Certified Cybersecurity Technician - Module 11 - Wireless Network Security - Lab (EC-Council) (Z-Library)

📄 File Format: PDF

💾 File Size: 2.2 MB

📖 Read Online ⬇️ Download

Registered users can read the full content for free

Register as a Gaohf Library member to read the complete e-book online for free and enjoy a better reading experience.

📄 Page 1

Copyrights @ 2021 EC-Council International Ltd. 1Certified Cybersecurity Technician Module 11 WIRELESS NETWORK SECURITY CERTIFIED CYBERSECURITY TECHNICIAN Copyrights @ 2021 E -Council International Ltd.

📄 Page 2

Copyrights @ 2021 EC-Council International Ltd. 2Certified Cybersecurity Technician INDEX Module 11: Wireless Network Security Exercise 1: Configure Security on a Wireless Router 05

📄 Page 3

Copyrights @ 2021 EC-Council International Ltd. 3Certified Cybersecurity Technician LAB SCENARIO The cyberspace is heading toward a new era of technological evolution by using wireless technologies. Wireless networking is revolutionizing the way people work and play. By removing the physical connection or cable, individuals can use networks in newer ways that make data portable, mobile, and accessible. A wireless network can be insecure if proper care has not been taken while configuring it. Insecure configurations can pose a great risk to the wireless networks. A security professional must have the required knowledge to configure a wireless network as per the wireless according to the wireless security policy of an organization. LAB OBJECTIVE The objective of this lab is to provide expert knowledge in implementing wireless security policies. This includes knowledge of the following tasks: • Configuration of security policies on a wireless router OVERVIEW OF WIRELESS NETWORK SECURITY The use of wireless devices in various organizations is continuously growing. Therefore, it becomes increasingly important for organizations to track and manage their wireless assets for security purposes. To ensure effective security, an accurate and up-to-date inventory of wireless devices must be maintained. The inventory can help in quickly identifying non-functioning and rogue network devices present in a network. This helps in detecting unknown devices in the network. It is important to regularly scan this inventory; accordingly, security professionals can determine the rogue network devices, problematic devices, potential vulnerabilities, and devices that need a patch/update, etc., in a network. A network is only as secure as its weakest link. Information about all devices should be maintained regardless of their configuration settings or vendor.

📄 Page 4

Copyrights @ 2021 EC-Council International Ltd. 4Certified Cybersecurity Technician LAB TASKS A cyber security professional or a security professional use numerous tools and techniques to configure wireless network security policies. The recommended labs that will assist you in learning the implementation of wireless network security controls include: Note: Turn on PfSense Firewall virtual machine and keep it running throughout the lab exercises. Configure Security on a Wireless Router01

📄 Page 5

Copyrights @ 2021 EC-Council International Ltd. 5Certified Cybersecurity Technician EXERCISE 1: CONFIGURE SECURITY ON A WIRELESS ROUTER A wireless router is a device that performs the functions of a router and includes the functions of a wireless access point. LAB SCENARIO Organizations allow wireless devices to connect to their network in today’s environment (Bring Your Own Device or BYOD). However, the security of the network infrastructure is a major challenge for organizations while adopting wireless devices. A wireless router/access point is the main entry for attackers. Attackers compromise wireless access points to gain access to the organizational network. Organizations should ensure that their wireless access points are configured securely. A security professional should be able to configure the wireless router securely by applying all possible hardening techniques. LAB OBJECTIVE This lab will demonstrate the various hardening techniques on a wireless router. OVERVIEW OF WIRELESS ROUTER SECURITY A wireless router is the first line of defense against attackers trying to access the organization’s network. To prevent attackers from compromising the security of wireless routers, appropriate configuration changes need to be made in order to make a router more secure. LAB TASKS Note: Ensure that PfSense Firewall virtual machine is running.

📄 Page 6

Copyrights @ 2021 EC-Council International Ltd. 6Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R 1. Turn on the AD Domain Controller virtual machine. 2. Log in with the credentials CCT\Administrator and admin@123. 3. Open Google Chrome browser. Browse the Linksys Wireless router set up simulator available at http://ui.linksys.com/WRT54G/v8/8.00.0/ in your browser.

📄 Page 7

Copyrights @ 2021 EC-Council International Ltd. 7Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R 4. The Linksys router interface window will be displayed in the browser.

📄 Page 8

Copyrights @ 2021 EC-Council International Ltd. 8Certified Cybersecurity Technician 5. Click on Setup followed by Basic Setup. 6. Specify the Router name, Host name, and Domain name in Optional Settings (required by some ISPs) (here, we are taking Router Name as Linksys-Router Setup, Host Name as host1, Domain Name as domain1) 7. Ensure that the Auto option is selected from the drop-down menu for MTU. 8. The Local IP Address and Subnet Mask in the Router IP field are displayed. Set DHCP Server to Enable.

📄 Page 9

Copyrights @ 2021 EC-Council International Ltd. 9Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R

📄 Page 10

Copyrights @ 2021 EC-Council International Ltd. 10Certified Cybersecurity Technician 9. Specify the Starting IP Address and Maximum Number of DHCP Users. Type Client Lease Time in minutes. 10. Specify any three DNS server IP addresses in the Static DNS (1-3) fields. 11. Enter the WINS server IP address if you use a WINS server. 12. Click on the Save Settings button to save all changes. Note: If you receive any error message, reload the page and repeat the steps 6 to 11.

📄 Page 11

Copyrights @ 2021 EC-Council International Ltd. 11Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R

📄 Page 12

Copyrights @ 2021 EC-Council International Ltd. 12Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R 13. A prompt indicating that Settings are successful is displayed. Click on Continue.

📄 Page 13

Copyrights @ 2021 EC-Council International Ltd. 13Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R 14. Next, click on MAC Address Clone. 15. Ensure that Mac Clone is set to Disable.

📄 Page 14

Copyrights @ 2021 EC-Council International Ltd. 14Certified Cybersecurity Technician 16. Next, click on Advanced Routing. 17. Set the Operating Mode to Gateway. 18. Select a number from the Static Routing drop-down menu Select set number. 19. Enter the following details: • Router Name • Destination LAN IP • Subnet Mask • Default Gateway 20. Next, select an Interface from the drop-down menu (LAN & Wireless). 21. Click on Save Settings.

📄 Page 15

Copyrights @ 2021 EC-Council International Ltd. 15Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R

📄 Page 16

Copyrights @ 2021 EC-Council International Ltd. 16Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R 22. A prompt indicating that Settings are successful is displayed. Click on Continue.

📄 Page 17

Copyrights @ 2021 EC-Council International Ltd. 17Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R 23. Click on the Wireless tab in the menu bar. 24. Click on the Basic Wireless Settings tab. 25. Set Wireless SSID Broadcast to Disable.

📄 Page 18

Copyrights @ 2021 EC-Council International Ltd. 18Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R 26. Click on the Wireless Security tab next to the Basic Wireless Settings tab.

📄 Page 19

Copyrights @ 2021 EC-Council International Ltd. 19Certified Cybersecurity Technician 27. Select the strongest and most appropriate encryption mode from the drop-down menu for Security Mode. Note: Here, we consider WPA2 Personal as the strongest encryption mode for wireless security. Note: If you are unable to change the Security Mode, then follow the steps given below: • In the browser window, press Ctrl+H to open History window. In the left-pane click on Clear browsing data. • In the pop-up ensure that the Advanced tab is selected, and All Time is selected from the Time range drop down. • Ensure that all the options are checked in the Clear browsing data window and click on Clear data to clear all the cookies and cached data. • Reload the simulator tab and in the router interface window navigate to Wireless tab in the menu bar and click on Wireless Security tab. Then, perform Step#27 again. 28. Select AES for WPA Algorithms and enter a valid key value in the WPA Shared Key field. 29. Click on Save Settings.

📄 Page 20

Copyrights @ 2021 EC-Council International Ltd. 20Certified Cybersecurity Technician E X E R C IS E 1 : C O N FI G U R E S E C U R IT Y O N A W IR E LE SS R O U TE R