rent-now

Rent More, Save More! Use code: ECRENTAL

5% off 1 book, 7% off 2 books, 10% off 3+ books

9780072230123

CWSP Certified Wireless Security Professional Official Study Guide (Exam PW0-200)

by
  • ISBN13:

    9780072230123

  • ISBN10:

    0072230126

  • Edition: 1st
  • Format: Paperback
  • Copyright: 2003-04-25
  • Publisher: McGraw-Hill Osborne Media
  • View Upgraded Edition
  • Purchase Benefits
List Price: $70.00

Summary

CWSP is THE standard of knowledge for securing Wireless LANs. This is the only Official Study Guide for the CWSP exam.

Author Biography

Devin Akin is the Chief Technology Officer and co-founder of Planet3 Wireless Inc., the creators of the Certified Wireless Network Professional Program. He contributed to the CWSP exam, and is the principal author of both the CWNA and CWSP Official Study Guides. He holds many technical certifications including CCNP, CCDP, MCNE, and MCSE.

Table of Contents

Chapter 1 Wireless LAN Auditing Tools 1(46)
Wireless LAN Discovery Tools
3(9)
NetStumbler
3(7)
Usage
4(1)
Functionality
5(4)
Auditor Uses
9(1)
Hacker Uses
9(1)
NetStumbler.com
9(1)
MiniStumbler
10(1)
Kismet
10(1)
dstumbler
11(1)
Proactive Measures
11(1)
Fake Access Points
11(1)
Advanced Security Solutions
11(1)
Awareness
12(1)
Password Capture & Decrypt
12(7)
WinSniffer
12(2)
ettercap
14(2)
L0phtCrack
16(2)
LRC
18(1)
Share Enumerators
19(2)
Legion 2.1
20(1)
Proactive Measures
20(1)
Network Management & Control
21(2)
Considerations
23(1)
Wireless Protocol Analyzers
23(2)
Vendors
24(1)
Auditor Uses
25(1)
Proactive Measures
25(1)
Manufacturer Defaults
25(2)
Antennas & Wireless LAN Equipment
27(2)
Antennas
27(2)
Wireless Cards
29(1)
OS Fingerprinting & Port Scanning
29(3)
Considerations
31(1)
Application Layer Analyzers
32(1)
Networking Utilities
33(2)
Proactive Measures
34(1)
Network Discovery Tools
35(1)
RF Jamming Tools
35(1)
Hijacking Tools
36(1)
Proactive Measures
37(1)
WEP Decryption Tools
37(1)
Proactive Measures
38(1)
Operating System Exploit Tools
38(1)
Proactive Measures
38(1)
Homeplug Devices
39(1)
Summary
40(1)
Key Terms
41(1)
Review Questions
42(4)
Answers to Review Questions
46(1)
Chapter 2 Gathering Information 47(18)
Target Profiling
48(6)
Publicly Available Information
49(1)
Public WLAN Maps
49(2)
Search Engines
51(1)
War Driving
51(2)
Connecting and Trace Routing
52(1)
War Chalking
53(1)
Tools, Traffic, & Social Engineering
54(5)
The Help Desk
55(2)
Contractors
57(1)
Employees
57(1)
Traffic Pattern Analysis
58(1)
Summary
59(1)
Key Terms
60(1)
Review Questions
61(2)
Answers to Review Questions
63(2)
Chapter 3 Unauthorized Access 65(18)
Rogue Devices
67(3)
Access Points
67(2)
Location
67(1)
WEP settings
68
Placement
6(62)
Costs
68(1)
Visibility
68(1)
SSID settings
69(1)
Frequency
69(1)
Spectrum Choice
69(1)
Antennas
69(1)
Wireless Bridges
69(1)
Placement
69(1)
Priority
69(1)
MAC Spoofing
70(1)
Antenna Use
70(1)
Costs
70(1)
Summary
70(1)
Data Theft & Malicious Insertion
70(3)
Illegal, Unethical, or Inappropriate Content
71(1)
Viruses & Spyware
71(2)
Peer-to-Peer Attacks
73(1)
Unauthorized Control
74(3)
Network Management Tools
74(1)
Configuration Changes
74(1)
Third Party Attacks
75(2)
Summary
77(1)
Key Terms
78(1)
Review Questions
79(2)
Answers to Review Questions
81(2)
Chapter 4 Denial of Service 83(16)
RF Jamming
84(2)
Data Flooding
86(3)
Hijacking
89(4)
Summary
93(1)
Key Terms
94(1)
Review Questions
95(2)
Answers to Review Questions
97(2)
Chapter 5 Legislation 99(10)
Acts of US Congress
101(4)
Identity Theft and Assumption Deterrence Act
101(2)
Computer Fraud and Abuse Act
103(1)
Electronic Communications Privacy Act
104(1)
State Laws
105(1)
Summary
106(1)
Key Terms
107(1)
Research Questions
108(1)
Chapter 6 General Policy 109(32)
Getting Started
112(1)
Risk Assessment
113(3)
Asset Protection
114(2)
Sensitive Data
115(1)
Network Services
115(1)
Threat Prevention
116(7)
Denial of Service (DoS)
117(1)
Equipment Damage or Theft
117(1)
Unauthorized Access
118(2)
Credit Card Fraud
120(1)
Identity Theft
120(1)
Corporate Secrets
121(1)
Personal Information Exposure
121(1)
Malicious Data Insertion
122(1)
Legal Liabilities
123(1)
Third Party Attacks
123(1)
Illegal Data Insertion
124(1)
Costs
124(6)
People
125(1)
Training
125(2)
Equipment
127(2)
Time
129(1)
Impact Analysis
130(2)
Public Access Networks
130(1)
Legal Implications
131(1)
Security Auditing
132(2)
Independent Testing
132(1)
Sources of Information
133(1)
Summary
134(1)
Key Terms
135(1)
Review Questions
136(3)
Answers to Review Questions
139(2)
Chapter 7 Functional Policy: Guidelines & Baselines 141(38)
Policy Essentials
142(6)
Password Polices
142(2)
Guidelines
142(1)
Choosing a strong password
143(1)
Training
144(1)
Networking Staff
144(1)
End Users
145(1)
Usage
145(1)
Implementation and Staging
146(1)
Procedures
147(1)
Audits
147(1)
General Guidelines
148(3)
Security Checklist
148(1)
Available Network Resources
149(1)
Asset Management
149(1)
Periodic Inventory
150(1)
Change Management
150(1)
Spot-checks & Accountability
150(1)
Baseline Practices
151(21)
SSIDs
151(2)
MAC filters
153(4)
Using Static WEP
157(1)
Default Configuration Settings
157(1)
Firmware Upgrades
158(1)
Rogue Equipment
159(4)
Eliminating Rogues
160(3)
Outdoor Bridge Security
163(1)
RF Cell Sizing
163(3)
SNMP Community Strings
166(1)
Discovery Protocols
166(1)
How CDP Works
166(1)
Remote Configuration
167(1)
Client Security
168(1)
IP Services
169(1)
Switches vs. Hubs
170(1)
Staging and Testing
170(1)
Equipment Installation
170(2)
Summary
172(1)
Key Terms
173(1)
Review Questions
174(4)
Answers to Review Questions
178(1)
Chapter 8 Functional Policy: Design & Implementation 179(22)
Interoperability
181(1)
PPTP
181(1)
IPSec
181(1)
Layering
182(3)
OSI Layers
182(1)
Layer 2 (Data-Link Layer)
182(1)
Layer 3 (Network Layer)
182(1)
Layer 7 (Application Layer)
183(1)
Costs
183(1)
Management
184(1)
Throughput & Latency
184(1)
Summary
185(1)
Segmentation & VLANs
185(5)
Wireless VLANs
186(4)
Authentication & Encryption
190(4)
Existing Implementations
190(1)
Data Sensitivity
190(1)
Scalability & Availability
191(3)
Summary
194(1)
Key Terms
195(1)
Review Questions
196(4)
Answers to Review Questions
200(1)
Chapter 9 Functional Policy: Monitoring & Response 201(16)
Physical Security
202(3)
Rogue Access Points & Ad Hoc Networks
202(1)
RF Jamming & Data Flooding
203(2)
RF Jamming
203(2)
Data Flooding
205(1)
Social Engineering
205(3)
Awareness
206(1)
Prevention
207(1)
Audits
207(1)
Reporting
208(1)
Response Procedures
209(2)
Summary
211(1)
Key Terms
212(1)
Review Questions
213(3)
Answers to Review Questions
216(1)
Chapter 10 Encryption 217(14)
RC4
218(1)
RC5
219(1)
Data Encryption Standard (DES)
220(1)
Triple DES (3DES)
221(2)
Advanced Encryption Standard
223(2)
Summary
225(1)
Key Terms
226(1)
Review Questions
227(2)
Answers to Review Questions
229(2)
Chapter 11 Data-Link Security Solutions 231(48)
802.11 MAC Basics
232(1)
Categories of Authentication & Encryption
233(1)
Static WEP
233(2)
Usage
234(1)
Cracking WEP
234(1)
TKIP
235(3)
WEP Weaknesses Addressed
235(2)
Forgery
235(1)
Weak Key Attacks
236(1)
Collision Attacks
236(1)
Replay attacks
236(1)
Availability
237(1)
Usage
238(1)
802.1x /EAP
238(6)
Usage
239(1)
802.1x Standard
239(3)
802.1x Advantages
242(2)
Maturity & Interoperability
242(1)
User-based Identification
243(1)
Dynamic Key Management
243(1)
Flexible Authentication
243(1)
EAP
244(27)
EAP Process
244(3)
EAP Framework
247(1)
EAP Authentication Types
248(18)
EAP-MD5
249(1)
EAP-TLS
250(5)
EAP-Cisco Wireless (LEAP)
255(2)
EAP-TTLS (Tunneled Transport Layer Security)
257(3)
Protected EAP
260(6)
EAP Considerations
266(14)
Mutual Authentication
266(1)
Dynamic Key Generation, Rotation, and Distribution
267(1)
Costs and Management Overhead
267(1)
Industry Acceptance, Standardization, and Support
268(1)
Availability and Implementation
269(2)
Proprietary Protocols
271(1)
Summary
272(1)
Key Terms
273(1)
Review Questions
274(4)
Answers to Review Questions
278(1)
Chapter 12 802.11i & Wi-Fi Protected Access 279(10)
802.11i 280 Wi-Fi Protected Access (WPA)
280(3)
Pre-Shared Key
281(1)
Mixed Mode Deployment
281(1)
Deployment
282(1)
Limitations
282(1)
Summary
283(1)
Key Terms
284(1)
Review Questions
285(2)
Answers to Review Questions
287(2)
Chapter 13 Wireless VPN Technology 289(48)
Virtual Private Networks
290(11)
Wireless VPNs
291(1)
VPN Process
291(2)
VPN Considerations
293(5)
Acceptance
293(1)
Advantages
293(1)
Disadvantages
294(1)
Security Issues
294(1)
Administration
295(1)
Scalability
296(1)
Subnet Roaming
296(1)
Role-based Access Control
297(1)
VLANs
297(1)
VPN Types
298(3)
Remote Access Connections
298(2)
Peer-to-Peer Connections
300(1)
VPN Protocols
301(1)
Acceleration & Latency
301(1)
PPTP
302(1)
L2TP
303(4)
Similarities to PPTP
304(1)
Differences from PPTP
305(1)
Advantages of Using L2TP
305(2)
IPSec/IKE
307(10)
Security Features
307(1)
IPSec Protocols
308(2)
Authentication Header
308(2)
Encapsulating Security Payload
310(1)
Modes
310(2)
Choosing a Protocol
312(1)
Remote Access Differences
312(1)
Policies
313(1)
IPSec VPNs Pros and Cons
313(4)
Pros
313(1)
Cons
314(1)
Using Digital Certificates
315(1)
Pre-Shared Key Authentication
315(2)
SSH2
317(5)
Secure Command Shell
318(1)
Port Forwarding
318(2)
Secure File Transfer
320(1)
Public Key Authentication
320(1)
Data Encryption
321(1)
Data Integrity
322(1)
Other Benefits
322(1)
Mobile IP
322(4)
Mobile IP Process
325(1)
Security
326(2)
Summary
328(1)
Key Terms
329(1)
Review Questions
330(6)
Answers to Review Questions
336(1)
Chapter 14 Segmentation Devices 337(30)
Considerations
338(4)
Redundancy
338(1)
Network Address Translation
339(2)
Subnet Roaming
341(1)
Routers
342(1)
Layer 3 Switches
342(1)
VPN Concentrators
343(1)
Firewalls
344(2)
Enterprise Encryption Gateways
346(2)
Enterprise Wireless Gateways
348(8)
Network Positioning
349(1)
Firewall Functionality
350(1)
VPN Concentrator Functionality
351(1)
Wireless-Oriented Features
351(2)
Rate Limiting
351(1)
Subnet Roaming
352(1)
RBAC
352(1)
Performance
353(1)
Scalability
354(1)
Hardware or Software?
354(2)
Summary
356(1)
Key Terms
357(1)
Review Questions
358(2)
Answers to Review Questions
360(7)
Chapter 15 Additional Security Solutions 367(14)
Intrusion Detection Systems
362(6)
Features
364(3)
Network-based vs. Host-based
364(1)
Passive vs. Reactive
365(1)
Misuse Detection
366(1)
Anomaly Detection
366(1)
Vulnerability Detection
366(1)
Performance Monitoring
367(1)
Monitoring
367(1)
Maintenance
368(1)
Thin Clients
368(1)
Authenticated DHCP Services
369(3)
DHCP Attacks
371(1)
DoS & Hijacking
371(1)
Theft of Service
371(1)
Traffic Baselining
372(2)
Baselining for Reference
372(1)
Baselining for Performance
372(1)
Baselining for Security
372(2)
Summary
374(1)
Key Terms
375(1)
Review Questions
376(4)
Answers to Review Questions
380(1)
Chapter 16 Wireless LAN Authentication 381(52)
Kerberos
382(19)
Key Distribution Center (KDC)
383(3)
Authentication Service (AS)
383(1)
Ticket-Granting Service (TGS)
383(1)
Microsoft Kerberos Implementation
384(1)
Symbol Kerberos Appliance
385(1)
Process
386(2)
Kerberos Vulnerabilities
388(1)
Example
389(3)
Kerberos Policy & Delegation
392(3)
Wireless Specifics
395(5)
Kerberos in a Wireless LAN Example
396(3)
Process Details
399(1)
Future Direction
400(1)
RADIUS
401(16)
RADIUS Options
402(7)
Scalability
403(1)
EAP support
403(1)
Clustering and Failover
403(1)
Accounting
404(1)
Legacy Authentication Protocols
404(1)
Mutual Authentication
405(1)
Multiple RAS Vendors
405(1)
Various Implementations
405(4)
Authentication Design Considerations
409(8)
1. Single Site Deployment
409(2)
2. Distributed Autonomous Sites
411(2)
3. Distributed Sites, Centralized Authentication & Security
413(2)
4. Distributes Sites & Security, Centralized Authentication
415(2)
5. Combined Architectures
417(1)
LDAP
417(6)
LDAP applications and use
418(1)
Uses for LDAP
419(1)
LDAP Communications
420(1)
LDAP Architecture
421(1)
The Role of LDAP in Wireless LAN Security
422(1)
Multi-factor Authentication
423(3)
Choosing a Solution
424(10)
Management & Integration
424(1)
Proven Technology
425(1)
Summary
426(1)
Key Terms
427(1)
Review Questions
428(3)
Answers to Review Questions
431(2)
Appendix A Wireless LAN Security Policy 433(16)
General Policy
434(5)
Introduction
434(1)
Statement of Authority
434(1)
Applicable audience
435(1)
Violation reporting procedures and enforcement
435(1)
Risk Assessment
435(4)
Asset Protection
435(1)
Threat Prevention
436(1)
Legal Liabilities
436(1)
Costs
436(1)
Impact Analysis
437(1)
Security Auditing
437(2)
Functional Policy-Guidelines and Baselines
439(4)
Policy Essentials
439(2)
Policy Change Control and Review
439(1)
Password Policy
439(1)
Networking Staff and End User Employee Training Requirements
440(1)
Non-Employee Wireless Access
440(1)
Acceptable Use Policy
440(1)
Staging, Implementation, and Management Procedures
440(1)
Auditing and Compliance
441(1)
General Guidelines
441(1)
Security Checklist
441(1)
Available Network Resources
441(1)
Asset Management
442(1)
Change Management
442(1)
Spot-checks & Accountability
442(1)
Baseline Practices
442(1)
Functional Policy-Design and Implementation
443(2)
Interoperability
443(1)
Layering
443(1)
Segmentation & VLANs
443(1)
Authentication & Encryption
444(1)
Existing Implementations
444(1)
Data Sensitivity
444(1)
Scalability & Availability
444(1)
Access Control
445(1)
Functional Policy-Monitoring and Response
445(3)
Physical Security
445(1)
Rogue Access Points & Ad Hoc Networks
445(1)
RF Jamming
446(1)
Data Flooding
446(1)
Social Engineering
446(1)
Prevention
446(1)
Audits
447(1)
Reporting
447(1)
Response Procedures
447(1)
Appendices
448(1)
Glossary
448(1)
Whitepapers
448(1)
Education/Certification
448(1)
Appendix B Computer Fraud & Abuse Act 449(8)
Appendix C Electronic Communications Privacy Act-Chapter 119 457(10)
Appendix D Electronic Communications Privacy Act-Chapter 121 467(18)
Glossary 485

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program