Physically locate rogue wireless devices within AOR
• Identify rogue devices with wireless discovery device • Physically locate rogue devices • Verify authorization for device or disable • Document wireless device information for rogue devices located outside AOR • Document and report wireless device information for rogue devices located within AOR through approved reporting channels • Track visit request to coordinate/prevent wireless enabled devices from entering/leaving AOR
Review Wireless Access Point audit logs
• Identify and research system warning and error messages • Identify and research failed access attempts • Identify and research communication problems • Track/monitor performance and activity
Review Wireless IDS audit logs
• Research generated alerts • Identify and research system warning and error messages • Identify and research failed access attempts • Identify and research communication problems • Track/monitor performance and activity
• Identify and research failed logon attempts • Identify and research system warning and error messages • Track/monitor performance and activity
Virus scan devices that are part of the wireless infrastructure
• Use approved virus scanner to scan wireless devices (where appropriate)
Weekly Tasks
Wireless device configuration management
• Check vendor sites for patch and firmware updates • Update Wireless IDS signature files • Update Anti-Virus signature files • Monitor security news sources for wireless security related information • Compare wireless network device configuration files against a baseline for changes • Check for Unnecessary Services
Archive Audit logs
• Archive audit logs to a media/device with one-year retention
Monitor wireless device performance
• Verify wireless encryption/authentication devices (RADIUS, IPSEC service, etc) for proper performance and activity • Run hardware integrity diagnostics on wireless network devices • Synchronize clock/time on wireless devices
Perform/verify weekly backup
• Run and verify that a successful backup of wireless network devices has been completed
Monthly Tasks
Perform Self-Assessment Security and Policy Review
• Use Wireless Checklist to perform Self-Assessment Security Review • Use Network Checklist to perform Self-Assessment Security Review • Ensure wireless infrastructure complies with site Wireless Policy • Develop plan to implement remediation actions to mitigate deviations • Implement corrective actions to mitigate deviations • Run an approved Vulnerability scanner (SCCVI)
Wireless device configuration management
• Compare device configuration with documented secure baseline • Verify physical location of wireless devices • Verify physical integrity of wireless devices (have devices been modified or opened) • Verify equipment has not been replaced or moved • Verify antenna location, position, and direction
Verify wireless client security configuration
• Spot check the configuration on a sample of wireless client devices (25% of wireless devices) • Identify wireless profiles that indicate wireless client is accessing unauthorized wireless networks
Quarterly Tasks
Wireless device configuration management
• Change administrator/management passwords on wireless network devices • Change Pre-Shared Key (PSK) on all appropriate devices
Test backup/restore procedures
• Restore backup files to a test system to verify procedures and files are usable
Wireless signal strength mapping
• Use mobile device to identify/document signal coverage of wireless network devices • Use mobile device to identify/document residential/commercial wireless devices that are visible during site surveys
Annual Tasks
Review and update site policies and training
• Ensure site Acceptable Use Policy addresses current Wireless Security Policy • Ensure personnel Annual Security Awareness Training addresses current site Wireless Security Policy • Ensure site Certification and Accreditation documents reflect the current wireless infrastructure • Ensure wireless users are informed about increased level of threat associated with wireless usage • Ensure wireless users receive additional training related to wireless attack detection and prevention
Initial
Tasks as Required
Wireless device configuration management
• Delete clients from the MAC address filtering list and access control list that no longer require wireless network access • Install vendor security patches • Update VMS for IAVMs • Update wireless device firmware • Schedule downtime for system/device reboots • Change all default passwords on new equipment
Wireless user account management
• Maintain list of authorized wireless users • Verify list of authorized wireless users still require wireless access • Verify User Account Configuration • Remove access from users that are no longer authorized for wireless access • Ensure new wireless users have signed a site Wireless Usage Agreement
Authorized wireless device tracking
• Maintain list of authorized wireless devices • Remove devices that are no longer approved for wireless access
After administrator personnel departure
• Change encryption keys on all wireless network devices • Change administrator passwords • Change passwords on wireless network devices • Remove departing administrator’s wireless access
INFOCON Status requirement changes
• Adjust wireless security review/configuration to reflect current INFOCON requirements
After system configuration changes
• Verify changes accomplish the desired objectives • Create Emergency System Recovery Data • Create new system configuration baseline • Document System Configuration Changes • Review and update SSAA • Update VMS for Asset Changes • Run and verify that a successful backup of the device has been performed • Note the locations of wireless routers, APs, repeaters, dependent security devices, and antenna on installation maps and floor plans • Use mobile device to identify/document signal coverage of wireless network devices (same process as Monthly Task)
After security incident involving wireless infrastructure
Hacking: A Beginners Guide To Your First Computer Hack; Learn To Crack A Wireless Network, Basic Security Penetration Made Easy and Step By Step Kali Linux
Evaluation of Some Websites that Offer Virtual Phone Numbers for SMS Reception and Websites to Obtain Virtual Debit/Credit Cards for Online Accounts Verifications
Palo Alto Networks: The Ultimate Guide To Quickly Pass All The Exams And Getting Certified. Real Practice Test With Detailed Screenshots, Answers And Explanations
Computer Networking: The Complete Beginner's Guide to Learning the Basics of Network Security, Computer Architecture, Wireless Technology and Communications Systems (Including Cisco, CCENT, and CCNA)
Cybersecurity: A Simple Beginner’s Guide to Cybersecurity, Computer Networks and Protecting Oneself from Hacking in the Form of Phishing, Malware, Ransomware, and Social Engineering