Introduction
If you have purchased this book or if you are even thinking about purchasing this book, you probably have some interest in taking the CWSP® (Certified Wireless Security Professional) certification exam or in learning what the CWSP certification exam is about. The authors would like to congratulate you on this first step, and we hope that our book can help you on your journey. Wireless local area networking (WLAN) is currently one of the hottest technologies on the market. Security is an important and mandatory aspect of 802.11 wireless technology. As with many fast-growing technologies, the demand for knowledgeable people is often greater than the supply. The CWSP certification is one way to prove that you have the knowledge and skills to secure 802.11 wireless networks successfully. This study guide is written with that goal in mind.
This book is designed to teach you about WLAN security so that you have the knowledge needed not only to pass the CWSP certification test, but also to be able to design, install, and support wireless networks. We have included review questions at the end of each chapter to help you test your knowledge and prepare for the exam. Extra training resources such as lab materials and presentations are available for download from the book’s online resource area, which can be accessed at www.wiley.com/go/sybextestprep.
Before we tell you about the certification process and its requirements, we must mention that this information may have changed by the time you are taking your test. We recommend that you visit www.cwnp.com as you prepare to study for your test to check out the current objectives and requirements.
WARNING
Don’t just study the questions and answers! The questions on the actual exam will be different from the practice questions included in this book. The exam is designed to test your knowledge of a concept or objective, so use this book to learn the objectives behind the questions.
About CWSP® and CWNP®
If you have ever prepared to take a certification test for a technology with which you are unfamiliar, you know that you are not only studying to learn a different technology, but you are also probably learning about an industry with which you are unfamiliar. Read on and we will tell you about the CWNP Program. CWNP is an abbreviation for Certified Wireless Network Professional. There is no CWNP test. The CWNP Program develops courseware and certification exams for wireless LAN technologies in the computer networking industry. The CWNP Program certification path is vendor-neutral.
The objective of the CWNP Program is to certify people on wireless networking, not on a specific vendor’s product. Yes, at times the authors of this book and the creators of the certification will talk about or even demonstrate how to use a specific product; however, the goal is the overall understanding of wireless technology, not the product itself. If you learned to drive a car, you physically had to sit and practice in one. When you think back and reminisce, you probably do not tell anyone that you learned to drive a Ford; you probably say you learned to drive using a Ford.
There are seven wireless certifications offered by the CWNP Program:
CWTS™: Certified Wireless Technology Specialist The CWTS certification is an entry-level certification for sales professionals, project managers, and networkers who are new to enterprise Wi-Fi. This certification is geared specifically toward both WLAN sales and support staff for the enterprise WLAN industry. The CWTS certification exam (PW0-071) verifies that sales and support staffs are specialists in WLAN technology and have all the fundamental knowledge, tools, and terminology to sell and support WLAN technologies more effectively.
CWNA®: Certified Wireless Network Administrator The CWNA certification is a foundation-level Wi-Fi certification; however, it is not considered an entry-level technology certification. Individuals taking this exam (CWNA-106) typically have a solid grasp on network basics such as the OSI model, IP addressing, PC hardware, and network operating systems. Many candidates already hold other industry-recognized certifications, such as the CompTIA Network+ or Cisco CCNA, and are looking for the CWNA certification to enhance or complement existing skills.
CWSP®: Certified Wireless Security Professional The CWSP certification exam (CWSP-205) is focused on standards-based wireless security protocols, security policy, and secure wireless network design. This certification introduces candidates to many of the technologies and techniques that intruders use to compromise wireless networks and that administrators use to protect wireless networks. With recent advances in wireless security, WLANs can be secured beyond their wired counterparts.
CWAP®: Certified Wireless Analyst Professional The CWAP certification exam (CWAP-402) is a professional-level career certification for networkers who are already CWNA certified and have a thorough understanding of RF technologies and applications of 802.11 networks. This certification provides an in-depth look at 802.11 operations and prepares WLAN professionals to be able to perform, interpret, and understand wireless packet and spectrum analysis.
CWDP®: Certified Wireless Design Professional The CWDP certification exam (CWDP-302) is a professional-level career certification for networkers who are already CWNA certified and have a thorough understanding of RF technologies and applications of 802.11 networks. This certification prepares WLAN professionals to properly design wireless LANs for different applications to perform optimally in different environments.
CWNE®: Certified Wireless Network Expert The CWNE certification is the highest-level certification in the CWNP program. By successfully completing the CWNE requirements, you will have demonstrated that you have the most advanced skills available in today’s wireless LAN market. The CWNE certification requires CWNA, CWAP, CWDP, and CWAP certifications. To earn the CWNE certification, a rigorous application must be submitted and approved by CWNP’s review team.
CWNT®: Certified Wireless Network Trainer Certified Wireless Network Trainers are qualified instructors certified by the CWNP program to deliver CWNP training courses to IT professionals. CWNTs are technical and instructional experts in wireless technologies, products, and solutions. To ensure a superior learning experience for our customers, CWNP Education Partners are required to use CWNTs when delivering training using official CWNP courseware. More information about becoming a CWNT is available on the CWNP website.
How to Become a CWSP
To become a CWSP, you must do the following three things:
Agree that you have read and will abide by the terms and conditions of the CWNP Confidentiality Agreement.
Pass the CWNA certification exam.
Pass the CWSP certification exam.
The CWNA certification is a prerequisite for the CWSP certification. If you have purchased this book, there is a good chance that you have already passed the CWNA exam and are now ready to move to the next level of certification and plan to study and pass the CWSP exam.
WARNING
A copy of the CWNP Confidentiality Agreement can be found online at the CWNP website.
When you sit to take any CWNP exam, you will be required to accept this confidentiality agreement before you can continue with the exam. Once you have agreed, you will be able to continue.
The information for the CWNA exam is as follows:
Exam Name: Certified Wireless Network Administrator
Exam Number: CWNA-106
Cost: $175.00 (in U.S. dollars)
Duration: 90 minutes
Questions: 60
Question Types: Multiple choice/multiple answer
Passing Score: 70% (80% for instructors)
Available Languages: English
Availability: Register at Pearson VUE (www.vue.com/cwnp)
The information for the CWSP exam is as follows:
Exam Name: Certified Wireless Security Professional
Exam Number: CWSP-205
Cost: $225.00 (in U.S. dollars)
Duration: 90 minutes
Questions: 60
Question Types: Multiple choice/multiple answer
Passing Score: 70% (80% for instructors)
Available Languages: English
Availability: Register at Pearson VUE (www.vue.com/cwnp)
When you schedule the exam, you will receive instructions regarding appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you will receive a registration and payment confirmation letter. Exams can be scheduled weeks in advance or, in some cases, even as late as the same day.
After you have successfully completed the CWSP certification requirements, the CWNP Program will award you the CWSP certification, which is good for three years. To recertify, you will need to pass the current CWSP-205 exam or earn the CWNE certification. If the information you provided the testing center with is correct, you will receive an email from CWNP recognizing your accomplishment and providing you with a CWNP certification number. After you earn any CWNP certification, you can purchase a certification kit from the CWNP website.
Who Should Read This Book?
If you want to acquire a solid foundation in WLAN security and your goal is to prepare for the exam, this book is for you. You will find clear explanations of the concepts you need to grasp and plenty of help to achieve the high level of professional competency you need in order to succeed.
If you want to become certified as a CWSP, this book is definitely what you need. However, if you just want to attempt to pass the exam without really understanding WLAN security, this study guide is not for you. It is written for people who want to acquire hands-on skills and in-depth knowledge of wireless networking security.
How to Use This Book
We have included several testing features in the book and via the publisher’s website www.wiley.com/go/sybextestprep.
These tools will help you retain vital exam content as well as prepare you to sit for the actual exam:
Before You Begin At the beginning of the book (right after this introduction) is an assessment test you can use to check your readiness for the exam. Take this test before you start reading the book; it will help you determine the areas in which you may need to brush up. The answers to the assessment test appear on a separate page after the last question of the test. Each answer includes an explanation and a note telling you the chapter in which the material appears.
Chapter Review Questions To test your knowledge as you progress through the book, there are review questions at the end of each chapter. As you finish each chapter, answer the review questions and then check your answers; the correct answers appear in Appendix A at the end of the book. You can go back and reread the section that deals with each question you answered wrong to ensure that you answer correctly the next time you are tested on the material.
Interactive Online Learning Environment and Test Bank The interactive online learning environment that accompanies CWSP: Certified Wireless Security Professional Study Guide provides a test bank with study tools to help you prepare for the certification exam—and increase your chances of passing it the first time! The test bank includes the following:
Sample Tests All of the questions in this book are provided: the assessment test, which you will find at the end of this introduction, and the chapter tests that include the review questions at the end of each chapter. In addition, there are two practice exams. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.
Flashcards Questions are provided in digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.
Go to www.wiley.com/go/sybextestprep to register and gain access to this interactive online learning environment and test bank with study tools.
Hands-on Exercises Several chapters in this book have exercises that use files that are also provided on the Sybex website. These hands-on exercises will provide you with a broader learning experience by providing hands-on experience and step-by-step problem solving. To get these files go to www.sybex.com and search for the book by title or ISBN.
Exam Objectives
The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those weaknesses, and the steps necessary to implement a secure and manageable WLAN in an enterprise environment. Exam CWSP-205 is required to earn the CWSP certification.
The skills and knowledge measured by this examination are derived from a survey of wireless networking experts from around the world. The results of this survey were used in weighing the subject areas and ensuring that the weighting is representative of the relative importance of the content.
The following chart provides the breakdown of the weight of each section of the exam.
Wireless LAN Security Subject Area |
% of Exam |
Wireless Network Attacks and Threat Assessment |
20% |
Security Policy |
5% |
Wireless LAN Security Design and Architecture |
50% |
Monitoring and Management |
25% |
Total |
100% |
1.0 Wireless Network Attacks and Threat Assessment – 20%
1.1 Describe general network attacks common to wired and wireless networks, including DoS, phishing, protocol weaknesses and configuration error exploits.
1.2 Recognize common attacks and describe their impact on WLANs, including PHY and MAC DoS, hijacking, unauthorized protocol analysis and eavesdropping, social engineering, man-in-the-middle, authentication and encryption cracks and rogue hardware.
1.3 Execute the preventative measures required for common vulnerabilities on wireless infrastructure devices, including weak/default passwords on wireless infrastructure equipment and misconfiguration of wireless infrastructure devices by administrative staff.
1.4 Describe and perform risk analysis and risk mitigation procedures, including asset management, risk ratings, loss expectancy calculations and risk management planning.
1.5 Explain and demonstrate the security vulnerabilities associated with public access or other unsecured wireless networks, including the use of a WLAN for spam transmission, malware injection, information theft, peer-to-peer attacks and Internet attacks.
2.0 Security Policy – 5%
2.1 Explain the purpose and goals of security policies including password policies, acceptable use policies, WLAN access policies, personal device policies, device management (APs, infrastructure devices and clients) and security awareness training for users and administrators.
2.2 Summarize the security policy criteria related to wireless public access network use including user risks related to unsecured access and provider liability.
2.3 Describe how devices and technology used from outside an organization can impact the security of the corporate network including topics like BYOD, social networking and general MDM practices.
3.0 Wireless LAN Security Design and Architecture – 50%
3.1 Describe how wireless network security solutions may vary for different wireless network implementations including small businesses, home offices, large enterprises, public networks and remote access.
3.2 Understand and explain 802.11 Authentication and Key Management (AKM) components and processes including encryption keys, handshakes and preshared key management.
3.3 Define and differentiate among the 802.11-defined secure networks, including pre-RSNA security, Transition Security Networks (TSN) and Robust Security Networks (RSN) and explain the relationship of these networks to terms including RSNA, WPA and WPA2.
3.4 Identify the purpose and characteristics of IEEE 802.1X and EAP and the processes used including EAP types (PEAP, EAP-TLS, EAP-TTLS, EAP-FAST and EAP-SIM), AAA servers (RADIUS) and certificate management.
3.5 Recognize and understand the common uses of VPNs in wireless networks, including remote APs, VPN client access, WLAN controllers and cloud architectures.
3.6 Describe centrally-managed client-side security applications, including VPN client software and policies, personal firewall software, mobile device management (MDM) and wireless client utility software.
3.7 Describe and demonstrate the use of secure infrastructure management protocols, including HTTPS, SNMP, secure FTP protocols, SCP and SSH.
3.8 Explain the role, importance, and limiting factors of VLANs and network segmentation in an 802.11 WLAN infrastructure.
3.9 Understand additional security features in WLAN infrastructure and access devices, including management frame protection, Role-Based Access Control (RBAC), Fast BSS transition (preauthentication and OKC), physical security methods and Network Access Control (NAC).
3.10 Explain the purpose, methodology, features, and configuration of guest access networks and BYOD support, including segmentation, guest management, captive portal authentication and device management.
4.0 Monitoring, Management, and Tracking – 25%
4.1 Explain the importance of ongoing WLAN monitoring and the necessary tools and processes used as well as the importance of WLAN security audits and compliance reports.
4.2 Understand how to use protocol and spectrum analyzers to effectively evaluate secure wireless networks including 802.1X authentication troubleshooting, location of rogue security devices and identification of non-compliant devices.
4.3 Understand the common features and components of a Wireless Intrusion Prevention Systems (WIPS) and how they are used in relation to performance, protocol, spectrum and security analysis.
4.4 Describe the different types of WLAN management systems and their features, including network discovery, configuration management, firmware management, audit management, policy enforcement, rogue detection, network monitoring, user monitoring, event alarms and event notifications.
4.5 Describe and implement compliance monitoring, enforcement, and reporting. Topics include industry requirements, such as PCI-DSS and HIPAA, and general government regulations.
CWSP Terminology
In addition to the preceding objectives, the following security specialty terms should be clearly understood by CWSP-205 exam candidates:
802.11r
802.11w
802.1X
Access Control List (ACL)
Access Point (AP)
Advanced Encryption Standard (AES)
Alarms
Asymmetric Encryption
Authentication
Authentication and Key Management (AKM)
Authentication Header (AH)
Authentication Server
Authentication, Authorization, and Accounting (AAA)
Authenticator
Authorization
Availability
Bring Your Own Device (BYOD)
Certificate Authority (CA)
Compliance
Confidentiality
Counter-Mode/CBC Mac Protocol (CCMP)
Denial of Service (DoS)
Discovery
Distributed DoS (DDoS)
EAP Flexible Authentication via Secure
Tunneling (EAP-FAST)
EAP Subscriber Identity Module (EAP-SIM)
EAP Transport Layer Security (EAP-TLS)
EAP Tunneled TLS (EAP-TTLS)
Eavesdropping
Encapsulated Security Payload (ESP)
Encryption
Evil Twin
Extensible Authentication Protocol (EAP)
Fast Basic Service Set (BSS) Transition
File Transfer Protocol (FTP)
Firewall
Firmware
Hashing
Health Insurance Portability and
Accountability Act (HIPAA)
Hijacking
Hypertext Transfer Protocol over SSL (HTTPS)
Infrastructure
Integrity
Interference
Internet Protocol (IP)
Intrusion Detection System (IDS)
IP Security (IPSec)
Lightweight EAP (LEAP)
Location-Based Access Control (LBAC)
MAC Filter
Malware
Man-in-the-middle
Medium Access Control (MAC)
Mobile Device Management (MDM)
Network Access Control (NAC)
Notifications
Opportunistic Key Caching (OKC)
Payment Card Industry (PCI) Data Security
Standard (DSS)
Peer-to-Peer
Phishing
Physical Layer (PHY)
Policy
Pre-authentication
Private Key
Protected EAP (PEAP)
Protocol analysis
Public Key
Public Key Infrastructure (PKI)
RADIUS (Remote Authentication Dial-In User Service)
Risk
Rivest Cipher 4 (RC4)
Robust Security Network (RSN)
Rogue
Role-Based Access Control (RBAC)
Secure Copy (SCP)
Secure FTP (SFTP)
Secure Shell (SSH)
Secure Sockets Layer (SSL)
Service Level Agreement (SLA)
Simple Network Management Protocol (SNMP)
Social Engineering
Spam
Spectrum analysis
Supplicant
Symmetric Encryption
Temporal Key Integrity Protocol (TKIP)
TACACS/TACACS+
Threat
Transition Security Network (TSN)
Virtual Local Area Network (VLAN)
Virtual Private Network (VPN)
Vulnerability
War Driving
Wi-Fi Protected Access (WPA)
Wi-Fi Protected Access v2 (WPA2)
Wi-Fi Protected Setup (WPS)
Wired Equivalent Privacy (WEP)
Wireless Intrusion Prevention System (WISP)
Wireless Local Area Network (WLAN)
Tips for Taking the CWSP Exam
Here are some general tips for taking your exam successfully:
Bring two forms of ID with you. One must be a photo ID, such as a driver’s license. The other can be a major credit card or a passport. Both forms must include a signature.
Arrive early at the exam center so you can relax and review your study materials, particularly tables and lists of exam-related information.
Read the questions carefully. Do not be tempted to jump to an early conclusion. Make sure you know exactly what the question is asking.
Many of the questions will be real-world scenarios. Scenario questions usually take longer to read and often have many distracters. There may be several correct answers to the scenario questions; however, you will be asked to choose the correct answer that best fits the presented scenario.
All questions will be multiple-choice with a single correct answer.
Do not spend too much time on one question. This is a form-based test; however, you cannot move backward through the exam. You must answer the current question before you can move to the next question, and once you have moved to the next question, you cannot go back and change your answer to a previous question.
Keep track of your time. Since this is a 90-minute test consisting of 60 questions, you have an average of 90 seconds to answer each question. You can spend as much or as little time on any one question, but when the 90 minutes is up, the test is over. Check your progress. After 45 minutes, you should have answered at least 30 questions. If you have not, do not panic. You will simply need to answer the remaining questions at a faster pace. If on average you can answer each of the remaining 30 questions 4 seconds quicker, you will recover 2 minutes. Again, do not panic; just pace yourself.
For the latest pricing on the exams and updates to the registration procedures, visit CWNP’s website at www.cwnp.com.