To speak to a training advisor please call
All Courses / IT Technical Networking Courses / Networking: Certified Wireless Security Professional plus Auditing WSA CWSP
  • 1FIND A COURSE

    Search for a training course using the search box above, or the quick links below. Once you have found the course you are looking for, click the course name. If you are not sure, select a course which you think closely matches your requirement and we can advise you later.

  • 2SELECT A DATE

    Once you are satisified this course meets your requirement - find a suitable date and location from the list on the right had side. Remember you can always change your mind later on - and if none are completely suitable, select the closest one. We will call you to discuss your requirement and you can tell us of your exact need then.

  • 3SEND ENQUIRY

    Fill out the enquiry form below and click Submit. This is not a commitment to buy. We check the details and get back to you regarding availability. You can discuss the requirements further, otherwise we will send you a quotation.

Networking: Certified Wireless Security Professional plus Auditing WSA CWSP

Overview

  • Based on the market-leading CWSP version 3 course.
  • Includes 6 hours of additional course material covering 802.11 wireless LAN security.

Incorporates five hours of additional, market-leading hands-on labs,

  • Implementing VLANs using Wireless LAN controllers and Cisco Catalyst layer-2 switches.
  • Implementing RADIUS authentication with Microsoft Internet Authentication Service (IAS).
  • Implementing dynamic, role-based VLANs using Microsoft IAS and other RADIUS servers.
  • Using Microsoft Certificate Services for Enterprise-strength authentication.
  • Implementing EAP-TLS, PEAP-MSCHAPv2 and PEAP-EAP-TLS using Microsoft IAS and Microsoft Certificate Services.
  • Implementing Enterprise authentication using 802.1x with EAP-TLS, EAP-TTLS and Protected EAP (PEAP) using Microsoft Windows Group Policy.

Related Topics

Related Courses

Audience

This course is designed for experienced networking professionals who wish to gain the critical skills needed to secure wireless networks

This course is appropriate for

  • All wireless network professionals
  • IT Security Professionals
  • Network Architects
  • Systems and Network Administrators
  • Systems and Network Engineers
  • Systems and Network Analysts
  • Final-line Technical Support staff
  • Technical Consultants Network Architects.

With the rapid increase in wireless LAN installations, all IT network and security professionals should now look to develop their knowledge and skills in wireless network security

Completing CWSP Training and Certification is the clearest way to demonstrate competence in 802.11 wireless network security

Skills Gained

On completing this course, delegates will be able to

  • Understand in-depth the vulnerabilities inherent in 802.11 wireless networks.
  • Demonstrate the risks of Packet Analysis and MAC address Spoofing.
  • Demonstrate the dangers of Rogue Hardware and Default Settings for WLAN equipment.
  • Demonstrate the effects of RF Jamming and Data Flooding, and describe how to counter these threats.
  • Demonstrate the susceptibility of wireless-enabled laptops to Peer attacks and corporate Information Theft.
  • Demonstrate the risks posed by Wireless Hijacking and Denial of Service (DoS) attacks.
  • Employ Laptop Analysers to analyse 802.11 network operation using industry-leading protocol analysis tools.
  • Implement Fast BSS Transitions (FT) between access points in an extended BSS.
  • Employ WEP effectively in situations for which WEP is appropriate.
  • Demonstrate the vulnerabilities of EAP - Cisco Wireless (LEAP) for secure wireless networking.
  • Upgrade current WLAN products and configure them to use Wi-Fi Protected Access (WPA) correctly.
  • Implement VLANs using Wireless LAN controllers and Cisco Catalyst layer-2 switches.
  • Implement dynamic, role-based VLANs using Microsoft IAS and other RADIUS servers.
  • Employ 802.1x with EAP-TLS, EAP-TTLS and Protected EAP (PEAP) for secure, mutual authentication.
  • Implement RADIUS authentication using Microsoft Internet Authentication Service (IAS).
  • Use X.509 Certificates for strong authentication using Microsoft Certificate Services.
  • Implement EAP-TLS, PEAP-MSCHAPv2 and PEAP-EAP-TLS using Microsoft IAS and Microsoft Certificate Services.
  • Employ an industry-leading Wireless Intrusion Prevention System (WIPS) for the detection and prevention of wireless network intrusions.
  • Design and write Wireless Security Policy into the Corporate IT Security Policy.
  • Incorporate a diverse range of advanced, vendor-neutral security solutions into corporate wireless networks.

Hands-on practical labs

This course incorporates unique hands-on practical labs that go far beyond those provided on other standard CWSP courses

The course features extensive hands-on practical labs, working with WLAN equipment from leading vendors, including Cisco Systems - Autonomous APs and Wireless LAN Controller (WLC)-based networks, Funk Software (RADIUS servers), WildPackets OminPeek, AirMagnet, AirDefense, and more

WLAN Controller Security

The WLAN controller is currently the center piece of 802.11 security. All other pieces of the WLAN security puzzle orbit around the WLAN controller. For this reason, gaining an in-depth understanding of how to secure access to the controller and how to use the controller to secure the WLAN is essential. This lab is focused on WLAN controller security, and primarily covers the following areas:

  • Secure access to the WLAN controller using secure management protocols
  • Configuring multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
  • Configuring the WLAN controller for RADIUS connectivity and authentication
  • Client station connectivity to the controller - including DHCP and browsing
  • Integrated rogue device discovery

Wireless Intrusion Prevention Systems (WIPS)

This lab is focused on Wireless Intrusion Prevention Systems (WIPS). WIPS are known for three overriding functions: security monitoring, performance monitoring, and reporting. In this lab exercise, we will focus only on security monitoring and reporting. Areas of particular interest include:

  • WIPS installation, licensing, adding/configuring sensors, and secure console connectivity
  • Configuration according to organizational policy
  • Properly classifying authorized, unauthorized, and external/interfering access points
  • Identifying and mitigating rogue devices
  • Identifying specific attacks against the authorized WLAN infrastructure or client stations

Using Laptop Analysers

This lab is focused on the use of laptop analyzers for spectrum analysis, protocol analysis, and WLAN discovery. Understanding driver issues, security-related protocol analysis (authentication and encryption), and spectrum analysis will aid the wireless security professional in policy compliance, proper implementation, and troubleshooting. The following steps will be covered in this lab exercise

  • Installing and configuring a WLAN discovery tool
  • Installing, licensing, and configuring a laptop protocol analyzer
  • Installing, licensing, and configuring a laptop spectrum analyzer
  • Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool
  • Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN protocol analyzer
  • Capturing and analyzing a WPA2-Personal authentication in a WLAN protocol analyzer
  • Capturing and analyzing a WPA2-Enterprise authentication in a WLAN protocol analyzer
  • Capturing and analyzing Hotspot authentication and data traffic in a WLAN protocol analyzer
  • Capturing and analyzing Beacons, Probe Requests, Probe Responses, and Association Requests with a WLAN protocol analyzer
  • Viewing a normal RF environment, a busy RF environment, and an RF attack on the WLAN in a spectrum analyzer

Fast BSS Transitions (FT)

This lab is focused on fast BSS transition (FT) within an Extended Service Set. Moving quickly and securely between access points attached to a single controller or multiple controllers is a requirement of real-time mobility devices such as wVoIP phones and mobile video devices. An in-depth understanding of the standards-based and proprietary processes of a WLAN infrastructure system's ability to deliver FT services means the difference between a successful deployment and a complete failure. The following steps will be covered in this lab exercise

  • Configure a WLAN infrastructure with two controllers and two APs per controller. Configure APs for specific power and channel settings
  • Install and configure a RADIUS server for PEAP
  • Configure both controllers and an authorized client device for PEAP authentication using the CCMP cipher suite
  • Configure an 802.11 protocol analyzer to capture on a specific channel
  • Using an 802.11 frame generator function, deauthenticate the authorized client station to force intra- and inter-controller roaming
  • Perform a slow BSS transition within a controller as a baseline
  • Enable FT mechanisms within controllers and the client station
  • Perform a fast BSS transition within a controller as a comparison
  • Perform a slow BSS transition between controllers as a baseline
  • Perform a fast BSS transition (if vendor FT mechanisms permit) between controllers as a comparison
  • Analysis of 802.11 network operation using industry-leading protocol analysis tools.
  • Implement Fast BSS Transitions (FT) between access points in an extended BSS.
  • Employ an industry-leading Wireless Intrusion Prevention System (WIPS) for the detection and prevention of wireless network intrusions.

Our additional, in-depth hands-on labs transform the standard CWSP, and include

  • Wi-Fi Packet Analysis and MAC address Spoofing.
  • Demonstrate the vulnerabilities of EAP - Cisco Wireless (LEAP) for secure wireless networking.
  • Rogue Hardware and Default Settings for WLAN equipment.
  • RF Jamming and Data Flooding
  • Peer-to-Peer attacks and corporate Information Theft.
  • Wireless Hijacking and Denial of Service (DoS).
  • Employing WEP.
  • Cracking WEP encryption - determining the WEP key and accessing WEP-encrypted user data.
  • Wireless Bridging Security - WPA-PSK.
  • Implementing VLANs using Wireless LAN controllers and Cisco Catalyst layer-2 switches.
  • Implementing dynamic, role-based VLANs using Microsoft IAS and other RADIUS servers.
  • Implementing RADIUS authentication with Microsoft Internet Authentication Service (IAS).
  • Using Microsoft Certificate Services.
  • Implementing EAP-TLS, PEAP-MSCHAPv2 and PEAP-EAP-TLS using Microsoft IAS and Microsoft Certificate Services.
  • Implementing 802.1x with EAP-TLS, EAP-TTLS and Protected EAP (PEAP) on Microsoft Windows XP using Group Policy.

Prerequisites

Delegates should have acquired CWNA certification prior to attending this course

PDF Download of the Outline for Networking: Certified Wireless Security Professional plus Auditing WSA CWSP Training Course

Reviews

 

Top Selling Brands


How to make a booking for the 616 course