Detecting and Auditing Rogue Access Points and other Wireless Backdoors

  • Defining wireless CyberSpace discovery and audit objectives
  • Free and commercial tools for wireless detection of rogue and authorized WLANs
  • Ensuring proper detection capabilities for wireless device detection procedures
  • Use of GPS and network management tools for locating detecting rogue wireless devices
  • Using wired CyberSecurity scanning tools to detect unauthorized wireless devices connected to your network

Additional Information

Who Should Attend

IT Auditors
Information Security Managers, Analysts, and Architects
IT Management
IT Architects
Network Engineers
Consultants

Advanced

Delivery

Group-Live

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

Simplifying Audits of CyberSecurity (CY10) /em> or equivalent training. A basic understanding of IT audit controls and terminology is assumed.

Session Duration

Online: N/A

On Site: Lecture: 2 days; Hands-on: 3 days

CPE Credits: Lecture: 16; Hands-on: 24