The Enterprise Wi-Fi Security (CWSP) v4.0 is a 5-day instructor-led course that introduces the learners to the hands-on learning using the latest enterprise wireless LAN equipment. The course addresses in detail the most important and relevant WLAN security protocols, exchanges, and deployment strategies in the enterprise today. The course focuses heavily on understanding the functionality of the 802.11i amendment (now part of the larger standard), including authentication, encryption, and key management. 802.1X and EAP are also central to this conversation, with an in-depth examination of the inner-workings of each authentication mode and EAP type used in wireless LANs today. Other infrastructure security solutions are also taught, such as role-based access control (RBAC), segmentation, VPNs, firewalls, wireless intrusion prevention and monitoring, secure roaming, and network management. Finally, no security course is complete without taking a look at security vulnerabilities, attacks, audit and penetration tools, as well as policy and prevention. The course covers every type and class of WLAN security solution available on the market.
Learners who complete the course will acquire the necessary skills for implementing and managing wireless security in the enterprise by creating Layer 2 and Layer 3 hardware and software solutions with tools from the industry-leading manufacturers.
The course is also designed to prepare attendees to take and pass the CWSP security exam.


Upon completing this course, the learner will be able to meet these overall objectives:
  • Wireless Network Attacks and Threat Assessment
    • Describe general network attacks common to wired and wireless networks, including DoS, phishing, protocol weaknesses and configuration error exploits
    • Recognize common attacks and describe their impact on WLANs, including PHY and MAC DoS, hijacking, unauthorized protocol analysis and eavesdropping, social engineering, man-in-the- middle, authentication and encryption cracks and rogue hardware
    • Execute the preventative measures required for common vulnerabilities on wireless infrastructure devices, including weak/default passwords on wireless infrastructure equipment and misconfiguration of wireless infrastructure devices by administrative staff
    • Describe and perform risk analysis and risk mitigation procedures, including asset management, risk ratings, loss expectancy calculations and risk management planning
    • Explain and demonstrate the security vulnerabilities associated with public access or other unsecured wireless networks, including the use of a WLAN for spam transmission, malware injection, information theft, peer-to-peer attacks and Internet attacks
  • Security Policy
    • Explain the purpose and goals of security policies including password policies, acceptable use policies, WLAN access policies, personal device policies, device management (APs, infrastructure devices and clients) and security awareness training for users and administrators
    • Summarize the security policy criteria related to wireless public access network use including user risks related to unsecured access and provider liability
    • Describe how devices and technology used from outside an organization can impact the security of the corporate network including topics like BYOD, social networking and general MDM practices
  • Wireless LAN Security Design and Architecture
    • Describe how wireless network security solutions may vary for different wireless network implementations including small businesses, home offices, large enterprises, public networks and remote access
    • Understand and explain 802.11 Authentication and Key Management (AKM) components and processes including encryption keys, handshakes and pre-shared key management
    • Define and differentiate among the 802.11-defined secure networks, including pre-RSNA security, Transition Security Networks (TSN) and Robust Security Networks (RSN) and explain the relationship of these networks to terms including RSNA, WPA and WPA2
    • Identify the purpose and characteristics of IEEE 802.1X and EAP and the processes used including EAP types (PEAP, EAP-TLS, EAP-TTLS, EAP-FAST and EAP-SIM), AAA servers (RADIUS) and certificate management
    • Recognize and understand the common uses of VPNs in wireless networks, including remote APs, VPN client access, WLAN controllers and cloud architectures
    • Describe, demonstrate, and configure centrally-managed client-side security applications, including VPN client software and policies, personal firewall software, mobile device management (MDM) and wireless client utility software
    • Describe and demonstrate the use of secure infrastructure management protocols, including HTTPS, SNMP, secure FTP protocols, SCP and SSH
    • Explain the role, importance, and limiting factors of VLANs and network segmentation in an 802.11 WLAN infrastructure
    • Understand additional security features in WLAN infrastructure and access devices, including management frame protection, Role-Based Access Control (RBAC), Fast BSS transition (pre- authentication and OKC), physical security methods and Network Access Control (NAC)
    • Explain the purpose, methodology, features, and configuration of guest access networks and BYOD support, including segmentation, guest management, captive portal authentication and device management
  • Monitoring, Management, and Tracking
    • Explain the importance of ongoing WLAN monitoring and the necessary tools and processes used as well as the importance of WLAN security audits and compliance reports
    • Understand how to use protocol and spectrum analyzers to effectively evaluate secure wireless networks including 802.1X authentication troubleshooting, location of rogue security devices and identification of non-compliant devices
    • Understand the command features and components of a Wireless Intrusion Prevention Systems (WIPS) and how they are used in relation to performance, protocol, spectrum and security analysis
    • Describe the different types of WLAN management systems and their features, including network discovery, configuration management, firmware management, audit management, policy enforcement, rogue detection, network monitoring, user monitoring, event alarms and event notifications
    • Describe and implement compliance monitoring, enforcement, and reporting; topics include industry requirements, such as PCI-DSS and HIPAA, and general government regulations


The course contains these components:
  • Introduction to WLAN Security Technology
    • Security Policy
    • Security Concerns
    • Security Auditing Practices
    • Application Layer Vulnerabilities and Analysis
    • Data Link Layer Vulnerabilities and Analysis
    • Physical Layer Vulnerabilities and Analysis
    • 802.11 Security Mechanisms
    • Legacy WLAN Security Methods, Mechanisms, and Exploits
    • Wi-Fi Alliance Security Certifications
  • WLAN Mobile Endpoint Security Solutions
    • Enterprise-Class Mobile Endpoint Security
    • User-Accessible and Restricted Endpoint Policies
    • VPN Technologies Common for Client Devices
  • SOHO and SMB WLAN Security Technologies and Solutions
    • General Vulnerabilities
    • Preshared Key Security with RSN Cipher Suites
    • Passphrase Vulnerabilities
    • Passphrase Entropy and Hacking Tools
    • WPA/WPA2 Personal—How It Works
    • WPA/WPA2 Personal—Configuration
    • Installation and Configuration of WIPS, WNMS, and WLAN Controllers to Extend Enterprise Security Policy to Remote and Branch Offices
    • Remote/Branch Office VPN Technologies Common for Infrastructure Devices
  • Enterprise WLAN Management and Monitoring
    • Device Identification and Tracking
    • Rogue Device Detection and Mitigation
    • WLAN Forensics and Data Logging
    • Enterprise WIPS Installation and Configuration
    • Protocol Analysis
    • WNMS Security Features
    • WLAN Controller Security Feature Sets
  • Enterprise WLAN Security Technology and Solutions
    • Robust Security Networks (RSN)
    • WPA/WPA2 Enterprise—How It Works
    • WPA/WPA2 Enterprise—Configuration
    • IEEE 802.11 Authentication and Key Management (AKM)
    • 802.11 Cipher Suites
    • Use of Authentication Services (RADIUS, LDAP) in WLANs
    • User Profile Management (RBAC)
    • Public Key Infrastructures (PKI) Used with WLANs
    • Certificate Authorities and X.509 Digital Certificates
    • RADIUS Installation and Configuration
    • 802.1X/EAP Authentication Mechanisms
    • EAP Types and Differences
    • 802.11 Handshakes and Exchanges
    • Fast BSS Transition (FT) Technologies (Fast Secure Roaming [FSR])
    • Captive Portals and Guest Networking

The lab contains these activities:
  • WLAN Connectivity
    Along with client devices, WLAN access points and/or controllers are currently the center piece of 802.11 security. Other infrastructure components are important to security, but the primary focus is how client devices access the network, what authentication and encryption methods are used, and how that wireless data is protected. For this reason, an in-depth understanding how to secure access to the network through the WLAN infrastructure is essential.
    This lab is focused on WLAN AP/controller and client device security, and primarily covers the following areas:
    1. Secure access to the AP/controller using secure management protocols
    2. Configuring multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
    3. Configuring client devices to connect to the WLAN infrastructure using secure protocols including WPA/WPA2 Personal and Enterprise.
    4. Creating user or group policies that provide network services to clients based on their authorization level
    5. Understanding integrated wIPS configuration, policies, and monitoring
  • 802.1X/EAP Configuration
    This lab is focused on 802.1X/EAP security. WPA/WPA2-Enterprise relies on secure authentication via 802.1X/EAP, often utilizing an enterprise’s backend authentication infrastructure, including RADIUS servers as well as user databases. In this lab, we will gain first-hand knowledge of this process and the configuration details involved. This lab group covers the following exercises:
    1. Setting up a RADIUS server and a user credential database with EAP support
    2. Creating and using server certificates and installing the certificate on client devices
    3. Configuring the WLAN AP/controller for 802.1X with RADIUS connectivity
    4. Configuring EAP types, user credentials, and certificates on the client devices
  • Wireless Intrusion Prevention Systems (WIPS)
    This lab module is focused on Wireless Intrusion Prevention Systems (WIPS). WIPS are known for three overriding functions: security monitoring, performance monitoring, and reporting. In this lab exercise, we will focus on security monitoring and reporting. Areas of particular interest include:
    1. WIPS installation, licensing, adding/configuring sensors, and secure console connectivity
    2. Configuring WLAN profils according to organizational security policies
    3. Properly classifying authorized, unauthorized, and external/interfering access points
    4. Identifying and mitigating rogue devices
    5. Identifying specific attacks against the authorized WLAN infrastructure or client stations
  • Using Laptop-based Protocol and Spectrum Analyzers
    This lab is focused on the use of laptop analyzers for spectrum analysis, protocol analysis, and WLAN discovery. Understanding driver issues, security-related protocol analysis (authentication and encryption), and spectrum analysis will aid the wireless security professional in policy compliance, proper implementation, and troubleshooting. The following steps will be covered in this lab exercise:
    1. Installing and configuring a WLAN discovery tool, a laptop protocol analyzer, and a laptop spectrum analyzer
    2. Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool and protocol analyzer
    3. Capturing and analyzing WPA2-Personal and Enterprise (among others) authentication sequences in a WLAN protocol analyzer
    4. Capturing and analyzing Hotspot authentication and data traffic in a WLAN protocol analyzer
    5. Capturing and analyzing common frame types and security elements with a WLAN protocol analyzer
    6. Viewing a normal RF environment, a busy RF environment, RF interference sources, and an RF attack on the WLAN in a spectrum analyzer
  • Fast Secure Roaming
    This lab is focused on fast secure roaming (FSR) within an Extended Service Set. Moving quickly and securely between access points attached to the same distribution system is a requirement of real-time mobility devices such as VoWiFi phones and mobile video devices. Understanding the standards-based and proprietary processes of a Fast Transition (FT) service will help network designers support strong security and fast roaming simultaneously. The following steps will be covered in this lab exercise:
    1. Configure a WLAN infrastructure roaming scenario with multiple APs and possibly multiple controllers
    2. Utilize a RADIUS server for 802.1X/EAP authentication and the WLAN infrastructure for simpler forms of security
    3. Configure a client device for EAP authentication using the CCMP cipher suite
    4. Configure an 802.11 protocol analyzer to capture the roaming transition
    5. Perform a slow BSS transition as a baseline, testing open authentication, WEP, WPA2-Personal, and WPA2-Enterprise
    6. Enable fast secure roaming mechanisms within the infrastructure and on the client station and perform a fast transition
    7. Conduct the same tests across a Layer-3 IP boundary as well as between controllers
  • Network Attacks and Auditing
    This lab is focused on understanding and conducting common network attack sequences. Defensive network security requires an understanding of offensive attacks. Auditing is the process of validating a security solution, and understanding auditing tools is an important skill for administrators and consultants. This module will be tailored to the class, but covers topics like the following:
    1. Conducting authentication and encryption cracking attacks
    2. Conducting simple attacks/workarounds like MAC spoofing
    3. Performing basic protocol analysis and eavesdropping
    4. Attempting advanced attacks like session hijacking, packet injection, replay attacks, and protocol DoS attacks

Prerequisite Knowledge

The knowledge and skills that a learner should possess before attending this course are as follows:
  • Wireless LAN literacy
  • CWNA certification

Associated certifications