Practical Techniques for Analyzing WIFI Traffic
This course introduces students to 802.11 wireless local area networks (WLAN) and the application of analytical techniques on captured wireless network traffic. The course will begin with an introduction to radio frequency (RF) fundamentals, components, and signaling as it relates to 802.11 wireless local area networks (WLAN). Students will understand how wireless networking integrates into more traditional wired networks through various wireless network hardware. Students will learn how devices operate and contend for the wireless medium. An emphasis is placed on wireless vulnerabilities, mitigating weakness in security, and how encryption algorithms are used. Students will get hands-on exercises using open source network capture tools and protocol analyzers and apply them to examine captured data. Students will learn how site surveys are used to optimize wireless networks. The final topics focus on wireless threats and the examination of common attacks.
Prerequisites
- Completion of the CWNA course is required.
- Completion of the CWSP course is highly encouraged.
- Completion of the CompTIA Network+ course or the TCP/IP Networking course or equivalent experience is required.
- Experience working from Linux/UNIX command line interface is highly recommended.
Objectives
Upon completion of this course, the student will be able to:
- Describe radio frequency fundamentals in wireless networks
- Identify IEEE 802.11 wireless network components and topologies
- Explain wireless network operating parameters, modes, and characteristics
- Express the correct application of encryption and security in wireless networks
- Use a protocol analyzer to examine captured wireless packets and frames
- Conduct WLAN survey analysis for optimal channel usage and throughput
- Apply common forensics techniques to investigate wireless network attacks
- ScheduleDay 1 – RF Fundamentals, RF Components, RF Signal and Antenna Concepts, Wireless LANsDay 2 – WLAN Components and Topologies, Client Devices and Access Points, Access to the Medium, Wireless Networks and Spread Spectrum Technologies
Day 3 – MAC Architecture and Frames, Network Security Architecture, Encryption and Dynamic Keys
Day 4 – Scanning and Enumeration, Site Surveys, Wireless Attacks and Threats, Analysis of Wireless Attacks
Outline
- Describe radio frequency fundamentals in wireless networks
- Describe RF characteristics and behaviors
- Identify RF communications components
- Explain visual and RF lines of sight
- Identify IEEE 802.11 wireless network components and topologies
- Identify client devices and access points by role
- Summarize common 802.11 architectures and configuration modes
- Explain wireless network operating parameters, modes, and characteristics
- State where in the OSI model 802.11 wireless networks integrate
- Explain the translations and encapsulation between mediums
- Summarize how devices get access to the medium
- Distinguish between WLAN planes of operation
- Define WLAN architecture types by access point organization
- Categorize WLAN frame types
- Express the correct application of encryption and security in wireless networks
- Differentiate between WEP, WPA, and WPA2 encryption schemes
- Explain how personal and enterprise implementations of WPA/WPA2 differ
- Describe dynamic key generation in personal and enterprise modes
- Use a protocol analyzer to examine captured wireless packets and frames
- Differentiate between passive and active scanning
- Explain the how monitor mode differs from managed mode
- Capture wireless network data using open source tools
- Apply display filters to capture files
- Extract statistics regarding wireless network traffic
- Examine captured data to determine categories of transmitted data
- Follow node conversation streams
- Conduct WLAN survey analysis for optimal channel usage and throughput
- Name common tools and techniques used to conduct site surveys
- Identify WLAN frequencies and channel usage
- Define adjacent, nonadjacent, and overlapping channel use
- Identify WLAN protection mechanisms that affect station throughput
- Apply common forensics techniques to investigate wireless network attacks
- Extract artifacts that are indicative of MAC spoofing
- Recognize the characteristics of man-in-the-middle attacks
- Examine captures to identify evil twin attacks
- Distinguish between various layer 1 and 2 attacks
- Examine network captures for weak authentication protocols
- Discuss the types of evidence that can be found on compromised access points
- Describe radio frequency fundamentals in wireless networks
Is there a discount available for current students?
UMBC students and alumni, as well as students who have previously taken a public training course with UMBC Training Centers are eligible for a 10% discount, capped at $250. Please provide a copy of your UMBC student ID or an unofficial transcript or the name of the UMBC Training Centers course you have completed. Asynchronous courses are excluded from this offer.
What is the cancellation and refund policy?
Student will receive a refund of paid registration fees only if UMBC Training Centers receives a notice of cancellation at least 10 business days prior to the class start date for classes or the exam date for exams.