Overview

This course is designed for professionals seeking a comprehensive technical ability to understand, analyze, and defend the various wireless technologies that have become ubiquitous in our environments and, increasingly, key entrance points for attackers. The authors of the course, as penetration testers themselves, know that many organizations overlook wireless security as an attack surface, and therefore fail to establish required defenses and monitoring, even though wireless technologies are now commonplace in executive suites, financial departments, government offices, manufacturing production lines, retail networks, medical devices, and air traffic control systems. Given the known risks of insecure wireless technologies and the attacks used against them, the course was designed to help people build the vital skills needed to identify, evaluate, assess, and defend against these threats.

Learning Outcome

  • Identify and locate malicious rogue access points using free and low-cost tools
  • Conduct a penetration test against low-power wireless devices to identify control system and related wireless vulnerabilities
  • Identify vulnerabilities and bypass authentication mechanisms in Bluetooth networks
  • Utilize wireless capture tools to extract audio conversations and network traffic from DECT wireless phones
  • Implement a WPA2 Enterprise penetration test to exploit vulnerable wireless client systems for credential harvesting
  • Utilize Scapy to force custom packets to manipulate wireless networks in new ways, quickly building custom attack tools to meet specific penetration test requirements
  • Identify Wi-Fi attacks using network packet captures traces and freely available analysis tools
  • Identify and exploit shortcomings in the security of proximity key card systems
  • Decode proprietary radio signals using Software-Defined Radio
  • Mount a penetration test against numerous standards-based or proprietary wireless technologies

Who should Attend?

  • Ethical hackers and penetration testers
  • Network security staff
  • Network and system administrators
  • Incident response teams
  • Information security policy decision-makers
  • Technical auditors
  • Information security consultants
  • Wireless system engineers
  • Embedded wireless system developers

Eligibility Criteria

There are no prerequisites for this course.

This course is endorsed under Critical Infocomm Technology Resource Programme Plus (CITREP+) Programme.
To find out more about CITREP+ Funding, please refer to Programme Support under CITREP+ page

Information is accurate as of 11 August 2020