Legitimized [GIAC Assessing and Auditing Wireless Networks (GAWN)] Expert – Led Video Course – MASTERYTRAIL

Lesson 1: Introduction to Wireless Networks
1.1 History of Wireless Networks
1.2 Types of Wireless Networks
1.3 Standards and Protocols (IEEE 802.11)
1.4 Wireless Frequency Spectrum
1.5 Advantages and Disadvantages
1.6 Network Topologies
1.7 Wireless Devices Overview
1.8 Common Wireless Applications
1.9 Evolution of Wireless Security
1.10 GAWN Certification Overview

Lesson 2: Wireless Networking Basics
2.1 Radio Frequency Fundamentals
2.2 Modulation Techniques
2.3 Wireless Data Transmission
2.4 Antenna Concepts
2.5 Channel Allocation
2.6 SSID and BSSID
2.7 Wireless Modes (Ad-hoc, Infrastructure)
2.8 MAC Addressing
2.9 Beacon Frames
2.10 Wireless Network Discovery

Lesson 3: IEEE 802.11 Standards
3.1 Introduction to 802.11
3.2 802.11a/b/g/n/ac/ax Standards
3.3 Frequency Bands and Channels
3.4 Data Rates
3.5 Frame Types
3.6 802.11 Management Frames
3.7 802.11 Control Frames
3.8 802.11 Data Frames
3.9 802.11 QoS Features
3.10 802.11 Wireless Security

Lesson 4: Wireless Network Components
4.1 Access Points (AP)
4.2 Wireless Clients
4.3 Wireless Controllers
4.4 Wireless Bridges
4.5 Repeaters and Extenders
4.6 Network Interface Cards
4.7 Wireless Sensors
4.8 Wireless Routers
4.9 Power over Ethernet (PoE)
4.10 Wireless Network Cabling

Lesson 5: Wireless Authentication and Encryption
5.1 WEP Overview
5.2 WPA/WPA2 Overview
5.3 WPA3 Introduction
5.4 802.1X Authentication
5.5 EAP Methods
5.6 PSK vs. Enterprise Mode
5.7 Encryption Algorithms (TKIP, AES)
5.8 Key Management
5.9 Authentication Protocols
5.10 Wireless Security Best Practices

Lesson 6: Wireless Threats and Vulnerabilities
6.1 Eavesdropping
6.2 Rogue Access Points
6.3 Evil Twin Attacks
6.4 Denial of Service (DoS)
6.5 Man-in-the-Middle Attacks
6.6 MAC Spoofing
6.7 Replay Attacks
6.8 Packet Injection
6.9 Wireless Sniffing
6.10 Default Credential Exploits

Lesson 7: Wireless Penetration Testing Overview
7.1 Penetration Testing Process
7.2 Scope Definition
7.3 Rules of Engagement
7.4 Legal Considerations
7.5 Wireless Testing Methodologies
7.6 Wireless Testing Tools
7.7 Reporting and Documentation
7.8 Risk Assessment
7.9 Remediation Planning
7.10 Penetration Testing Ethics

Lesson 8: Wireless Reconnaissance Techniques
8.1 Passive Reconnaissance
8.2 Active Reconnaissance
8.3 Wardriving
8.4 Warwalking
8.5 Wireless Scanning Tools
8.6 SSID Discovery
8.7 Signal Strength Analysis
8.8 Identifying Hidden Networks
8.9 Device Fingerprinting
8.10 Site Surveys

Lesson 9: Wireless Sniffing and Traffic Analysis
9.1 Packet Capture Tools
9.2 Promiscuous Mode
9.3 Monitor Mode
9.4 Analyzing Management Frames
9.5 Analyzing Control Frames
9.6 Analyzing Data Frames
9.7 Wireless Packet Decoding
9.8 Traffic Filtering
9.9 Session Reconstruction
9.10 Wireless Traffic Analysis Use Cases

Lesson 10: Wireless Attack Tools
10.1 Aircrack-ng Suite
10.2 Kismet
10.3 Wireshark
10.4 Reaver
10.5 Fern WiFi Cracker
10.6 Metasploit for Wireless
10.7 Scapy
10.8 Wifite
10.9 Cowpatty
10.10 Hashcat for WPA Cracking

Lesson 11: Attacking WEP Encryption
11.1 WEP Key Weaknesses
11.2 IV Collection
11.3 FMS and KoreK Attacks
11.4 WEP Key Cracking Tools
11.5 Packet Injection Techniques
11.6 ARP Replay Attack
11.7 Fragmentation Attack
11.8 Chop-Chop Attack
11.9 WEP Key Recovery
11.10 WEP Remediation

Lesson 12: Attacking WPA/WPA2-PSK
12.1 WPA/WPA2 Handshake Capture
12.2 Dictionary Attacks
12.3 Brute Force Attacks
12.4 Rainbow Tables
12.5 PMKID Attacks
12.6 Weak Passphrase Exploitation
12.7 GPU-Accelerated Cracking
12.8 BSSID Filtering
12.9 Deauthentication Attacks
12.10 WPA2-PSK Remediation

Lesson 13: Attacking WPA/WPA2-Enterprise
13.1 Enterprise Authentication Methods
13.2 EAP Protocols (EAP-TLS, PEAP, etc.)
13.3 Credential Harvesting
13.4 Evil Twin with Captive Portal
13.5 MSCHAPv2 Vulnerabilities
13.6 Man-in-the-Middle Tools
13.7 Certificate Validation Attacks
13.8 EAP Downgrade Attacks
13.9 Credential Cracking
13.10 WPA2-Enterprise Remediation

Lesson 14: Attacking WPA3 Networks
14.1 WPA3 Improvements
14.2 Dragonfly Handshake
14.3 SAE Protocol Attacks
14.4 Known WPA3 Vulnerabilities
14.5 Dictionary Attacks on WPA3
14.6 Side-Channel Attacks
14.7 Implementation Weaknesses
14.8 WPA3 Downgrade Attacks
14.9 WPA3 Testing Tools
14.10 WPA3 Remediation

Lesson 15: Wireless DoS and Jamming
15.1 DoS Attack Overview
15.2 Deauthentication Flood
15.3 Disassociation Flood
15.4 CTS/RTS Flood
15.5 Beacon Flood
15.6 Channel Jamming
15.7 Physical Jamming Devices
15.8 Detection of DoS Attacks
15.9 DoS Attack Mitigation
15.10 Legal Aspects of Jamming

Lesson 16: Rogue Access Point Detection
16.1 Rogue AP Overview
16.2 AP Fingerprinting
16.3 Detection Tools
16.4 Wireless IDS/IPS
16.5 Rogue AP Policy
16.6 Rogue AP Attack Techniques
16.7 Preventing Rogue APs
16.8 Responding to Rogue APs
16.9 AP Location Techniques
16.10 Rogue AP Reporting

Lesson 17: Evil Twin Attacks
17.1 Evil Twin Concepts
17.2 Setting Up an Evil Twin
17.3 Captive Portal Hijacking
17.4 Credential Harvesting
17.5 SSL Stripping
17.6 Phishing via Evil Twin
17.7 Detection Techniques
17.8 Mitigation Strategies
17.9 Legal Considerations
17.10 Case Studies

Lesson 18: Wireless Man-in-the-Middle Attacks
18.1 MITM Overview
18.2 ARP Spoofing
18.3 DNS Spoofing
18.4 HTTPS Interception
18.5 Traffic Manipulation
18.6 Session Hijacking
18.7 Tools for MITM
18.8 Detection and Prevention
18.9 Real-World Examples
18.10 Remediation Steps

Lesson 19: Wireless Client Attacks
19.1 Client Vulnerabilities
19.2 Probe Request Attacks
19.3 Karma Attacks
19.4 Lure10 Attacks
19.5 Client-Side DoS
19.6 Credential Theft
19.7 Client Isolation Bypass
19.8 Social Engineering Wireless Users
19.9 Client-Side Remediation
19.10 Secure Client Configuration

Lesson 20: Wireless Network Discovery Tools
20.1 NetStumbler
20.2 inSSIDer
20.3 Kismet Usage
20.4 Acrylic Wi-Fi
20.5 WiFi Analyzer
20.6 Airodump-ng
20.7 Vistumbler
20.8 OpenSignal
20.9 Ekahau HeatMapper
20.10 Custom Scripting for Discovery

Lesson 21: Wireless Network Mapping and Visualization
21.1 Mapping Tools
21.2 Wi-Fi Heatmaps
21.3 Floor Plan Overlay
21.4 Signal Coverage Analysis
21.5 Client Location Tracking
21.6 AP Location Triangulation
21.7 Visualizing Interference
21.8 Rogue Device Mapping
21.9 Reporting Visualization
21.10 Advanced Mapping Techniques

Lesson 22: Wireless Site Surveys
22.1 Site Survey Overview
22.2 Pre-Deployment Survey
22.3 Post-Deployment Survey
22.4 Predictive vs. Active Surveys
22.5 Tools for Site Surveys
22.6 Coverage Area Analysis
22.7 AP Placement Strategies
22.8 Interference Identification
22.9 Survey Reporting
22.10 Continuous Monitoring

Lesson 23: Wireless IDS/IPS
23.1 IDS/IPS Overview
23.2 Wireless IDS Features
23.3 Wireless IPS Features
23.4 Detection Techniques
23.5 Signature-Based Detection
23.6 Anomaly-Based Detection
23.7 IDS/IPS Tools
23.8 Deployment Considerations
23.9 Tuning and Maintenance
23.10 Incident Response

Lesson 24: Wireless Policy and Compliance
24.1 Wireless Security Policy
24.2 Acceptable Use Policies
24.3 Regulatory Requirements
24.4 PCI DSS and Wireless
24.5 HIPAA and Wireless
24.6 SOX Compliance
24.7 Policy Enforcement
24.8 Policy Training
24.9 Policy Review and Update
24.10 Auditing Policy Compliance

Lesson 25: Wireless Logging and Monitoring
25.1 Importance of Logging
25.2 Logging Wireless Events
25.3 Log Aggregation Tools
25.4 Real-Time Monitoring
25.5 Alerting and Notification
25.6 Log Retention Policies
25.7 Forensic Analysis
25.8 Log Review Process
25.9 Compliance Logging
25.10 Log Tampering Prevention

Lesson 26: Wireless Auditing Process
26.1 Audit Planning
26.2 Audit Scope
26.3 Audit Objectives
26.4 Audit Checklist
26.5 Data Collection Methods
26.6 Physical Inspection
26.7 Configuration Review
26.8 Wireless Risk Assessment
26.9 Audit Reporting
26.10 Audit Follow-up

Lesson 27: Auditing Wireless Configurations
27.1 Access Point Configuration Review
27.2 SSID Naming Conventions
27.3 Channel Assignment
27.4 Encryption Settings
27.5 Authentication Settings
27.6 Firmware Version Review
27.7 AP Management Security
27.8 VLAN Configuration
27.9 Guest Network Segregation
27.10 Configuration Hardening

Lesson 28: Wireless Vulnerability Assessment
28.1 Vulnerability Assessment Overview
28.2 Vulnerability Scanning Tools
28.3 Identifying Weak Encryption
28.4 Default Settings
28.5 Patch Management
28.6 Credential Testing
28.7 Physical Security Assessment
28.8 Policy Compliance Checks
28.9 Remediation Verification
28.10 Reporting Vulnerabilities

Lesson 29: Wireless Risk Management
29.1 Risk Assessment Methodologies
29.2 Risk Identification
29.3 Risk Analysis
29.4 Risk Mitigation Strategies
29.5 Risk Acceptance
29.6 Risk Transfer
29.7 Residual Risk
29.8 Risk Reporting
29.9 Risk Review
29.10 Continuous Risk Monitoring

Lesson 30: Wireless Incident Response
30.1 Incident Response Plan
30.2 Detecting Wireless Incidents
30.3 Incident Containment
30.4 Eradication Steps
30.5 Recovery Procedures
30.6 Lessons Learned
30.7 Forensic Evidence Collection
30.8 Reporting Incidents
30.9 Legal Considerations
30.10 Improving Incident Response

Lesson 31: Wireless Forensics
31.1 Forensic Principles
31.2 Wireless Evidence Collection
31.3 Capturing Traffic for Forensics
31.4 Chain of Custody
31.5 Timeline Analysis
31.6 Data Recovery
31.7 Analyzing Attack Artifacts
31.8 Reporting Forensic Findings
31.9 Forensic Tools
31.10 Maintaining Forensic Readiness

Lesson 32: Advanced Wireless Attacks
32.1 Advanced DoS Techniques
32.2 WPA2 Krack Attack
32.3 WPS Attacks
32.4 Bluetooth Attacks
32.5 Zigbee Attacks
32.6 NFC Exploitation
32.7 Side-Channel Attacks
32.8 Firmware Exploitation
32.9 Wireless Injection Attacks
32.10 Advanced Attack Mitigations

Lesson 33: Bluetooth Security Assessment
33.1 Bluetooth Protocol Overview
33.2 Bluetooth Security Modes
33.3 Bluetooth Vulnerabilities
33.4 Bluejacking
33.5 Bluesnarfing
33.6 Bluebugging
33.7 Bluetooth Penetration Tools
33.8 Bluetooth Device Discovery
33.9 Mitigating Bluetooth Threats
33.10 Auditing Bluetooth Implementations

Lesson 34: Wireless IoT Security
34.1 IoT Device Overview
34.2 Wireless Protocols for IoT
34.3 IoT Threat Landscape
34.4 IoT Vulnerability Assessment
34.5 IoT Device Hardening
34.6 IoT Network Segmentation
34.7 IoT Firmware Security
34.8 IoT Data Encryption
34.9 IoT Security Monitoring
34.10 IoT Incident Response

Lesson 35: Wireless Network Segmentation
35.1 Segmentation Concepts
35.2 VLANs in Wireless
35.3 Guest Network Isolation
35.4 SSID Segmentation
35.5 Firewall Rules for Wireless
35.6 Restricting Lateral Movement
35.7 Wireless to Wired Segmentation
35.8 Segmentation Testing
35.9 Monitoring Segmentation
35.10 Segmentation Policy

Lesson 36: Wireless Network Performance Analysis
36.1 Performance Metrics
36.2 Throughput Testing
36.3 Latency Analysis
36.4 Packet Loss Measurement
36.5 Wireless Interference
36.6 Channel Utilization
36.7 Bandwidth Management
36.8 QoS Implementation
36.9 Performance Monitoring Tools
36.10 Performance Tuning

Lesson 37: Mobile Device Security in Wireless
37.1 Mobile Device Threats
37.2 Mobile OS Security
37.3 Wireless Security Apps
37.4 MDM Solutions
37.5 Mobile Device Encryption
37.6 App-based Attacks
37.7 Secure Wireless Configuration
37.8 Monitoring Mobile Devices
37.9 Mobile Device Policy
37.10 Incident Response for Mobile

Lesson 38: Wireless Attack Simulation and Red Teaming
38.1 Red Team vs Blue Team
38.2 Attack Simulation Planning
38.3 Wireless Attack Scenarios
38.4 Simulated Phishing via Wi-Fi
38.5 Wireless Social Engineering
38.6 Reporting Findings
38.7 Purple Team Exercises
38.8 Red Team Tools
38.9 Assessment Metrics
38.10 Improving Wireless Defenses

Lesson 39: Wireless Security Awareness Training
39.1 End User Training
39.2 Wireless Policy Communication
39.3 Social Engineering Awareness
39.4 Public Wi-Fi Risks
39.5 Phishing via Wireless
39.6 Reporting Suspicious Activity
39.7 Secure Wireless Practices
39.8 Training Effectiveness Measurement
39.9 Continuous Training Programs
39.10 Training Materials Development

Lesson 40: Wireless Security Auditing Tools
40.1 Tool Selection Criteria
40.2 Aircrack-ng Suite Details
40.3 Kismet Advanced Features
40.4 Wireshark Filters
40.5 Metasploit Module Use
40.6 OpenVAS for Wireless
40.7 Nessus in Wireless Auditing
40.8 Custom Scripting
40.9 Reporting Integration
40.10 Tool Maintenance

Lesson 41: Wireless Network Hardening
41.1 Disabling Unused Services
41.2 Changing Default Settings
41.3 Strong Authentication
41.4 Disabling WPS
41.5 Disabling SSID Broadcast
41.6 Limiting Signal Coverage
41.7 AP Placement Security
41.8 Regular Firmware Updates
41.9 Secure Management Interfaces
41.10 Hardening Checklist

Lesson 42: Wireless Vulnerability Management
42.1 Vulnerability Lifecycle
42.2 Discovery Techniques
42.3 Patch Management
42.4 Remediation Planning
42.5 Vulnerability Prioritization
42.6 Monitoring for New Vulnerabilities
42.7 Reporting and Metrics
42.8 Regulatory Requirements
42.9 Automated Vulnerability Scanning
42.10 Continuous Improvement

Lesson 43: Physical Security for Wireless Networks
43.1 Physical Threat Overview
43.2 Securing AP Locations
43.3 Locking Network Equipment
43.4 Tamper Detection
43.5 Surveillance Integration
43.6 Visitor Management
43.7 Physical Penetration Testing
43.8 Environmental Controls
43.9 Asset Inventory
43.10 Physical Security Policy

Lesson 44: Wireless Guest Network Security
44.1 Guest Network Design
44.2 Guest SSID Configuration
44.3 Captive Portals
44.4 Access Restrictions
44.5 Monitoring Guest Usage
44.6 Time/Quota Limits
44.7 Guest Network Isolation
44.8 Legal and Privacy Considerations
44.9 Guest Policy Communication
44.10 Auditing Guest Networks

Lesson 45: Cloud-Managed Wireless Security
45.1 Cloud Wireless Solutions
45.2 Security Benefits
45.3 Cloud Authentication
45.4 Cloud Management Risks
45.5 Data Privacy
45.6 Multi-Tenancy Considerations
45.7 Integrating Cloud with On-Prem
45.8 Monitoring Cloud Wireless
45.9 Cloud Security Best Practices
45.10 Incident Response in Cloud

Lesson 46: Wireless Security in BYOD Environments
46.1 BYOD Policy Overview
46.2 Device Registration
46.3 Network Segmentation for BYOD
46.4 MDM Integration
46.5 Encryption Requirements
46.6 Access Control Strategies
46.7 Monitoring BYOD Devices
46.8 User Training
46.9 BYOD Incident Response
46.10 BYOD Policy Enforcement

Lesson 47: Legal and Regulatory Issues in Wireless Security
47.1 Lawful Intercept
47.2 Privacy Laws
47.3 Wireless Frequency Regulations
47.4 Unauthorized Access Laws
47.5 Computer Fraud and Abuse Act
47.6 GDPR and Wireless
47.7 Data Retention Laws
47.8 Wireless Security Standards
47.9 International Regulations
47.10 Legal Risk Mitigation

Lesson 48: Reporting and Documentation
48.1 Reporting Format
48.2 Executive Summaries
48.3 Technical Findings
48.4 Risk Ratings
48.5 Remediation Recommendations
48.6 Supporting Evidence
48.7 Compliance Mapping
48.8 Stakeholder Communication
48.9 Report Review Process
48.10 Report Retention

Lesson 49: Maintaining Wireless Security Posture
49.1 Continuous Monitoring
49.2 Patch and Update Cycles
49.3 User Awareness Refreshers
49.4 Policy Review
49.5 Security Metrics
49.6 Technology Refresh
49.7 New Threat Intelligence
49.8 Third-Party Assessments
49.9 Automated Security Checks
49.10 Long-Term Security Planning

Lesson 50: GAWN Exam Preparation and Review
50.1 GAWN Exam Structure
50.2 Study Resources
50.3 Exam Domains
50.4 Practice Questions
50.5 Time Management
50.6 Test-Taking Strategies
50.7 Review Common Pitfalls
50.8 Recap Key Concepts
50.9 Exam Registration Tips
50.10 Continuing Education after GAWN