Wireless Administration & Security CWNA & CWSP Detailed Module Description

Module 1: Overview of Wireless Standards and Organizations

• International Telecommunications Union Radio-Communication Sector
• RF Regulatory Bodies
• Federal Communications Commission
• FCC Regulations
• Institute of Electrical and Electronics Engineers (IEEE)
• IEEE Standards
• Wi-Fi Alliance
• International Standards Organization
• Communication Basic
• Modulation Classes
• Amplitude Modulation
• Wavelength
• Frequency
• Phase
• Modulation / De-Modulation with Keying
• Amplitude Shift Keying
• Frequency Shift Keying
• Phase Shift Keying

Module 2: Radio Frequency Fundamentals

• Radio Frequency
• FR Characteristics
• Polarity
• Wavelength
• Frequency
• Amplitude
• Phase
• RF Behavior
• Wave Propagation
• Absorption
• Reflection
• Scattering
• Refraction
• Diffraction
• Attenuation (Loss)
• Free Space Loss
• Multi Path
• Gain

Module 3: Radio Frequency Components, Measurements and Mathematics

• RF Components
• Transmitter
• Antenna
• Receiver
• Intentional Radiator
• Equivalent Isotropically Radiated Power (EIRP)
• Units of Power Comparison Watt
• Milliwatt
• Decibel
• dBi
• dBd
• dBm
• Free Space Loss
• 6 dB Rule
• Rule of 10’s and 3’s
• RF Mathematics without Logarithms
• Practicing the Rule of 10’s and 3’s
• Received Signal Strength Indicator (RSSI)
• System Operating Margin (SOM)
• SOM Calculator
• Link Budget
• Fade Margin
• Inverse Square Law

Module 4: Radio and Frequency Signal and Antenna Concepts

• Azimuth and Elevation Chart
• Azimuth Chart Example
• Beamwidth
• Degree of Beamwidth Table
• Antenna Types
• Omni-Directional Antennas
• Semi-Directional Antenna
• Highly-Directional Antenna
• Phased Array Antenna
• Sector Antenna
• Visual Line of Sight
• RF Line of Sight
• Fresnel Zone
• 802.11 Calculators
• Earth Buldge
• Antenna Polarization
• Antenna Diversity
• Multiple-Input-Multiple-Output (MIMO)
• Antenna Connection and Installation
• Voltage Standing Wave Ratio (VSWR)
• Antenna Mounting
• Antenna Cables
• Connectors
• Splitters
• Amplifers
• Attenuators
• Lightning Arrestors
• Grounding Rods and Wires

Module 5: IEEE 802.11 Standards

• IEEE 802.11 – 1997 Standards including Infrared
• 802.11x – Overview of Protocols
• 802.11a
• 802.11b
• 802.11g
• 802.11n
• 802.11 Standards and Amendments

Module 6: Wireless Networks and Spread Spectrum Technologies

• Terminology
• Spread Spectrum
• Industrial, Scientific and Medical Bands (ISM)
• Unlicensed National Information Infrastructure Bands (UNII)
• UNII 1,2 and 3
• Narrowband and Spread Spectrum
• Delay Spread
• Frequency Hopping and Spread Spectrum
• Dwell and Hop Time
• Modulation
• Gaussian Frequency Shift Keying
• 802.11 b/g Channels
• Channel Overlap
• Direct Sequence Spread Spectrum (DSSS)
• DSSS Frequency Channel Plan
• Encoding and Modulation
• Packet Binary Convolutional Code
• Orthogonal Frequency Division Multiplexing (OFDM)
• Convolution Coding
• 802.11a Channels

Module 7: Wireless LAN Topologies

• Wireless Networking Topologies
• Access Point – Client Stations
• Distribution Systems (DS)
• Wireless Distribution System (WDS)
• Service Set Identifier (SSID)
• Basic Service Set (BSS)
• Basic Service Set Identifier (BSSID)
• Basic Service Area (BSA)
• Extended Service Set (ESS)
• ESS Nomadic
• ESS Co-Location
• Independent Basic Service Set (IBIS)
• Configuration Modes
• Infrastructure

Module 8: Medium Access

• Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
• CSMA/CA vs CSMA/CD
• Distributed Coordination Function (DCF)
• Interframe Space (IFS)
• Four Types of IFS
• Collision Detection
• Duration/ID Field
• Carrier Sense Methods
• Virtual Carrier Sense
• Physical Carrier Sense
• Random Backoff Time
• Example Flow of 802.11
• Point Coordination Function
• 802.11 Frame Format vs 802.3
• MAC Address Format
• Frame Types 281
• 802.11 Management Frames
• Control Frames
• Data Frames
• Layer 3 Integration
• Beacon Management Frame
• Beacon Frame Example
• Passive Scanning
• Active Scanning
• Authentication
• Open System Authentication
• Open System Process
• Shared Key Authentication
• Association
• Roaming
• Reassociation
• Disassociation and Deauthentication

Module 9: MAC Architecture

• ACK Frame
• Fragmentation
• 802.11g Protection Mechanism
• Request to Send/Clear to Send
• RTS/CTS Examples
• CTS to Self
• Power Management
• Power Save Mode
• Traffic Indication Map (TIM)
• Delivery Traffic Indication Message (DITM)
• Announcement Traffic Indication Message (ATIM)
• Wireless Multimedia (WMM)
• Power Save Certification WMM

Module 10: Wireless Devices

• Wireless LAN Client Devices
• Radio Card Formats
• Radio Card Chipsets
• Client Utilities
• Progression of WLAN Architecture
• Access Point Features
• Wireless Network Management System
• Capabilities of WNMS
• Centralized WLAN Architecture
• WLAN Switch Features
• Centralized WLAN Architecture
• Remote Office WLAN Switch
• Distributed WLAN Architecture
• Unified WLAN Architechture
• Wireless Workgroup Bridge
• Wireless LAN Bridges
• Point to Point and Point to Multi-Point
• Other Features of WLAN Bridges
• Deployment Considerations
• Point to Point Links
• Point to Multi-Point Links
• Enterprise Wireless Gateway (EWG)
• EWG Design
• Residential Wireless Gateway (RWG)
• Other Wireless Routers
• Enterprise Encryption Gateway (EEG)
• Power over Ethernet (PoE)
• PoE Devices
• PoE Responsibilities
• PoE Features

Module 11: Network Design, Implementation and Management

• Core, Distribution and Access
• Capacity vs Storage
• Co-Location
• Corporate Data Access and the End User
• Network Extension to Remote Areas
• Bridging Building to Building
• Wireless ISP
• Small Office, Home Office (SOHO)
• Hot Spots

Module 12: WLAN Trouble Shooting

• Spectrum Analyzer: Wi-Spy
• Wi-Spy Add-On Channelyzer
• 802.11 Coverage Considerations
• Dynamic Rate Switching
• Roaming
• Layer 3 Roaming
• Co-Channel Interference
• Hidden Node
• Hidden Node Solutions
• Near / Far Issues
• Near / Far Solutions
• Interference
• Performance
• Weather Issues

Module 13: Network Security Architecture

• 802.11 Security Basics
• Encryption
• Segmentation
• MAC Filtering
• SSID Cloaking
• Authentication and Authorization
• Wired Equivalent Privacy (WEP)
• Weak IV Packets
• Wi-Fi Protected Access (WPA)
• WPA Improvements over WEP
• Temporal Key Integrity Protocol (TKIP)
• 802.1X: Extensible Authentication Protocol (EAP) Types
• EAP Advantages and Disadvantages
• 802.1x EAP/TLS Framework
• Dynamic Encryption Key Generation
• Cryptographic Features of WPA2
• WPA2 Encryption Process
• Robust Security Network (RSN)
• 802.11i and WPA/WPA2

Module 14: Wireless Attacks and Monitoring

• Rogue Access Point
• Countermeasure to the Rogue Access Point
• Peer to Peer Attacks
• Eavesdropping
• Breaking Encryption - Aircrack
• Deauth / Disassociate Attack
• MAC Spoofing
• Denial of Service
• ARP Injection
• Intrusion Detection Monitoring
• Wireless Security Policy

Module 15: Radio Frequency Site Survey

• WLAN Site Survey Interview
• Customer Briefing
• Business Requirements
• Capacity and Coverage Requirements
• Infrastructure Connectivity
• Security Expectations
• Documentation and Reports
• Forms and Customer Documentation
• Deliverables
• Site Survey Defined
• Mandatory Spectrum Analysis
• Mandatory Coverage Analysis
• Indoor Site Survey Tools
• Outdoor Site Survey Tools
• Coverage Analysis: Manual
• Coverage Analysis: Assisted
• Coverage Analysis: Predictive

Module 16: Wireless LAN Auditing Tools

• Netstumbler and War Driving
• Exporting Netstumbler Results
• War Driving with KNSGEM
• Kismet
• Microsoft Wireless Zero Configuration (WZC)
• Wi-Fi Finders
• Antennas
• Cain and Abel
• OmniPeek Personal
• Auditor Uses
• Manufacturer Defaults
• OS Fingerprinting and Port Scanning
• Port Scan Tips
• Tools
• NMAP
• Services and Ports Used
• Vanilla Port Scan (TCP Connect Port Scan)
• NMAP TCP Connect Scan
• LookatLan
• OS Fingerprinting
• Share Enumerators
• RF Jamming Tools
• Hijacking Tools
• Assessment Types

Module 17: Gathering Information

• Methods of Obtaining Information
• Physical Access
• Social Access
• Digital Access