HOME - NEWS EVENTS - MAILING LISTS - OPST/OPSA TRAINING & EXAMS - ABOUT US - CORE TEAM - MEDIA KIT - CONTACT - OPEN LICENSES 




 


 
  TEAM ACCESS
     Beta Releases
     Gold Team Updates

  PROJECTS & RESEARCH
     Business Integrity Testing
     Compromise Detection
     Jack of All Trades
     Hacker Highschool
     Hacker's Profiling Project
     Protocol Database
     Security Incident Policy Enforcement
     Security Metrics
     Security Maturity Model
     Secure Programming
     Security Testing Methodology
     Software Quality Testing
     Security Tools
     Trusted Computing
     XML
     Graduate Projects

  ACCREDITED TRAINING
     ISESTORM Event 
     OPSA - Security Analyst 
     OPST - Security Tester 
     OPSE - OSSTMM Expert 
     OWSE - OSSTMM Wireless Expert 
     Hacker Highschool Teacher
     Training Material Accreditation 
     Trainer & Training Certification
     Training & Exam Schedule

  ASSOCIATIONS 

     ISECOM Associates
     ISECOM Affiliates
     ISECOM Partners
     ISECOM Auditors
     Sponsors

  SERVICES 

     Security Test Review
     Gold/Silver Subscriptions 
ISECOM - Institute for Security and Open Methodologies

www.isecom.org - ACCREDITED TRAINING - OWSE


OSSTMM WIRELESS SECURITY EXPERT (OWSE)


 


Do you need to see our Training Schedule?

The OWSE certification program is designed for those who want to learn more about the various ways to technically execute a comprehensive and professional wireless security audit within the internationally recognized Open-Source Security Testing Methodology Manual (OSSTMM) framework. Unlike other wireless courses which are limited to "administration"-style, access-point-centric viewpoints, the OWSE is designed  from the ground up to teach wireless security from the start point of understanding the fundamentals of Radio Frequency (RF) and RF Spectrum Analysis, through to understanding the salient features of IEEE 802.11 protocol frames and how to analyze information contained in 802.11 packet dumps before arriving at the higher-level 802.11-based security concerns, e.g. how to penetrate wireless LANs. Beyond this, the OWSE covers advanced methods of auditing wireless networks by targeting wireless clients, as well as how to build your own wireless tools to augment your wireless auditing capabilities.

This instructor-led, intensely practical, hands-on certification program teaches a vendor-independent approach to practical security testing of wireless networks and provides students with the correct balance of skill and ethics based on best practices and worldwide consensus. By equipping the students with the correct technical skill sets, as well as an understanding of legal issues involved in testing a target, the OWSE will enhance the capability of professional security testers and provide novices with the proper methodology and skills to conduct OSSTMM-compliant wireless security tests.

While the program syllabus should be used to determine if this program is appropriate for the attendee based on their current skills and requirements, all participants will come away with the following:

  • A solid understanding about Radio Frequency (RF) fundamentals.

  • The ability to isolate and analyze wireless networks from Layer 1 to Layer 3.

  • The knowledge of what preparations have to be made prior to conducting a wireless security test.

  • Comprehensive technical understanding of how to practically execute a wireless security test.

  • How to audit wireless networks using a variety of tools including DIY tools.

  • The ability to infer and recommend countermeasures based on wireless audit results.

  • The legal implications of wireless security testing.


This 3-day program consists of a wide variety of practical coursework (hands-on labs) as well as a practical, lab-based certification exam on last day.

PRE-REQUISITES

We recommend that participants have a fundamental interest in wireless networking technologies, as well as already being familiar with networking and security basics (e.g. TCP/IP, networking hardware, firewalls, routers, access points, how to use a wireless network as a user, etc).

COURSE OVERVIEW

The OWSE focuses primarily on providing students with the technical knowledge, skills and methodology to execute a wireless audit. Key among this is the drilling of the student to be a self-starter in doing research whenever they encounter a problem. Broadly speaking, the topics covered as part of this certification program are as follows:


Part 1: What is the OSSTMM?
Defining the OSSTMM
Legal & Best Practice compliance

Part 2: Radio Frequency (RF) Fundamentals
The Nature and Characteristics of RF
Power and Distance
Signal Attenuation
RF Interference
RFSpectrum Analysis
Understanding the Wireless Footprint : MAX SOIL
Understanding the Wireless Footprint : SR SOIL

Part 3: Wireless 101
802.11 and other wireless standards
Wireless Equipment
Wireless Chipsets
Wireless Accessories
Wireless Frame Analysis
Locking Down the Auditing Station
Tool Selection

Part 4: Wireless Security Testing: Infrastructure
Understanding 802.11i
WEP Analysis
Auditing WEP
WPA-PSK Analysis
Auditing WPA-PSK
WPA/2 Analysis
Auditing WPA/2

Part 5: Wireless Security Testing: Client
Auditing the Wireless Client
Probes and Probing
The WCCD Vulnerability

Part 6: Testing with a Twist
Ph00ling
Long Range Auditing
Build Your Own Hardware: Cantennas
Build Your Own Hardware: NIC Jacks
Concluding the Audit
 

EXAM OVERVIEW

The OWSE certification exam is a practical examination. This means that the candidate is presented with a completely blind and unknown actual target wireless infrastructure and is expected to apply the knowledge learnt to obtain the answers to the examination questions. Apart from ensuring that no "brain-dumping" occurs which could devalue the certification as has happened with other certifications, the OWSE certification exam tests the candidate's ability to combine and use a plethora of technical and analytical skills to obtain answers to the questions.

The OWSE exam requires a total number of 100 responses within 4 hours. Some responses require the student to conduct multi-stage analysis, all while undergoing the pressure of time-management, similar to what one would fin in a real world environment.

A candidate who manages to attain the coveted OWSE certification will have proven that he/she is able to confidently, consistently, methodically and professionally execute a complete and comprehensive technical wireless audit against a wireless network from a variety of angles.

 

 
 

 

Formerly the Ideahamster Organization - www.isecom.org - www.osstmm.orgwww.hackerhighschool.org - www.isestorm.org
 If you have any comments, questions, or to note broken links on this website send e-mail to the Webmaster. 
 All contents copyright © 2000 - 2006 - ISECOM - Institute for Security and Open Methodologies. All rights reserved.