Contents

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

Contents at a Glance

Table of Exercises

Contents

Assessment Test

Chapter 1 WLAN Security Overview

Standards Organizations

International Organization for Standardization (ISO)

Institute of Electrical and Electronics Engineers (IEEE)

Internet Engineering Task Force (IETF)

802.11 Networking Basics

802.11 Security Basics

Authentication, Authorization, Accounting (AAA)

802.11 Security History

802.11i Security Amendment and WPA Certifications

Robust Security Network (RSN)

Exam Essentials

Review Questions

Chapter 2 Legacy 802.11 Security

Open System Authentication

Shared Key Authentication

Wired Equivalent Privacy (WEP) Encryption

Virtual Private Networks (VPNs)

Point-to-Point Tunneling Protocol (PPTP)

Layer 2 Tunneling Protocol (L2TP)

Internet Protocol Security (IPsec)

Secure Sockets Layer (SSL)

VPN Configuration Complexity

VPN Scalability

SSID Segmentation

Exam Essentials

Review Questions

Chapter 3 Encryption Ciphers and Methods

Encryption Basics

Symmetric and Asymmetric Algorithms

Stream and Block Ciphers

WLAN Encryption Methods

Future Encryption Methods

Proprietary Layer 2 Implementations

Exam Essentials

Review Questions

Chapter 4 802.1X/EAP Authentication

WLAN Authentication Overview

Authentication Server

Supplicant Credentials

Usernames and Passwords

Digital Certificates

Protected Access Credentials (PACs)

One-Time Passwords

Smart Cards and USB Tokens

Machine Authentication

802.1X/EAP and Certificates

Server Certificates and Root CA Certificates

Client Certificates

Legacy Authentication Protocols

Weak EAP Protocols

Strong EAP Protocols

Miscellaneous EAP Protocols

Exam Essentials

Review Questions

Chapter 5 802.11 Layer 2 Dynamic Encryption Key Generation

Advantages of Dynamic Encryption

Robust Security Network (RSN)

RSN Information Element

Authentication and Key Management (AKM)

RSNA Key Hierarchy

4-Way Handshake

Group Key Handshake

PeerKey Handshake

TDLS Peer Key Handshake

RSNA Security Associations

Passphrase-to-PSK Mapping

Roaming and Dynamic Keys

Exam Essentials

Review Questions

Chapter 6 PSK Authentication

WPA/WPA2-Personal

Preshared Keys (PSK) and Passphrases

WPA/WPA2-Personal Risks

Proprietary PSK

Simultaneous Authentication of Equals (SAE)

Exam Essentials

Review Questions

Chapter 7 802.11 Fast Secure Roaming

History of 802.11 Roaming

Client Roaming Thresholds

AP-to-AP Handoff

Preauthentication

Opportunistic Key Caching (OKC)

Proprietary FSR

Fast BSS Transition (FT)

Information Elements

FT Initial Mobility Domain Association

Over-the-Air Fast BSS Transition

Over-the-DS Fast BSS Transition

Voice Enterprise

Layer 3 Roaming

Troubleshooting

Exam Essentials

Review Questions

Chapter 8 WLAN Security Infrastructure

802.11 Services

Integration Service (IS)

Distribution System (DS)

Management, Control, and Data Planes

Management Plane

WLAN Architecture

Autonomous WLAN Architecture

Centralized Network Management Systems

Cloud Networking

Centralized WLAN Architecture

Distributed WLAN Architecture

Unified WLAN Architecture

Hybrid Architectures

Enterprise WLAN Routers

WLAN Mesh Access Points

VPN Wireless Security

Infrastructure Management

Protocols for Management

Exam Essentials

Review Questions

Chapter 9 RADIUS and LDAP

Authentication and Authorization

RADIUS Configuration

RADIUS Deployment Models

RADIUS Proxy and Realms

RADIUS Failover

WLAN Devices as RADIUS Servers

Captive Web Portal and MAC Authentication

Attribute-Value Pairs

Vendor-Specific Attributes

VLAN Assignment

Role-Based Access Control

LDAP Attributes

Exam Essentials

Review Questions

Chapter 10 Bring Your Own Device (BYOD) and Guest Access

Mobile Device Management

Company-Issued Devices vs. Personal Devices

MDM Architecture

MDM Agent Software

Over-the-Air Management

Application Management

Self-Service Device Onboarding for Employees

Dual-SSID Onboarding

Single-SSID Onboarding

MDM vs. Self-Service Onboarding

Guest WLAN Access

Guest Firewall Policy

Captive Web Portals

Client Isolation, Rate Limiting, and Web Content Filtering

Guest Management

Guest Self-Registration

Employee Sponsorship

Encrypted Guest Access

Network Access Control (NAC)

OS Fingerprinting

RADIUS Change of Authorization

Exam Essentials

Review Questions

Chapter 11 Wireless Security Troubleshooting

Five Tenets of WLAN Troubleshooting

Troubleshooting Best Practices

Troubleshoot the OSI Model

Most Wi-Fi Problems Are Client Issues

Proper WLAN Design Reduces Problems

WLAN Always Gets the Blame

PSK Troubleshooting

802.1X/EAP Troubleshooting

802.1X/EAP Troubleshooting Zones

Zone 1: Backend Communication Problems

Zone 2: Supplicant Certificate Problems

Zone 2: Supplicant Credential Problems

Roaming Troubleshooting

VPN Troubleshooting

Exam Essentials

Review Questions

Chapter 12 Wireless Security Risks

Unauthorized Rogue Access

Rogue Prevention

Casual Eavesdropping

Malicious Eavesdropping

Eavesdropping Risks

Eavesdropping Prevention

Authentication Attacks

Denial-of-Service Attacks

Layer 1 DoS Attacks

Layer 2 DoS Attacks

Wireless Hijacking

Management Interface Exploits

Vendor Proprietary Attacks

Physical Damage and Theft

Social Engineering

Guest Access and WLAN Hotspots

Exam Essentials

Review Questions

Chapter 13 Wireless LAN Security Auditing

WLAN Security Audit

OSI Layer 1 Audit

OSI Layer 2 Audit

Penetration Testing

Wired Infrastructure Audit

Social Engineering Audit

Documenting the Audit

Audit Recommendations

WLAN Security Auditing Tools

Linux-Based Tools

Exam Essentials

Review Questions

Chapter 14 Wireless Security Monitoring

Wireless Intrusion Detection and Prevention Systems (WIDS and WIPS)

WIDS/WIPS Infrastructure Components

WIDS/WIPS Architecture Models

Multiple Radio Sensors

Sensor Placement

Device Classification

Rogue Detection

Rogue Mitigation

Device Tracking

WIDS/WIPS Analysis

Signature Analysis

Behavioral Analysis

Protocol Analysis

Spectrum Analysis

Forensic Analysis

Performance Analysis

Policy Enforcement

Alarms and Notification

False Positives

Exam Essentials

Review Questions

Chapter 15 Wireless Security Policies

Policy Creation

Policy Management

Functional Policy

Password Policy

Change Control Policy

Authentication and Encryption Policy

WLAN Monitoring Policy

Endpoint Policy

Acceptable Use Policy

Physical Security

Remote Office Policy

Government and Industry Regulations

The U.S. Department of Defense (DoD) Directive 8420.1

Federal Information Processing Standards (FIPS) 140-2

The Sarbanes-Oxley Act of 2002 (SOX)

Graham-Leach-Bliley Act (GLBA)

Health Insurance Portability and Accountability Act (HIPAA)

Payment Card Industry (PCI) Standard

Compliance Reports

802.11 WLAN Policy Recommendations

Exam Essentials

Review Questions

Appendix A Answers to Review Questions

Chapter 1: WLAN Security Overview

Chapter 2: Legacy 802.11 Security

Chapter 3: Encryption Ciphers and Methods

Chapter 4: 802.1X/EAP Authentication

Chapter 5: 802.11 Layer 2 Dynamic Encryption Key Generation

Chapter 6: PSK Authentication

Chapter 7: 802.11 Fast Secure Roaming

Chapter 8: WLAN Security Infrastructure

Chapter 9: RADIUS and LDAP

Chapter 10: Bring Your Own Device (BYOD) and Guest Access

Chapter 11: Wireless Security Troubleshooting

Chapter 12: Wireless Security Risks

Chapter 13: Wireless LAN Security Auditing

Chapter 14: Wireless Security Monitoring

Chapter 15: Wireless Security Policies

Appendix B Abbreviations and Acronyms

Organizations and Regulations

Technical Terms

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

18.221.89.183