About this course

Course type Premium
Course code QAWIFICYSEC
Duration 2 Days

This two day course provides a comprehensive guide to the assessment and testing of an organisation's security posture with regard to its implementation of Wi-Fi communications.

The course spans Wi-Fi standards, their capabilities, operation, intelligence opportunities, threats posed, exploitation and Wi-Fi auditing and pen testing workflow. Attend one day, or all three to suit your needs and or exposure to Wi-Fi security technology and level of hands on required.

We will review the wide range of key processes of Wi-Fi networks from discovery to authentication, association, higher level authentication and dissociation. Each of these areas will examine methods of exploitation as well as mitigation. The course is delivered through presentations, discussions, practical demonstrations and hands on labs.

You will gain practical hands-on experience of implementing and using technical security controls in labs using real world equipment and will be given the skills and tools to create your own Wi-Fi auditing and pen testing suite.

Prerequisites

  • This course is aimed at security analysts working in public and private sectors who are looking to ensure that they are aware of the vulnerability exposure and defensive countermeasures through the use of Wi-Fi.
  • Familiarity with Linux command line and basic networking principles is encouraged.

Delegates will learn how to

  • Evolution of 802.11 standards
  • Passive intelligence exploitation
  • Building COTS Wi-Fi survey kit
  • Performing Wi-Fi site survey
  • Testing Wi-Fi encryption strength
  • Circumventing Wi-Fi encryption through social engineering
  • Mitigation techniques
  • Common post exploitation activities
  • Audit Scoping and Reporting

Outline

Day 1 - Wi-Fi Security Foundation – Risks, Flaws and Bad Design

  • 802.11 Overview
  • Wi-Fi Fundamentals
  • Wi-Fi Operating Modes
  • Wi-Fi Management frames
  • Wi-Fi Design Flaws
  • Deauthentication vulnerability
  • Encryption standards and Vulnerabilities
  • Intelligence Leakage from Beacons and Probes
    • Device Vectoring
    • Device previous locations
    • Site Survey
      • Choosing Equipment
      • Kit List
      • Kit Preparation
  • Introduction to the aircrack-ng suite

Day 2 - Wi-Fi Security Intermediate – Threats and Countermeasures

  • Device Vectoring Practical
  • Site Survey Practical
  • Rogue access points
  • Karma Attack
  • Misconfigured devices
  • BYOD
  • Breaking Encryption
    • Testing WEP
    • Testing WPA-TKIP
    • Testing WPA-AES
    • Testing WPA2
    • Encryption circumvention
  • Post exploitation activities
  • Device Hardening
  • Mitigation techniques

Premium Course

2 Days

Duration

This course is authored by QA

Delivery Method

Delivery method

Classroom

Face-to-face learning in the comfort of our quality nationwide centres, with free refreshments and Wi-Fi.

Project Management training from QA
Complete Cyber Analyst

Hand picked by our experts, these interlocking skills enable the Complete Cyber Analyst.

Trusted, awarded and accredited

Fully accredited to ensure we provide the highest possible standards in learning

All third party trademark rights acknowledged.