IT Graduate Certificate in Information Security and Assurance


Course Description



(5) IT 6833 Wireless Security


Course Description: This course covers methods and techniques to secure wireless networks against threats and attacks. Topics include: Encrypt wireless traffic for privacy and authenticity, implement WPA and the 802.11i security standards to protect Wi-Fi networks, wireless network intrusion detection and prevention, and security trouble-shooting WLANs.


Course Prerequisites: IT 6823 Information Security Concepts and Administration


Course Outline:

Introduction to Wireless LANs

    Wireless components

    Wireless LAN implementations

    Wireless networking standards: 802.11x

    Intercepting Wi-Fi traffic

    Infrastructure models and roaming

    Bluetooth WPANs (802.15)

    WiMAX WWANs (802.16)

    Wireless sensor networks

Security in Wireless Networks

    Wireless attacks

    Jamming and RF interference

o        Identifying interference sources

o        Malicious and inadvertent interference

    802.11 protocol attacks

o        Exploiting the collision avoidance mechanism

o        Forcing client de-authentication

    Wireless security best practice

    Secure routing

    Secure localization

Encrypting for Privacy and Authenticity

    Encryption and authentication

    Secret-key cryptography and PKI

    Symmetric vs. asymmetric algorithms

    RC4, AES, and RSA

    Hashing with MD5 and SHA

    Protecting data with digital signatures

    Authenticating with digital certificates

    WEP authentication and encryption

    Exposing WEP flaws

o        Weak initialization vectors

o        Dictionary attacks

o        Static keys

    Providing security with WPA

o        Retaining existing hardware

o        Correcting WEP deficiencies

o        Deploying pre-shared key authentication

    Ensuring privacy with WPA

Creating Secure WLAN Topologies

    Designing the wireless security landscape

o        Defining the trusted boundary

o        Centralized vs. distributed control

o        Enforcing access control

o        Establishing user credentials

    Configuring security for roaming

o        Maintaining security contexts

o        802.11i pre-authentication

o        Roaming in a VPN environment

Monitoring and Auditing WLANs

    Wireless intrusion detection systems

    Creating wireless signatures

    Detecting rogue access points

    Monitoring access attempts

    Generating audit trails