Skip Ribbon Commands
Skip to main content

CWSP - Certified Wireless Security Professional (CWSP)


Duration: 4 Days




Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

​This Wireless LAN Security training demonstrates the latest enterprise wireless LAN security and auditing equipment.

The CWSP course addresses the state-of-the-art WLAN intrusion and DoS tools and techniques. It also investigates the functionality of the 802.11i amendment to the 802.11 standard and the inner-workings of each EAP type used with wireless LANs today, along with every class and type of WLAN security solution available on the market - from wireless intrusion prevention systems to wireless network management systems.

This course addresses, in detail, the most important and relevant WLAN security protocols, exchanges, and deployment strategies. The class focuses heavily on understanding the functionality of the 802.11i amendment, including authentication, encryption, and key management. 802.1X and EAP are also central to this class, with an in-depth examination of each authentication mode and EAP type used in wireless LANs today. 

Other infrastructure security solutions are also discussed, such as role-based access control, segmentation, VPNs, firewalls, wireless intrusion prevention and monitoring, secure roaming, and network management.

Course Objectives

​Upon CompletionStudents will:

Students who complete the course will be exposed to the necessary skills for implementing and managing wireless security in an enterprise environment, by creating layer2 and layer3 hardware and software solutions utilizing industry leading manufacturers’ equipment.

Course Audience

  • Advanced Wi-Fi Support Staff
  • IT Security Staff
  • Those desiring to get a good understanding of Wi-Fi Security and Defense

Course Outline

​Main Subject Areas Covered by CWSP

– WLAN Discovery Techniques

– Intrusion and Attack Techniques

– 802.11 Protocol Analysis

– Wireless Intrusion Prevention Systems (WIPS) Implementation

– Layer 2 and 3 VPNs Used Over 802.11 Networks

– Enterprise/SMB/SOHO/Public Network Security Design Models

– Managed Endpoint Security Systems

– 802.11 Authentication and Key Management Protocols

– Enterprise/SMB/SOHO/Public Network Security Solution Implementation

– Building Robust Security Networks from the Ground Up

– Fast BSS Transition (aka Fast/Secure Roaming) Techniques

– Thorough Coverage of all 802.1X/EAP Types Used in WLANs

– Wireless LAN Management Systems (WNMS)

– Authentication Infrastructure Design Models

– Using Secure Applications

-- 802.11 Design Architectures

Implementing a Thorough Wireless Security Policy

Related Courses:

Certified Wireless Network Administrator (CWNA)

Course Outline

The following list contains the materials covered in the lecture portion of the course.

Introduction to WLAN Security Technology

Security policy

Security concerns

Security auditing practices

Application layer vulnerabilities and analysis

Data Link layer vulnerabilities and analysis

Physical layer vulnerabilities and analysis

802.11 security mechanisms

Legacy WLAN security methods, mechanisms and exploits

Wi-Fi Alliance security certifications

WLAN Mobile Endpoint Security Solutions

Enterprise-class mobile endpoint security

User-accessible and restricted endpoint policies

VPN technologies common for client devices

SOHO and SMB WLAN Security Technologies and Solutions

General vulnerabilities

Preshared Key security with RSN cipher suites

Passphrase vulnerabilities

Passphrase entrophy and hacking tools

WPA/WPA2 Personal – how it works

WPA/WPA2 Personal – configuration

Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices

Remote/branch office VPN technologies common for infrastructure devices

Enterprise WLAN Management and Monitoring

Device identification and tracking

Rogue device detection and mitigation

WLAN forensics and data logging

Enterprise WIPS installation and configuration

Protocol analysis

WNMS security features

WLAN controller security feature sets

Enterprise WLAN Security Technology and Solutions

Robust Security Networks (RSN)

WPA/WPA2 Enterprise – how it works

WPA/WPA2 Enterprise – configuration

IEEE 802.11 Authentication and Key Management (AKM)

802.11 cipher suites

Use of authentication services (RADIUS, LDAP) in WLANs

User profile management (RBAC)

Public Key Infrastructures (PKI) used with WLANs

Certificate Authorities and X.509 digital certificates

RADIUS installation and configuration

802.1X/EAP authentication mechanisms

EAP types and differences

802.11 handshakes and exchanges

Fast BSS Transition (FT) technologies (FSR- Fast Secure Roaming)

Captive portals and guest networking

Potential Lab Exercises

Instructor may select from the following:

WLAN Connectivity

802.1X/EAP Configuration

Wireless Intrusion Protection Systems (WIPS)

Using Laptop-based Protocol and Spectrum Analyzers

Fast Secure Roaming

Network Attacks and Auditing

Course Prerequisites

​None; however, knowledge of Wireless LAN Security is a plus.

Course Schedule
This course is not scheduled yet.