wireless LAN security training

   
Course Name: Wireless LAN Security Training
   
Deployment Options: Onsite - Instructor-Led Training
   
Course Duration: 3-4 days depending on audience background and options.

Introduction:
 
The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This course is based on real world examples, solutions, and deployments. All material is developed and taught by individuals with extensive experience in wireless security research.
 
Audience:
 
This course targets experienced networking professionals who wish to gain critical skills in wireless networking security, including how hackers attack networks and the means for preventing them from doing so. With the burgeoning growth of wireless LAN installations, all IT professionals must become knowledgeable about security - wireless security in particular

System, network and security administrators. Individuals or organizations interested in new prevention, detection, or incident response technologies. University, government, or military
 
Customize it:
 
This 3-4-day course will be customized to your needs and specifications. Eno.com will assist you in identifying those needs and specifications. A word to the wise, there are many vendors of wireless training. They will typically have a broad and general course, one size fits all, already developed and just put your organization’s name on the title slide. This minimizes their effort and time investment. At Eno.com, every course is made to your exact and exacting specifications. We help you ensure what you are getting is what you really need even if at the beginning you weren’t too sure of what that was. We fit the class to your needs. We never fit you into our “standard”, one size fits all, class.
 
Course Aim:
 
  • Understanding 802.11 Security Threats
  • Security Management, Wireless LAN Intrusion and Policy
  • Overview of security software and protocols for wireless LANs
  • Exploring of the security weaknesses of and threats to wireless LANs
  • Overview of implementation of the best and latest security techniques and mechanisms
  • Implementation of WEP, WPA, WPA2, 802.11i and 802.1x

Course Outline
 

Wireless LANs Security Basics

  • Why Is 802.11 Vulnerable to Attack?
  • Risk Assessment
  • Intermediate Security Measures
  • Radio Transmission
  • Inherent Insecurity
  • 802.11, 802.11a, 802.11b and 802.11g
  • Ad Hoc vs. Infrastructure Mode
  • Wired Equivalent Privacy (WEP)
  • 64-bit and 128-bit WEP encryption
  • WEP and RC4 stream cipher
  • Initialization vector (IV)
  • 802.1x
  • EAP Authentication Types
  • LEAP Authentication
  • Other Authentication Methods
  • Transportation Layer Security
  • A Comparison of Security Methods
  • Wi-Fi Protected Access (WPA)
  • 802.11i

Wireless LANs Attacks and Risks

  • An Example Network
  • Denial-of-Service Attacks
  • Wireless Risks
  • Threat Analysis & Hacking
  • Methodology
  • Classification of Attacks
  • Attacks Without Keys
  • Snooping
  • Man-in-the-Middle Attack (Modification)
  • Attacks on the Keys
  • One-time Passwords
  • Burying the Keys
  • Wireless Attacks
  • Attacking the Keys Through Brute Force
  • Dictionary Attacks (Dictionary-Building or Table Attacks)
  • Algorithmic Attacks
  • Target profiling
  • Physical security
  • Social engineering
  • Wireless bridges
  • Sniffing and stealing
  • Malicious data insertion
  • Denial of Service (DoS)
  • Peer-to-peer hacking
  • Unauthorized control

Maximizing Wireless Security

  • Common Sense Solutions
  • WEP
  • WPA
  • WPA2
  • 802.11i
  • 802.1x
  • Components of WPA
  • WPA Algorithms
  • WPA Pre-Shared Key
  • WPA RADIUS
  • WPA2 (Wi-Fi Protected Access 2) Security
  • WPA and WPA2
  • IEEE 802.11i (RSN) – Enhanced Wireless Security
  • TKIP
  • AES
  • 802.11i vs. WPA2
  • 802.1x Authentication and 802.11i
  • EAP-PEAP-LEAP
  • EAP-TLS
  • EAP-TTLS
  • VPN over 802.11

Rudimentary security measures

  • SSID
  • MAC filters
  • Static WEP
  • Default configurations
  • Firmware upgrades
  • Physical security
  • Periodic inventory

Station Security

  • Client Security Goals
  • Audit Logging
  • Security Updates
  • FreeBSD Station Security
  • Linux Station Security
  • OpenBSD Station Security
  • Mac OS X Station Security
  • Windows Station Security
  • Access Point Security
  • Setting Up an Access Point
  • General Access Point Security
  • Up a Linux Access Point
  • Setting Up a FreeBSD Access Point
  • Setting Up an OpenBSD Access Point

Gateway Security

  • Gateway Architecture
  • Secure Installation
  • Firewall Rule Creation
  • Rate Limiting
  • DHCP
  • DNS
  • Static ARP
  • Auditing
  • Authentication and Encryption
  • Portals
  • IPsec VPN
  • IEEE 802.1X – Port Based Network Access Control

Intermediate Security Measures

  • Rogue equipment
  • Cell sizing
  • Protocol filters
  • SNMP
  • Discovery protocols
  • Wireless segment configuration
  • Remove vulnerabilities
  • Client security
  • IP Services

Advanced Security Measures

  • Wireless security policy
  • Authentication & encryption
  • Wireless DMZ and VLANs
  • Audits
  • Authenticated DHCP
  • Traffic patterns
  • Wireless LAN Auditing Tools
  • Discovery tools
  • Password crackers
  • Share enumerators
  • Network management and control
  • Wireless protocol analyzers
  • Manufacturer defaults
  • Password sniffers
  • Antennas and WLAN equipment
  • OS fingerprinting and port scanning
  • Application sniffers
  • Networking utilities
  • Network discovery and management
  • Hijacking users
  • Jamming tools
  • WEP crackers
  • Operating system defaults

Hardware & Software Solutions

  • RADIUS with AAA Support
  • RADIUS Details
  • Kerberos
  • Static and Dynamic WEP and
  • TKIP
  • 802.1x
  • 802.1X Key Management
  • PMK, GMK, PTK, GTK, KCK, and KEK
  • Extensible Authentication Protocol (EAP)
  • VPNs
  • Encryption Schemes
  • Routers
  • Switch-Routers
  • Firewalls
  • MobileIP VPN Solutions
  • Enterprise Wireless Gateways
  • Switches, VLANs, & Hubs
  • SSH2 Tunneling & Port

Prevention & Countermeasures

  • 802.1x
  • 802.11i
  • TKIP
  • AES
  • CCM block diagram
  • Intrusion detection
  • WEP attacks
  • WEP key recovery
  • Weaknesses in the Key Scheduling Algorithm for RC4
  • WPA and WPA attacks
  • 801.11i attacks
  • 802.1x attacks

Implementation and Management

  • Design and implementation
  • Equipment configuration and placement
  • Interoperability and layering
  • Security management
  • Policy

Wireless LAN Auditing Tools

  • Discovery tools
  • Password crackers
  • Share enumerators
  • Wireless protocol analyzers
  • Manufacturer defaults
  • Password sniffers
  • Antennas and WLAN equipment
  • OS fingerprinting and port scanning
  • Application sniffers
  • Networking utilities
  • Network discovery and management
  • Hijacking users
  • RF Jamming and Dataflooding tools
  • WEP crackers
 
 

For organizational purchases, please send us a message at salesinfo@eno.com or complete and submit this form .

 
Other Expertise:
 
 

Copyright E and A Information Services. All Rights Reserved.
Home About ENO.Com Clients Site Map Press Room Contact Us at 1-888-742-3214 CustomerService Search Consulting Onsite Training Course Catalog Partners Resources Products and Services Solution by Industry Request Information Shopping Center Customer Service About Eno.Com Careers at ENO.com Legal Notices Privacy Policy