WIXLIB

CWNPCWSP-206 Exam Objectives2019Certified Wireless Security Professional (CWSP-206) ObjectivesIntroductionWhen you pass the CWSP exam and hold a valid CWNA certification, you earn the CWSP certificationand credits towards the CWNE certification should you choose to pursue it.The Certified Wireless Security Professional (CWSP) is a WLAN subject matter expert (SME) who canassist in the creation and implementation of an organization’s enforceable security policy by followingapplicable regulations, standards, and accepted best practices. This SME can identify and mitigatethreats to a network. A CWSP effectively uses appropriate tools and procedures to ensure the ongoingsecurity of the network.The skills and knowledge measured by this examination are derived from a Job Task Analysis (JTA)involving wireless networking experts (CWNEs) and professionals. The results of this JTA were used inweighting the subject areas and ensuring that the weighting is representative of the relative importanceof the content.Subject matter experts (SMEs) involved in the development of these objectives and/or the JTA included:Ryan Adzima, Robert Bartz, Tom Carpenter, Brett Hill, Scott Lester, Manon Lessard, James Palmer, andHeather WilliamsThe following table provides the breakdown of the exam as to the distribution of questions within eachknowledge domain.Knowledge DomainSecurity PolicyVulnerabilities, Threats, and AttacksWLAN Security Design and ArchitectureSecurity Lifecycle ManagementCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPercentage10%30%45%15%Page 1 of 12

CWNPCWSP-206 Exam Objectives2019CWNP Authorized Materials Use PolicyCWNP does not condone the use of unauthorized 'training materials' such as 'brain dumps'. Individualswho utilize such materials to pass CWNP exams will have their certifications revoked. In an effort tomore clearly communicate CWNP's policy on use of unauthorized study materials, CWNP directs allcertification candidates to the CWNP Candidate Conduct Policy CandidateConductPolicy.pdfPlease review this policy before beginning the study process for any CWNP exam. Candidates will berequired to state that they understand and have abided by this policy at the time of exam delivery. If acandidate has a question as to whether study materials are considered "brain dumps", he/she shouldperform a search using CertGuard's engine, found here: http://www.certguard.com/search.aspCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 2 of 12

CWNPCWSP-206 Exam Objectives20191.0 Security Policy – 10%1.1 Define WLAN security Requirements1.1.11.1.21.1.31.1.4Evaluate and incorporate business, technical, and applicable regulatory policies (forexample, PCI-DSS, HIPAA, GPDR, etc.)Involve appropriate stakeholdersReview client devices and applicationsReview WLAN infrastructure devices1.2 Develop WLAN security policies1.2.11.2.21.2.31.2.4Translate security requirements to high-level policy statementsWrite policies conforming to common practices including definitions of enforcementand constraint specificationEnsure appropriate approval and support for all policiesImplement security policy lifecycle management1.3 Ensure proper training is administered for all stakeholders related to security policies and ongoingsecurity awareness2.0 Vulnerabilities, Threats, and Attacks – 30%2.1 Identify potential vulnerabilities and threats to determine the impact on the WLAN and supportingsystems and verify, mitigate, and remediate them2.1.12.1.22.1.32.1.42.1.5Use information sources to identify the latest vulnerabilities related to a WLAN includingonline repositories containing CVEsDetermine the risk and impact of identified vulnerabilitiesSelect appropriate actions to mitigate threats exposed by vulnerabilities Review and adjust device configurations to ensure conformance with security policy Implement appropriate code modifications, patches and upgrades Quarantine unrepaired/compromised systems Examine logs and network traffic where applicableDescribe and detect possible, common WLAN attacks including eavesdropping, man-inthe-middle, cracking, phishing, and social engineering attacksImplement penetration testing procedures to identify weaknesses in the WLAN Use appropriate penetration testing processes including scope definition,information gathering, scanning, attack, and documentation procedures Select and use penetration testing tools including project documentation, scanners,hardware tools, Kali Linux, protocol analyzers, WLAN auditing tools (software andhardware)CWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 3 of 12

CWNPCWSP-206 Exam Objectives20192.1.6Implement network monitoring to identify attacks and potential vulnerabilities Use appropriate tools for network monitoring including centralized monitoring,distributed monitoring, and Security Information Event Management (SIEM)systems Implement mobile (temporary), integrated and overlay WIPS solutions to monitorsecurity events2.2 Describe and perform risk analysis and risk mitigation procedures2.2.12.2.22.2.32.2.4Asset managementRisk RatingsLoss expectancy calculationsDevelop risk management plans for WLANs3.0 WLAN Security Design and Architecture – 45%3.1 Select the appropriate security solution for a given implementation and ensure it is installed andconfigured according to policy requirements3.1.13.1.23.1.33.1.4Select and implement appropriate authentication solutions WPA/WPA2-Personal (Pre-Shared Key) WPA/WPA2-Enterprise WPA3-SAE and 192-Bit enterprise security 802.1X/EAP Understand the capabilities of EAP methods including EAP-TLS, EAP-TTLS, PEAP,EAP-FAST, EAP-SIM, and EAP-GTC Guest access authenticationSelect and implement appropriate encryption solutions Encryption methods and concepts TKIP/RC4 CCMP/AES SAE and 192-bit security OWE Virtual Private Network (VPN)Select and implement wireless monitoring solutions Wireless Intrusion Prevention System (WIPS) - overlay and integrated Laptop-based monitoring with protocol and spectrum analyzersUnderstand and explain 802.11 Authentication and Key Management (AKM)components and processes Encryption keys and key hierarchiesCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 4 of 12

CWNPCWSP-206 Exam Objectives2019 Handshakes and exchanges (4-way, SAE, OWE)Pre-shared keysPre-RSNA security (WEP and 802.11 Shared Key authentication)TSN securityRSN securityWPA, WPA2, and WPA33.2 Implement or recommend appropriate wired security configurations to support the WLAN3.2.13.2.23.2.33.2.43.2.5Physical port security in Ethernet switchesNetwork segmentation, VLANs, and layered security solutionsTunneling protocols and connectionsAccess Control Lists (ACLs)Firewalls3.3 Implement authentication and security services3.3.13.3.23.3.33.3.43.3.53.3.6Role-Based Access Control (RBAC)Certificate Authorities (CAs)AAA ServersClient onboardingNetwork Access Control (NAC)BYOD and MDM3.4 Implement secure transitioning (roaming) solutions3.4.13.4.23.4.3802.11r Fast BSS Transition (FT)Opportunistic Key Caching (OKC)Pre-Shared Key (PSK) - standard and per-user3.5 Secure public access and/or open networks3.5.13.5.23.5.33.5.4Guest accessPeer-to-peer connectivityCaptive portalsHotspot 2.0/Passpoint3.6 Implement preventative measures required for common vulnerabilities associated with wirelessinfrastructure devices and avoid weak security solutions3.6.1Weak/default passwordsCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 5 of 12

CWNPCWSP-206 Exam ationFirmware/software updatesHTTP-based administration interface accessTelnet-based administration interface accessOlder SNMP protocols such as SNMPv1 and SNMPv24.0 Security Lifecycle Management – 15%4.1 Understand and implement management within the security lifecycle of identify, assess, protect,and monitor4.1.14.1.24.1.34.1.4Identify technologies being introduced to the WLANAssess security requirements for new technologiesImplement appropriate protective measures for new technologies and validate thesecurity of the measuresMonitor and audit the new technologies for security compliance (Security InformationEvent Management (SIEM), portable audits, intrastructure-based audits, WIPS/WIDS)4.2 Use effective change management procedures including documentation, approval, and notifications4.3 Use information from monitoring solutions for load observation and forecasting of futurerequirements to comply with security policy4.4 Implement appropriate maintenance procedures including license management, sofware/codeupgrades, and configuration management4.5 Implement effective auditing procedures to perform audits, analyze results, and generate reports4.5.14.5.24.5.34.5.44.5.54.5.6User interviewsVulnerability scansReviewing access controlsPenetration testingSystem log analysisReport findings to management and support professionals as appropriateCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 6 of 12

CWNPCWSP-206 Exam Objectives2019CWSP-206 Exam AcronymsFor the CWSP-206 exam, you should be able to understand clearly define the following acronyms inrelation to 802.11 WLAN operations and analysis. Such acronyms shall be used on the CWSP206 examwithout definition.AAAAuthentication, Authorization, and AccountingACIAdjacent Channel InterferenceAD DSActive Directory Domain ServicesAESAdvanced Encryption StandardAPAccess PointARMAdaptive Radio ManagementASKAmplitude Shift KeyingBPSKBinary Phase Shift KeyingBSABasic Service AreaBSSInfrastructure Basic Service SetBSSIDBasic Service Set IdentifierBYODBring Your Own DeviceCCICo-Channel InterferenceCCMPCounter Mode with Cipher Block Chaining Message Authentication ProtocolCIAConfidentiality, Integrity, and AvailabilityCRCCyclic Redundancy CheckCTSClear to SenddBDecibeldBiDecibel to IsotropicdBmDecibel to MilliwattDFSDynamic Frequency SelectionCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 7 of 12

CWNPCWSP-206 Exam Objectives2019DHCPDynamic Host Configuration ProtocolDMGDirectional Multi-GigabitDMZDemilitarized ZoneDNSDomain Name SystemDRSDynamic Rate SwitchingDSDistribution SystemDSMDistribution System MediumDSSSDirect Sequence Spread SpectrumEAPExtensible Authentication ProtocolEIRPEquivalent Isotropically Radiated PowerERPExtended Rate PHYESSExtended Service SetFCCFederal Communications CommissionFHSSFrequency Hopping Spread SpectrumFSKFrequency Shift KeyingFSRFast Secure RoamingFTFast BSS TransitionFTPFile Transfer ProtocolGbpsGigabits Per SecondGBpsGigabytes Per SecondGHzGigahertzGIGuard IntervalGTKGroup Temporal KeyHR/DSSSHigh Rate DSSSHTHigh ThroughputCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 8 of 12

CWNPCWSP-206 Exam Objectives2019HTTPHypertext Transfer ProtocolHzHertzIBSSIndependent Basic Service SetIEEEInstitute of Electrical and Electronics EngineersIETFInternet Engineering Task ForceIoTInternet of ThingsIPInternet ProtocolIRIntentional RadiatorISPInternet Service ProviderLANLocal Area NetworkLDAPLightweight Directory Access ProtocolLEDLight Emitting DiodeMACMedium Access ControlMbpsMegabits Per SecondMBpsMegabytes Per SecondMBSSMesh Basic Service SetMCAMultiple Channel ArchitectureMCSModulation and Coding SchemeMDMMobile Device OutputMOSMean Opinion ScoreMSKMaster Session KeyMU-MIMOMulti-User MIMOmWMilliwattCWNP1005 Slater Road, Suite 101 Durham, NC 27703866-438-2963 www.cwnp.comPage 9 of 12