powered by
Center for Curriculum and Transfer Articulation
Wireless Network Security
Course: ITS233

First Term: 2005 Spring
 Lec + Lab   3 Credit(s)   4 Period(s)   3.7 Load  
Subject Type: Occupational
Load Formula: S


Description: Advanced concepts of securing wireless (802.11) communications. Auditing tools, Radio Frequency (RF) jamming and Wired Equivalent Privacy (WEP) decryption tools. Policies for implementing secure Wireless Local Area Networks (WLANs) including baselines, WLAN auditing and threat monitoring and responses. The role of encryption and Virtual Private Networks (VPNs), 802.11i and Wi-Fi Protected Access (WPA) as well as network segmentation and WLAN user authentication



MCCCD Official Course Competencies
1. Demonstrate use of Wireless Local Area Network (WLAN) auditing tools. (I)
2. Gather wireless data and traffic patterns. (II)
3. Explain social engineering techniques used to gather information about WLANs. (II)
4. Demonstrate the use of tools for gaining unauthorized access to WLANs. (III)
5. Demonstrate the use of tools to insert malicious data in WLAN traffic. (III)
6. Demonstrate the use of tools to create a Denial of Service (DoS) condition in WLAN traffic. (IV)
7. Define policies for WLAN usage in business. (VI, VII, VIII, IX)
8. Determine a business` risk exposure and develop an impact analysis. (VI)
9. Develop a WLAN security auditing process. (VI)
10. Develop baseline security practices for a WLAN. (VII)
11. Integrate a WLAN with existing Local Area Network equipment. (VIII)
12. Develop procedures to monitor for and respond to WLAN security threats. (IX)
13. Discuss the role of various encryption schemes in WLANs. (X)
14. Demonstrate data-link layer authentication techniques and their role in WLAN deployment. (XI)
15. Define the role of Wi-Fi Protected Access (WPA) and 802.11i in securing a WLAN. (XII)
16. Discuss the use of Virtual Private Networks (VPNs) in a WLAN. (XIII)
17. Describe the use of segmentation, security devices, and other techniques in securing WLANs. (XIV)
18. Describe the use of Kerberos and Lightweight Directory Access Protocol (LDAP) in authenticating WLAN users. (XIV)
MCCCD Official Course Competencies must be coordinated with the content outline so that each major point in the outline serves one or more competencies. MCCCD faculty retains authority in determining the pedagogical approach, methodology, content sequencing, and assessment metrics for student work. Please see individual course syllabi for additional information, including specific course requirements.
 
MCCCD Official Course Outline
I. Wireless Local Area Network (WLAN) Auditing Tools
   A. WLAN discovery tools
   B. Password capture and decryption
   C. Share enumerators
   D. Wireless protocol analyzers
   E. Operating System (OS) fingerprinting and port scanning
   F. Application layer analyzers
   G. Network discovery tools
   H. RF jamming
   I. Hijacking tools
   J. Wired Equivalent Privacy (WEP) decryption tools
II. Information Gathering
   A. Target profiling
   B. Information gathering tools
   C. Social engineering
   D. Traffic pattern analysis
III. Unauthorized Access
   A. Tools for gaining access
   B. Rogue devices
   C. Malicious data insertion
   D. Data theft
   E. Peer-to-peer attacks
   F. Unauthorized control
   G. Physical security
IV. ITS233 20052 26 A. Denial of service
   B. RF Jamming
   C. Data flooding
   D. Hijacking
   E. Tools
V. Wireless LAN Security Policy Basics
   A. Where to start
   B. Risk assessment
   C. Impact analysis
   D. Security auditing
VI. Functional WLAN Security Policy \226 Guidelines and Baselines
   A. Policy essentials
   B. General guidelines
   C. Baseline practices
VII. Functional WLAN Security Policy \227 Design and Implementation
   A. Interoperability
   B. Layering
   C. Segmentation
   D. Authentication and encryption
XIII. Functional WLAN Security Policy \227 Monitoring and Response
   A. Physical security
   B. Social engineering
   C. Reporting
   D. Response procedures
IX. Encryption
   A. Rivest Cipher 4 (RC4)
   B. Rivest Cipher 5 (RC5)
   C. Data Encryption Standard (DES)
   D. Triple Data Encryption Standard (3DES)
   E. Advanced Encryption Standard (AES)
X. Layer 2 Solutions
   A. Static WEP
   B. Temporal Key Integrity Protocol (TKIP)
   C. 802.1x and Extensible Authentication Protocol (EAP)
XI. 802.11i and Wi-Fi Protected Access
   A. The 802.11i standard
   B. Wi-Fi\231 Protected Access (WPA)
XII. Wireless Virtual Private Networks
   A. Virtual Private Network (VPN) considerations
   B. VPN options
XIII. Authentication Types
   A. Kerberos
   B. Remote Access Dial-In User Service (RADIUS)
   C. Lightweight Directory Access Protocol (LDAP)
   D. Multi-Factor authentication
XIV. Segmentation Security Devices and Other Security Techniques
   A. Routers and Layer 3 switches
   B. VPN concentrators
   C. Firewalls
   D. Enterprise Encryption Gateways (EEG) and Enterprise Wireless Gateways (EWG)
   E. Intrusion Detection Systems (IDS)
   F. Thin clients
   G. Authenticated Dynamic Host Configuration Protocol (DHCP)
   H. Traffic Baselining
 
MCCCD Governing Board Approval Date:  12/14/2004

All information published is subject to change without notice. Every effort has been made to ensure the accuracy of information presented, but based on the dynamic nature of the curricular process, course and program information is subject to change in order to reflect the most current information available.