Sybex

Home Certification IT Administration Architecture & Design
3D Animation & CGI Internet Marketing
Print this page Share

CWSP Certified Wireless Security Professional Study Guide: Exam CWSP-205, 2nd Edition

ISBN: 978-1-119-21108-2
696 pages
November 2016
CWSP Certified Wireless Security Professional Study Guide: Exam CWSP-205, 2nd Edition (1119211085) cover image

Description

The most detailed, comprehensive coverage of CWSP-205 exam objectives

CWSP: Certified Wireless Security Professional Study Guide offers comprehensive preparation for the CWSP-205 exam. Fully updated to align with the new 2015 exam, this guide covers all exam objectives and gives you access to the Sybex interactive online learning system so you can go into the test fully confident in your skills. Coverage includes WLAN discovery, intrusion and attack, 802.11 protocol analysis, wireless intrusion prevention system implementation, Layer 2 and 3 VPN over 802.11 networks, managed endpoint security systems, and more. Content new to this edition features discussions about BYOD and guest access, as well as detailed and insightful guidance on troubleshooting. With more than double the coverage of the “official” exam guide, plus access to interactive learning tools, this book is your ultimate solution for CWSP-205 exam prep.

The CWSP is the leading vendor-neutral security certification administered for IT professionals, developed for those working with and securing wireless networks. As an advanced certification, the CWSP requires rigorous preparation — and this book provides more coverage and expert insight than any other source.

  • Learn the ins and outs of advanced network security
  • Study 100 percent of CWSP-205 objectives
  • Test your understanding with two complete practice exams
  • Gauge your level of preparedness with a pre-test assessment

The CWSP is a springboard for more advanced certifications, and the premier qualification employers look for in the field. If you’ve already earned the CWTS and the CWNA, it’s time to take your career to the next level. CWSP: Certified Wireless Security Professional Study Guide is your ideal companion for effective, efficient CWSP-205 preparation.

See More

Table of Contents

Foreword xxv

Introduction xxvii

Assessment Test xxxviii

Chapter 1 WLAN Security Overview 1

Standards Organizations 3

International Organization for Standardization (ISO) 3

Institute of Electrical and Electronics Engineers (IEEE) 4

Internet Engineering Task Force (IETF) 5

Wi-Fi Alliance 7

802.11 Networking Basics 12

802.11 Security Basics 14

Data Privacy 14

Authentication, Authorization, Accounting (AAA) 16

Segmentation 17

Monitoring 17

Policy 18

802.11 Security History 18

802.11i Security Amendment and WPA Certifications 18

Robust Security Network (RSN) 20

Summary 21

Exam Essentials 22

Review Questions 24

Chapter 2 Legacy 802.11 Security 29

Authentication 30

Open System Authentication 31

Shared Key Authentication 33

Wired Equivalent Privacy (WEP) Encryption 35

TKIP 40

Virtual Private Networks (VPNs) 44

Point-to-Point Tunneling Protocol (PPTP) 46

Layer 2 Tunneling Protocol (L2TP) 46

Internet Protocol Security (IPsec) 47

Secure Sockets Layer (SSL) 47

VPN Configuration Complexity 48

VPN Scalability 48

MAC Filters 49

SSID Segmentation 50

SSID Cloaking 51

Summary 54

Exam Essentials 55

Review Questions 56

Chapter 3 Encryption Ciphers and Methods 61

Encryption Basics 62

Symmetric and Asymmetric Algorithms 63

Stream and Block Ciphers 65

RC4/ARC4 66

RC5 66

DES 66

3DES 67

AES 67

WLAN Encryption Methods 68

WEP 70

WEP MPDU 70

TKIP 72

TKIP MPDU 72

CCMP 73

CCMP MPDU 76

WPA/WPA2 78

Future Encryption Methods 79

Proprietary Layer 2 Implementations 80

Summary 80

Exam Essentials 81

Review Questions 82

Chapter 4 802.1X/EAP Authentication 87

WLAN Authentication Overview 89

AAA 90

Authentication 91

Authorization 92

Accounting 93

802.1X 95

Supplicant 96

Authenticator 99

Authentication Server 102

Supplicant Credentials 106

Usernames and Passwords 106

Digital Certificates 107

Protected Access Credentials (PACs) 109

One-T - ime Passwords 109

Smart Cards and USB Tokens 110

Machine Authentication 112

802.1X/EAP and Certificates 114

Server Certificates and Root CA Certificates 115

Client Certificates 119

Shared Secret 120

Legacy Authentication Protocols 121

PAP 121

CHAP 121

MS-CHAP 121

MS-CHAPv2 121

EAP 122

Weak EAP Protocols 125

EAP-MD5 125

EAP-LEAP 126

Strong EAP Protocols 128

EAP-PEAP 130

EAP-TTLS 133

EAP-TLS 134

EAP-FAST 136

Miscellaneous EAP Protocols 141

EAP-SIM 141

EAP-AKA 141

EAP-TEAP 142

Summary 144

Exam Essentials 144

Review Questions 146

Chapter 5 802.11 Layer 2 Dynamic Encryption Key Generation 151

Advantages of Dynamic Encryption 152

Robust Security Network (RSN) 156

RSN Information Element 161

Authentication and Key Management (AKM) 166

RSNA Key Hierarchy 170

4‐Way Handshake 174

Group Key Handshake 177

PeerKey Handshake 179

TDLS Peer Key Handshake 180

RSNA Security Associations 181

Passphrase‐to‐PSK Mapping 182

Roaming and Dynamic Keys 183

Summary 184

Exam Essentials 184

Review Questions 186

Chapter 6 PSK Authentication 193

WPA/WPA2-Personal 194

Preshared Keys (PSK) and Passphrases 195

WPA/WPA2-Personal Risks 200

Entropy 201

Proprietary PSK 203

Simultaneous Authentication of Equals (SAE) 205

Summary 208

Exam Essentials 208

Review Questions 209

Chapter 7 802.11 Fast Secure Roaming 215

History of 802.11 Roaming 216

Client Roaming Thresholds 217

AP-to-AP Handoff 218

RSNA 220

PMKSA 221

PMK Caching 224

Preauthentication 225

Opportunistic Key Caching (OKC) 227

Proprietary FSR 230

Fast BSS Transition (FT) 231

Information Elements 235

FT Initial Mobility Domain Association 236

Over-the-Air Fast BSS Transition 238

Over-the-DS Fast BSS Transition 239

802.11k 243

802.11v 246

Voice Enterprise 247

Layer 3 Roaming 248

Troubleshooting 250

Summary 251

Exam Essentials 251

Review Questions 253

Chapter 8 WLAN Security Infrastructure 257

802.11 Services 258

Integration Service (IS) 258

Distribution System (DS) 259

Management, Control, and Data Planes 259

Management Plane 260

Control Plane 260

Data Plane 261

WLAN Architecture 261

Autonomous WLAN Architecture 261

Centralized Network Management Systems 263

Cloud Networking 265

Centralized WLAN Architecture 265

Distributed WLAN Architecture 270

Unified WLAN Architecture 272

Hybrid Architectures 272

Enterprise WLAN Routers 272

WLAN Mesh Access Points 273

WLAN Bridging 274

VPN Wireless Security 275

VPN 101 275

Layer 3 VPNs 277

SSL VPN 278

VPN Deployment 278

Infrastructure Management 279

Protocols for Management 280

Summary 285

Exam Essentials 285

Review Questions 286

Chapter 9 RADIUS and LDAP 291

LDAP 292

RADIUS 293

Authentication and Authorization 294

Accounting 295

RADIUS Configuration 296

LDAP Proxy 298

RADIUS Deployment Models 299

RADIUS Proxy 303

RADIUS Proxy and Realms 304

RADIUS Failover 305

WLAN Devices as RADIUS Servers 306

Captive Web Portal and MAC Authentication 306

RadSec 307

Attribute-Value Pairs 307

Vendor-Specific Attributes 308

VLAN Assignment 309

Role-Based Access Control 310

LDAP Attributes 311

Summary 311

Exam Essentials 311

Review Questions 313

Chapter 10 Bring Your Own Device (BYOD) and Guest Access 319

Mobile Device Management 322

Company-Issued Devices vs. Personal Devices 323

MDM Architecture 324

MDM Enrollment 325

MDM Profiles 329

MDM Agent Software 331

Over-the-Air Management 332

Application Management 335

Self-Service Device Onboarding for Employees 336

Dual-SSID Onboarding 337

Single-SSID Onboarding 338

MDM vs. Self-Service Onboarding 339

Guest WLAN Access 339

Guest SSID 340

Guest VLAN 340

Guest Firewall Policy 341

Captive Web Portals 342

Client Isolation, Rate Limiting, and

Web Content Filtering 345

Guest Management 345

Guest Self-Registration 347

Employee Sponsorship 348

Social Login 349

Encrypted Guest Access 351

Network Access Control (NAC) 352

Posture 352

OS Fingerprinting 353

AAA 354

RADIUS Change of Authorization 355

Single Sign-On 356

Summary 358

Exam Essentials 359

Review Questions 360

Chapter 11 Wireless Security Troubleshooting 365

Five Tenets of WLAN Troubleshooting 366

Troubleshooting Best Practices 366

Troubleshoot the OSI Model 369

Most Wi-Fi Problems Are Client Issues 370

Proper WLAN Design Reduces Problems 372

WLAN Always Gets the Blame 372

PSK Troubleshooting 372

802.1X/EAP Troubleshooting 374

802.1X/EAP Troubleshooting Zones 375

Zone 1: Backend Communication Problems 376

Zone 2: Supplicant Certificate Problems 378

Zone 2: Supplicant Credential Problems 380

Roaming Troubleshooting 382

VPN Troubleshooting 384

Summary 387

Exam Essentials 387

Review Questions 388

Chapter 12 Wireless Security Risks 397

Unauthorized Rogue Access 398

Rogue Devices 398

Rogue Prevention 402

Eavesdropping 404

Casual Eavesdropping 404

Malicious Eavesdropping 406

Eavesdropping Risks 407

Eavesdropping Prevention 409

Authentication Attacks 409

Denial-of-Service Attacks 411

Layer 1 DoS Attacks 412

Layer 2 DoS Attacks 416

MAC Spoofing 420

Wireless Hijacking 423

Management Interface Exploits 427

Vendor Proprietary Attacks 428

Physical Damage and Theft 428

Social Engineering 430

Guest Access and WLAN Hotspots 432

Summary 433

Exam Essentials 433

Review Questions 434

Chapter 13 Wireless LAN Security Auditing 439

WLAN Security Audit 440

OSI Layer 1 Audit 442

OSI Layer 2 Audit 447

Penetration Testing 449

Wired Infrastructure Audit 453

Social Engineering Audit 453

WIPS Audit 454

Documenting the Audit 455

Audit Recommendations 456

WLAN Security Auditing Tools 457

Linux-Based Tools 459

Summary 462

Exam Essentials 463

Review Questions 464

Chapter 14 Wireless Security Monitoring 469

Wireless Intrusion Detection and Prevention Systems

(WIDS and WIPS) 470

WIDS/WIPS Infrastructure Components 471

WIDS/WIPS Architecture Models 474

Multiple Radio Sensors 478

Sensor Placement 479

Proprietary WIPS 480

Device Classification 482

Rogue Detection 484

Rogue Mitigation 488

Device Tracking 491

WIDS/WIPS Analysis 496

Signature Analysis 496

Behavioral Analysis 497

Protocol Analysis 498

Spectrum Analysis 500

Forensic Analysis 501

Performance Analysis 502

Monitoring 503

Policy Enforcement 503

Alarms and Notification 505

False Positives 507

Reports 508

802.11n/ac 508

802.11w 510

Summary 511

Exam Essentials 511

Review Questions 513

Chapter 15 Wireless Security Policies 517

General Policy 519

Policy Creation 519

Policy Management 522

Functional Policy 523

Password Policy 524

RBAC Policy 525

Change Control Policy 526

Authentication and Encryption Policy 526

WLAN Monitoring Policy 527

Endpoint Policy 527

Acceptable Use Policy 528

Physical Security 529

Remote Office Policy 529

Government and Industry Regulations 530

The U.S. Department of Defense (DoD) Directive 8420.1 531

Federal Information Processing Standards (FIPS) 140-2 532

The Sarbanes-Oxley Act of 2002 (SOX) 534

Graham-Leach-Bliley Act (GLBA) 536

Health Insurance Portability and Accountability Act (HIPAA) 538

Payment Card Industry (PCI) Standard 540

Compliance Reports 543

802.11 WLAN Policy Recommendations 544

Summary 545

Exam Essentials 545

Review Questions 547

Appendix A Answers to Review Questions 553

Chapter 1: WLAN Security Overview 554

Chapter 2: Legacy 802.11 Security 556

Chapter 3: Encryption Ciphers and Methods 558

Chapter 4: 802.1X/EAP Authentication 561

Chapter 5: 802.11 Layer 2 Dynamic Encryption Key Generation 563

Chapter 6: PSK Authentication 567

Chapter 7: 802.11 Fast Secure Roaming 570

Chapter 8: WLAN Security Infrastructure 573

Chapter 9: RADIUS and LDAP 576

Chapter 10: Bring Your Own Device (BYOD) and Guest Access 578

Chapter 11: Wireless Security Troubleshooting 581

Chapter 12: Wireless Security Risks 584

Chapter 13: Wireless LAN Security Auditing 587

Chapter 14: Wireless Security Monitoring 590

Chapter 15: Wireless Security Policies 594

Appendix B Abbreviations and Acronyms 597

Certifications 598

Organizations and Regulations 598

Measurements 599

Technical Terms 599

Index 615

See More

Author Information

David D. Coleman, CWNE #4, is a WLAN security consultant, technical trainer, public speaker, and the Senior Mobility Leader for Aerohive Networks.
David A. Westcott, CWNE #7, is an independent consultant and WLAN technical trainer of over thirty years.
Bryan Harkins, CWNE #44, is a WLAN technical trainer, consultant, and the Director of Cradlepoint University.

See More

Downloads

Download TitleSizeDownload
PCAPs 244.84 KB Click to Download
Chapter 14: Proprietary WIPS (added section) 527.37 KB Click to Download
See More

Errata

Do you think you've discovered an error in this book? Please check the list of errata below to see if we've already addressed the error. If not, please submit the error via our Errata Form. We will attempt to verify your error; if you're right, we will post a correction below.

ChapterPageDetailsDatePrint Run
14 480 Errata in Text
Corrections:
The “Proprietary WIPS” section is missing from the first printing of the book. This section spans pages 480-482 and those corrected pages will be posted to the Downloads section of the book’s Wiley.com web page.
Note
The actual correction for this is already being worked on in production and nothing else needs to be done to the book content.
11-Oct-16
2 59 Errata in text
Chapter 2 Pages 59, Question 15:
The graphic shows a packet capture of a successful 802.11 authentication. In which of the following types of client connections could this not occur?
Should be
The graphic shows a packet capture of a successful 802.11 open system authentication. In which of the following types of client connections could this not occur?
9-Mar-18
15 544 Errata in text
Chapter 15
On page 542, second line of main text, " ... recommend these five wireless security policies"
The second line of page 542 should state:
" ... recommend these seven wireless security policies"
22/11/18
App A 557 Errata in text
Appendix A, page 557, chapter 2 answers, replace question 15 answer with:
15. B. The graphic shows a two-frame Open System authentication. 802.1X/EAP works together with Open System authentication. An unencrypted session uses Open System authentication. Legacy WEP will also work with Open System authentication. Shared Key authentication can be used instead of Open System authentication when legacy WEP is deployed. However, Shared Key authentication is a four-way authentication frame exchange, as opposed to the two-frame exchange shown in the graphic. Shared Key is a legacy authentication solution with known security flaws and should never be used as a primary authentication solution. Legacy WEP encryption also has well known security flaws and should never be used as the primary method of data privacy.
9-Mar-18
See More

Press Release

September 12, 2016
Wiley Announces Publication of CWSP: Certified Wireless Security Professional Study Guide CWSP-205, 2nd Edition

CWSP: Certified Wireless Security Professional Study Guide offers comprehensive preparation for the CWSP-205 exam. Fully updated to align with the new 2015 exam, this guide covers all exam objectives and gives you access to the Sybex interactive online learning system so you can go into the test fully confident in your skills. Coverage includes WLAN discovery, intrusion and attack, 802.11 protocol analysis, wireless intrusion prevention system implementation, Layer 2 and 3 VPN over 802.11 networks, managed endpoint security systems, and more. Content new to this edition features discussions about BYOD and guest access, as well as detailed and insightful guidance on troubleshooting. With more than double the coverage of the “official” exam guide, plus access to interactive learning tools, this book is your ultimate solution for CWSP-205 exam prep.

The CWSP is the leading vendor-neutral security certification administered for IT professionals, developed for those working with and securing wireless networks. As an advanced certification, the CWSP requires rigorous preparation — and this book provides more coverage and expert insight than any other source.

  • Learn the ins and outs of advanced network security
  • Study 100 percent of CWSP-205 objectives
  • Test your understanding with two complete practice exams
  • Gauge your level of preparedness with a pre-test assessment

The CWSP is a springboard for more advanced certifications, and the premier qualification employers look for in the field. If you’ve already earned the CWTS and the CWNA, it’s time to take your career to the next level. CWSP: Certified Wireless Security Professional Study Guide is your ideal companion for effective, efficient CWSP-205 preparation.

See More
Instructors Resources
Wiley Instructor Companion Site
Request a print evaluation copy
Contact us
See More
See Less