Course Description
Wireless technology has become a major enabler for an increasingly mobile workforce and dynamic workplace environments. This technology creates opportunities for a variety of exploits including unauthorized access and message interception. Its low cost and widespread availability also presents the opportunity for employees and intruders to set up rouge access points that can undermine existing security safeguards in wired networks. In this state-of-the-art CyberSecurity/CyberAudit workshop, you will sort out the often-confusing array of current and emerging wireless technology protocols and examine their operational and security implications. You will get practical tips on how to best secure wireless applications and learn how to “wardrive” and audit wireless technology throughout your organization.
Learning Objectives
- Identify protocols, standards, and building blocks for 802.11 wireless technology
- Assess significant risks, including but not limited to: rogue access points, “evil twins”, wireless password cracking, denial of service
- Locate sources of industry best practices and regulatory requirements for the secure use of 802.11 CyberSecurity
- Gain familiarity with device management and CyberSecurity configuration options, including wireless controller architectures and lightweight access points
- Learn effective techniques for discovering, testing, and CyberAudit of 802.11 wireless networks
Course Outline
Wireless Network Protocols and Applications
- Business drivers for using wireless technology
- Wading through the IEEE 802.11 standards jungle and other WLAN protocols
- Pervasive CyberSecurity issues
Operating Characteristics of 802.11 Wireless LANs
- Wireless LAN terminology
- Fundamentals of radio frequency (wireless) based technology
- Operational configurations:
- Access point device roles
- Antennas and their impact on wireless performance, CyberSecurity, and CyberAudit procedures
- Broadcast and reception obstacles
- WLAN CyberSecurity application risks
- Home user versus commercial WLAN products
Wireless LAN Built-In CyberSecurity Features
- Supportive WLAN configuration features contributing to enhanced security
- First generation WLAN authentication and encryption CyberSecurity features/issues
- Recent WLAN CyberSecurity enhancements
- Wi-Fi alliance certification of wireless product compliance with WPA and WPA2 specifications
- Tools and techniques for CyberAudits of wireless LAN configurations
Centralized and Decentralized Methods for Securing Wireless CyberSecurity
- Sorting through the multitude of enterprise authentication choices
- Extending your network DMZ to secure wireless LAN connectivity
- Wireless intrusion detection systems
- Protecting the mobile/remote wireless client workstation
- Centralized WLAN management
Methods for Detecting and Auditing Rogue Access Points and other Wireless Backdoors
- Defining wireless CyberSpace discovery and audit objectives
- Free and commercial tools for wireless detection of rogue and authorized WLANs
- Ensuring proper detection capabilities for wireless device detection procedures
- Use of GPS and network management tools for locating detecting rogue wireless devices
- Using wired CyberSecurity scanning tools to detect unauthorized wireless devices connected to your network
Additional Information
Who Should Attend
IT Auditors
Information Security Managers, Analysts, and Architects
IT Management
IT Architects
Network Engineers
Consultants
Advanced
Delivery
Group Live or Group Internet-Based
Field
Auditing
Advanced Preparation
None
Recommended Prerequisites
Simplifying Audits of CyberSecurity (CY10) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.
Session Duration
On Site: Lecture: 1 day
CPE Credits: Lecture: 8