معرفی کتاب Certified Wireless Security Professional Official Study Guide(Exam PW0-204)
Introduction
Assessment Test
Chapter 1 WLAN Security Overview
Standards Organizations
International Organization for Standardization (ISO)
Institute of Electrical and Electronics Engineers (IEEE)
Internet Engineering Task Force (IETF)
Wi-Fi Alliance
802.11 Networking Basics
802.11 Security Basics
Data Privacy
Authentication, Authorization, Accounting (AAA)
Segmentation
Monitoring
Policy
802.11 Security History
802.11i Security amendment and WPA Certifications
Robust Security Network (RSN)
The Future of 802.11 Security
Summary
Exam Essentials
Key Terms
Review Questions
Answers to Review Questions
Chapter 2 Legacy 802.11 Security
Authentication
Open System Authentication
Shared Key Authentication
Wired Equivalent Privacy (WEP) Encryption
Virtual Private Networks (VPNs)
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Internet Protocol Security (IPsec)
Configuration Complexity
Scalability
MAC Filters
SID Segmentation
SSID Cloaking
Summary 55
Exam Essentials 55
Key Terms 56
Review Questions 57
Answers to Review Questions 62
Chapter 3 Encryption Ciphers and Methods 65
Encryption Basics 66
Symmetric and Asymmetric Algorithms 67
Stream and Block Ciphers 68
RC4 69
RC5 70
DES 70
3DES 71
AES 71
WLAN Encryption Methods 72
WEP 73
WEP MPDU 74
TKIP 75
TKIP MPDU 80
CCMP 83
CCMP MPDU 85
WPA / WPA2 88
Proprietary Layer 2 Implementations 89
Summary 90
Exam Essentials 90
Key Terms 91
Review Questions 93
Answers to Review Questions 98
Chapter 4 Enterprise 802.11 Layer 2 Authentication Methods 101
WLAN Authentication Overview 103
AAA 104
Authentication 105
Authorization 106
Accounting 108
802.1X 109
Supplicant 110
Authenticator 115
Authentication Server 119
Supplicant Credentials 122
Usernames and Passwords 123
Digital Certificates and PACs 124
One-time Passwords 126
Smart Cards and USB Tokens 128
Machine Authentication 129
Preshared Keys 130
Proximity Badges and RFID Tags 130
Biometrics 131
Authentication Server Credentials 131
Shared Secret 136
Legacy Authentication Protocols 137
PAP 137
CHAP 137
S-CHAP 137
MS-CHAPv2 138
EAP 138
Weak EAP Protocols 141
EAP-MD5 142
EAP-LEAP 142
Strong EAP Protocols 145
EAP-PEAP 146
EAP-TTLS 150
EAP-TLS 151
EAP-FAST 153
PACs 154
Miscellaneous EAP Protocols 158
EAP-SIM 158
EAP-AKA 158
Summary 161
Exam Essentials 161
Key Terms 162
Review Questions 164
Answers to Review Questions 169
Chapter 5 802.11 Layer 2 Dynamic Encryption 173
Key Generation 173
Advantages of Dynamic Encryption 174
Robust Security Network (RSN) 179
RSN Information Element 184
Authentication and Key Management (AKM) 189
RSNA Key Hierarchy 194
4-Way Handshake 198
Group Key Handshake 201
PeerKey Handshake 203
RSNA Security Associations 204
Passphrase-to-PSK Mapping 205
Roaming and Dynamic Keys 207
Summary 207
Exam Essentials 208
Key Terms 209
Review Questions 210
Answers to Review Questions 216
Chapter 6 SOHO 802.11 Security 221
WPA / WPA2-Personal 222
Preshared Keys (PSK) and Passphrases 223
WPA / WPA2-Personal Risks 228
Entropy 228
Proprietary PSK 231
Wi-Fi Protected Setup (WPS) 232
WPS Architecture 233
SOHO Security Best Practices 238
Summary 238
Exam Essentials 239
Key Terms 240
Review Questions 241
Answers to Review Questions 246
Chapter 7 802.11 Fast Secure Roaming 249
History of 802.11 Roaming 250
Client Roaming Thresholds 251
AP-to-AP Handoff 252
RSNA 254
PMKSA 254
PMK Caching 257
Preauthentication 259
Opportunistic Key Caching (OKC) 260
Proprietary FSR 264
Fast BSS Transition (FT) 264
Information Elements 268
FT Initial Mobility Domain Association 268
Over-the-Air Fast BSS Transition 270
Over-the-DS Fast BSS Transition 271
802.11k 273
Voice Personal and Voice Enterprise 273
Layer 3 Roaming 274
Troubleshooting 276
SCA Roaming 277
Exam Essentials 280
Key Terms 281
Review Questions 283
Answers to Review Questions 287
Chapter 8 Wireless Security Risks 291
Unauthorized Rogue Access 292
Rogue Devices 292
Rogue Prevention 296
Eavesdropping 298
Casual Eavesdropping 298
Malicious Eavesdropping 300
Eavesdropping Risks 301
Eavesdropping Prevention 302
Authentication Attacks 303
Denial-of-Service Attacks 305
Layer 1 DoS Attacks 306
Layer 2 DoS Attacks 310
MAC Spoofing 314
Wireless Hijacking 317
Management Interface Exploits 321
Vendor Proprietary Attacks 322
Physical Damage and Theft 323
Social Engineering 324
Public Access and WLAN Hotspots 326
Summary 327
Exam Essentials 327
Key Terms 328
Review Questions 330
Answers to Review Questions 334
Chapter 9 Wireless LAN Security Auditing 337
WLAN Security Audit 338
OSI Layer 1 Audit 340
OSI Layer 2 Audit 344
Penetration Testing 347
Wired Infrastructure Audit 349
Social Engineering Audit 349
WIPS Audit 350
Documenting the Audit 350
Audit Recommendations 352
WLAN Security Auditing Tools 353
Linux-Based Tools 356
Windows-Based Tools 359
Summary 359
Exam Essentials 360
Key Terms 360
Review Questions 361
Answers to Review Questions 366
Chapter 10 Wireless Security Monitoring 369
Wireless Intrusion Detection and Prevention Systems 369
(WIDS and WIPS) 371
WIDS/ WIPS Infrastructure Components 372
WIDS/ WIPS Architecture Models 375
Multiple Radio Sensors 382
Sensor Placement 383
Device Classification 384
Rogue Detection 386
Rogue Mitigation 389
Device Tracking 392
WIDS/ WIPS Analysis 397
Signature Analysis 397
Behavioral Analysis 398
Protocol Analysis 398
Spectrum Analysis 400
Forensic Analysis 402
Performance Analysis 403
Monitoring 404
Policy Enforcement 404
Alarms and Notification 406
False Positives 409
Reports 410
802.11n 410
Proprietary WIPS 413
Cloaking 414
Management Frame Protection 414
802.11w 415
Summary 416
Exam Essentials 417
Key Terms 418
Review Questions 419
Answers to Review Questions 424
Chapter 11 VPNs, Remote Access, and Guest Access Services 429
VPN Technology in 802.11 WLAN Architecture 430
VPN 101 431
VPN Client 433
WLAN Controllers: VPN Server for Client Access 433
VPN Client Security at Public Hotspots 434
Controller-to-Controller VPNs and Site-to-Site VPNs 435
VPNs Used to Protect Bridge Links 436
Remote Access 437
Remote AP 437
Virtual Branch Office Networking 441
Hotspots/Public Access Networks 441
Captive Portal 442
Summary 445
Exam Essentials 445
Key Terms 446
Review Questions 447
Answers to Review Questions 452
Chapter 12 WLAN Security Infrastructure 455
WLAN Architecture Capabilities Overview 457
Distribution System (DS) 458
Autonomous APs 458
WLAN Controllers 460
Split MAC 465
Mesh 465
WLAN Bridging 467
Cooperative Control 467
Location-Based Access Control 469
Hot Standby/Failover 469
Device Management 470
Protocols for Management 471
CAPWAP and LWAPP 475
Wireless Network Management System 476
RADIUS/LDAP Servers 477
Proxy Services 477
Features and Components 478
Integration 480
EAP Type Selection 481
Deployment Architectures and Scaling 482
RADIUS Failover 487
Timer Values 488
WAN Traversal 490
Multifactor Authentication Servers 491
Public Key Infrastructure (PKI) 491
Role-Based Access Control 494
Enterprise Encryption Gateways 497
Summary 498
Exam Essentials 499
Key Terms 500
Review Questions 501
Answers to Review Questions 505
2.4 GHz ISM Point-to-Multipoint (PtMP)
5 GHz UNII Point-to-Multipoint (PtMP)
Windows Registry Values that Control
Preauthentication and PMK Caching 572
Appendix B WLAN Vendors 575
WLAN Infrastructure 576
WLAN Mesh Infrastructure 576
WLAN Auditing, Diagnostic, and Design Solutions 577
WLAN Management 577
WLAN Security Solutions 577
VoWiFi Solutions 578
WLAN Fixed Mobile Convergence 578
WLAN RTLS Solutions 578
WLAN SOHO Vendors 578
Appendix C
About the Companion CD 579
What You’ll Find on the CD 580
Sybex Test Engine 580
Electronic Flashcards 580
System Requirements 581
Using the CD 581
Troubleshooting 581
Customer Care 582
Glossary 583
Index 623
Table of Exercises
Exercise 2.1 Viewing Open System and Shared Key Authentication Frames
Exercise 2.2 Viewing Encrypted MSDU Payload of 802.11 Data Frames
Exercise 2.3 Viewing Hidden SSIDs
Exercise 3.1 TKIP Encrypted Frames
Exercise 3.2 CCMP Encrypted Frames
Exercise 4.1 802.1X / EAP Frame Exchanges
Exercise 5.1 Dynamic WEP
Exercise 5.2 Authentication and Key Management
Exercise 5.3 The 4-Way Handshake
Exercise 6.1 Passphrase-PSK Mapping
Exercise 10.1 Spectrum Analysis
دانلود کتاب Certified Wireless Security Professional Official Study Guide(Exam PW0-204)