EC-Council CEH

CEH v4 Domain #6: Wireless Network Hacking

November 30, 2021 by Greg Belding

Organizations that want to maximize the chances of not being another statistic of malicious hacking can hire a certified ethical hacker. These “white hat” hackers test an organization’s systems, networks, and overall information security. The Certified Ethical Hacker, or CEH, certification is a well-renowned cert that verifies the knowledge and skills of these “white hat” heroes.

The CEH certification is currently on Exam Blueprint v4.0, which has changed how the domains of knowledge are presented. Explore, in detail, domain #6 of CEH Exam Blueprint v4.0, Wireless Network Hacking. Learn what the CEH certification is, changes since the last exam version, the target audience, and the content that domain #6 of the CEH exam certification will cover.

What is the CEH certification?

The CEH certification verifies that the holder has a practical understanding of the phases of ethical hacking, the various attack vectors, and the preventative countermeasures used by ethical hackers. It certifies that the holder knows how to think and act like a malicious hacker to better position your organization’s information security measures and better defend against real-world attacks. It is premised on the idea that if you understand vulnerabilities and system weaknesses your organization faces, you can better strengthen system security controls in the face of malicious activity and attacks.

Who is the target audience for CEH?

From a high-level view, any information security professional wants their organization to be better positioned in the face of attacks and malicious activity. Below is a list of roles that typically earn this certification:

  • Information Security Analyst
  • Information Assurance Security Officer
  • Information Security Manager/Specialist
  • Information Systems Security Engineer/Manager
  • Information Security Professionals/Officers
  • Risk/Threat/Vulnerability Analyst
  • Information Security/IT Auditors

What has changed since CEH Exam Blueprint v3?

They say that the only thing constant in life is change, which applies to the new CEH Exam Blueprint. Normally, I offer a side-by-side comparison of the old and new exam versions, but in the case of CEH, so much has changed we will keep it brief. Domain #6 of CEH Exam Blueprint v3.0 was entitled “Regulation/Policy.” It consisted of one subdomain, making up 1.9% of CEH exam content and accounting for two exam questions.

In CEH Exam Blueprint v4.0, domain #6 is now titled “Wireless Network Hacking,” which covers 6% of CEH exam content and represents eight CEH certification exam questions. The one subdomain of domain #6 is Hacking Wireless Networks, which covers the following objectives:

  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Wireless Countermeasures
  • Wireless Security Tools

Let’s explore this content below.

Hacking wireless networks

Wireless Concepts

  • Wireless Terminologies
    • Global System for Mobile Communication (GSM)
    • Wireless Access Point (WAP)
    • Service Set Identifier (SSID)
    • Basic Service Set Identifier (BSSID)
    • ISM Band
  • Types of Wireless Networks
    • Wireless Personal Area Network (Wireless PAN)
    • Wireless Local Area Network (WLAN)
    • Wireless Metropolitan Area Network (WMAN)
    • Wireless Wide Area Network (WWAN)
  • Wireless Technology
    • 802.11
    • 802.11 a/b/g/n
    • Wi-Fi Authentication Modes
      • Open Authentication
      • Shared Key Authentication
    • Wi-Fi Authentication with Centralized Authentication Server
    • Wi-Fi Chalking
      • War Walking
      • War Chalking
      • War Flying
      • War Driving
    • Wireless Antenna
      • Directional
      • Omnidirectional
      • Parabolic
      • Yagi-Uda (Yagi)
      • Dipole

Wireless Encryption

  • Wired Equivalent Privacy (WEP)
    • Highly vulnerable
    • Weak Initialization Vectors (IV)
    • Breaking WEP Encryption
      • Monitor the access point channel
      • Test the injection capability of the access point
      • Use tools to exploit authentication
      • Sniff the packets using Wi-Fi sniffing Tools
      • Use an encryption tool to inject the encrypted packets
      • Use the cracking tool to extract the encryption key
  • Wi-Fi Protected Access (WPA) Encryption
    • Temporal Key Integrity Protocol
  • WPA2 Encryption

Wireless Threats

  • Access Control Attacks
  • Integrity and Confidentiality Attacks
  • Availability Attacks
  • Authentication Attacks
  • Rogue Access Point Attack
  • Client Misassociation
  • Misconfigured Access Point Attack
  • Unauthorized Association
  • Ad Hoc Connection Attack
  • Signal Jamming Attack

Wireless Hacking Methodology

  • Wi-Fi Discovery
  • GPS Mapping
  • Wireless Traffic Analysis
  • Launch Wireless Attacks

Wireless Hacking Tools

  • Airwaves
  • Net Surveyor
  • Aircrack-ng

Bluetooth Hacking

  • Blue Smacking
  • Bluebugging
  • Blue Jacking
  • Blue Printing
  • Bluesnarfing

Wireless Countermeasures

Wireless Security Tools

  • Wireless Intrusion Prevention Systems (WIPS)
  • Wi-Fi Security Auditing Tool
    • AirMagnet Wi-Fi Analyzer
    • Motorola’s AirDefense Services Platform (ADSP)
    • Cisco Adaptive Wireless IPS
    • Aruba RFProtect

CEH’s domain 6

Certified Ethical Hacker, or CEH, is a certification intended for information security professionals who want to bring ethical hacking benefits to their organization. You have to pass the CEH certification exam to earn this certification, which is now operating under the v4.0 Exam Blueprint and has significantly changed the material covered in CEH domain #6, Wireless Network Hacking. Use this article as your roadmap to this domain of the CEH exam that you will have to master to earn this ethical hacking certification. 

 

Sources

Posted: November 30, 2021
Author
Greg Belding
View Profile

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.

Leave a Reply

Your email address will not be published.