McGraw hill CWNA certified wireless network administrator official study guide 4th edition aug 2007

115 Spread Spectrum Technologies and IEEE 802.11 Standards.. This CWNA Certified Wireless Network Administrator Official Study Guide is intended to help you understand the wireless LAN

Certifi ed Wireless Network Administrator

Offi cial Study Guide

McGraw-Hill is an independent entity from Planet3 Wireless and is not

affiliated with Planet3 Wireless in any manner This publication may be

used in assisting students to prepare for the CWNA Exam Neither Planet3

Wireless nor McGraw-Hill warrant that use of this publication will ensure

passing any exam CWNA and CWNP are registered trademarks of Planet3

Wireless in the United States and/or other countries.

or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher

0-07-159551-1

The material in this eBook also appears in the print version of this title: 0-07-149490-1.

All trademarks are trademarks of their respective owners Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark Where such designations appear in this book, they have been printed with initial caps

McGraw-Hill eBooks are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate training programs For more information, please contact George Hoare, Special Sales, at george_hoare@mcgraw-hill.com or (212) 904-4069

TERMS OF USE

This is a copyrighted work and The McGraw-Hill Companies, Inc (“McGraw-Hill”) and its licensors reserve all rights in and to the work Use of this work is subject to these terms Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill’s prior con- sent You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited Your right to use the work may be terminated if you fail to comply with these terms

THE WORK IS PROVIDED “AS IS.” McGRAW-HILL AND ITS LICENSORS MAKE NO GUARANTEES OR RANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE McGraw-Hill and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free Neither McGraw-Hill nor its licensors shall be liable to you

WAR-or anyone else fWAR-or any inaccuracy, errWAR-or WAR-or omission, regardless of cause, in the wWAR-ork WAR-or fWAR-or any damages resulting therefrom McGraw-Hill has no responsibility for the content of any information accessed through the work Under no circumstances shall McGraw-Hill and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise

We hope you enjoy this McGraw-Hill eBook! If you’d like more information about this book, its author, or related books and websites,

please click here.

Professional

Want to learn more?

who tolerated my odd hours and lack of attention during the writing of this book Tracy, you are the most amazing and wonderful thing that has ever happened to me and this book exists because of your faith in me—you have my eternal gratitude.

I would like to acknowledge the helpful staff at McGraw-Hill for bearing with my delays on this project Writing two books at the same time is quite

a challenge, but we did it together I want to thank Criss Hyde particularly His technical knowledge of the IEEE 802.11 standard (among other standards) is amazing, and he is an exceptional technical editor I also want

to thank Joel Barrett, the series editor for this book, who helped to keep me sane during the rough stages Thanks everyone The book turned out very well, and it could not have happened without you all

Tom Carpenter is a technical experts’ expert He teaches in-depth

courses on Microsoft technologies, wireless networking, and security, and professional development skills such as project management, team leadership, and communication skills for technology professionals Tom holds a CWNA, CSWP, and Wireless# certification with the CWNP program and is also a Microsoft Certified Partner The Wireless Networking, Windows Administration, and IT Project Management Bootcamps that Tom offers annually provide the in-depth knowledge

IT professionals need to succeed He lives with his lovely wife, Tracy, and their four children, Faith, Rachel, Thomas, and Sarah, in Ohio His company, SYSEDCO, provides training and consulting services throughout the United States For more information about Tom and the services offered by his company, visit www.SYSEDCO.com

About the Series Editor

Joel Barrett is a senior-level wireless networking expert with Cisco

Systems Joel has attained networking certifications such as Cisco’s CCNP and CCDP, Microsoft’s MCSE, and Novell’s Master CNE For wireless certifications, he holds Cisco’s Wireless Design and Support specializations,

as well as the CWNP Program’s Wireless#, CWNA, CWSP, CWAP, and CWNE certifications He is CWNE #6 and a founding member of the CWNE Roundtable, a steering committee for the CWNE certification program Joel is also certified to instruct Cisco’s Unified Wireless and Mesh Networking courses

Within Cisco, Joel consults primarily with large enterprise customers concerning wireless deployments He is a senior advisor for Cisco’s wireless

virtual team He is also an author and technical editor for books such as CWNP

Dictionary of Terms and Acronyms, CWNP Wireless# Exam Mega Guide, Wireless Networks First-Step, CWSP Official Study Guide, First Edition, and Managing and Securing a Cisco Structured Wireless-Aware Network He is the

series editor for McGraw-Hill’s CWNP Official Study Guides

lives by:

■ “If it were easy, anyone could do it.”

About the Technical Editor

Criss Hyde has thirty years of IT experience beginning with punch cards

and Fortran He holds engineering and law degrees from Pennsylvania State University and George Mason University respectively, and current

Sun Microsystems, and WildPackets He became an early friend to The CWNP Program, has edited many of its books and exams, and has earned all of its certifications He has worked 16 years for Raytheon Company and is a member of the IEEE Standards Association and the Virginia Bar Association Criss is the husband of one wife and the father of eight home-schooled children He heartily agrees with Vint Cerf that for the good of mankind and the IPv6 Internet, the NAT boxes have to go away

Contents

Introduction xv

Part I Understanding Wireless Technologies 1

Chapter 1 Wireless Standards, Organizations, and Applications 3

Roles Organizations Play Within the WLAN Industry 5

Regulatory Domain Governing Bodies 6

ITU-R 9

IEEE 10

IETF 16

Wi-Fi Alliance 17

Spread Spectrum Technology Uses 18

Wireless LANs 18

Wireless PANs 19

Wireless MANs 20

Wireless WANs 20

Wireless LAN Technology Roles 21

Corporate Data Access and End-User Mobility 21

Network Extension to Remote Areas 23

Building-to-Building Connectivity: Bridging 24

Last-Mile Data Delivery: Wireless ISP 25

Small Office/Home Office (SOHO) Use 26

Mobile Office Networking 26

Educational/Classroom Use 27

Industrial: Warehousing and Manufacturing 28

Health Care: Hospitals and Offices 29

Hotspots: Public Network Access 29

Summary 30

Key Terms 31

Review Questions 32

Chapter 2 Radio Frequency and Antenna Fundamentals 35

Electromagnetic Waves: A Quick Tour 37

History of Electromagnetic Waves 37

Early Radio Technologies 38

Fundamentals of Electromagnetic Waves 39

RF Characteristics 42

Wavelength 42

Frequency 44

Amplitude 46

Phase 48

RF Behavior 49

Gain 49

Loss 51

Reflection 52

Refraction 54

Diffraction 55

Scattering 56

Absorption 56

VSWR 58

Return Loss 60

Amplification 61

Attenuation 61

Wave Propagation 61

Free Space Path Loss 62

Multipath and Delay Spread 65

Basic RF Math 66

Watt 66

Milliwatt 67

Decibel (dB) 68

dBm 72

dBi 74

dBd 74

SNR 74

RSSI 75

Link Budget and System Operating Margin (SOM) 77

Fade Margin 80

Intentional Radiator 81

Equivalent Isotropically Radiated Power (EIRP) 81

FCC Rules for Output Power 81

RF Signal and Antenna Concepts 85

Visual LOS 86

RF LOS 86

The Fresnel Zone 86

Beamwidths 90

Azimuth and Elevation 92

Isotropic Radiator 94

Polarization 95

Antenna Diversity 96

Antennas and Antenna Systems 97

Omnidirectional/Dipole Antennas 97

Semidirectional Antennas 100

Highly Directional Antennas 102

Sectorized and Phased-Array Antennas 102

Multiple-Input, Multiple-Output (MIMO) Antenna Systems 103

Summary 104

Key Terms 105

Review Questions 107

Chapter 3 Spread Spectrum Technologies 113

The OSI Model 114

Introducing the OSI Model 114

The OSI Model Briefly Explained 115

Spread Spectrum Technologies and IEEE 802.11 Standards 117

Spread Spectrum Versus Narrowband Technology 117

FHSS 121

DSSS 122

HR/DSSS 123

OFDM and ERP-OFDM 123

IEEE 802.11n 125

How Spread Spectrum Technology Works 126

Modulation 126

Coding 131

Spread Spectrum Fundamental Concepts 134

Dwell Time and Hop Time 134

Carrier Frequencies, Channel Centers, and Widths 136

Colocation 140

Throughput Versus Data Rate 142

Bandwidth 143

Communication Resilience 143

Summary 144

Key Terms 145

Review Questions 146

Chapter 4 IEEE 802.11 In Depth 151

Terminology Review 153

Frames, Packets, and Datagrams 153

Bits, Bytes, and Octets 154

MAC & PHY 156

IEEE 802.11 CSMA/CA 160

Carrier Sense 161

Interframe Spacing 163

Contention Window 165

Collision Avoidance 167

Frame Types and Formats Compared 167

IEEE 802.11 Frame Format Versus IEEE 802.3 Frame Format 168

Frame Types 169

Layer 3 Protocol Support by IEEE 802.11 Frames 171

Jumbo Frame Support (Layer 2) 173

MTU Discovery and Functionality (Layer 3) 174

IEEE 802.11 Frames and Frame Exchange Sequences 174

MAC Functions 175

Beacon Management Frame 176

Active Scanning (Probes) 177

Passive Scanning (Beacons) 180

Authentication and Association Processes 180

The IEEE 802.11 State Machine 181

Authentication 183

Association, Reassociation, and Disassociation 187

Regulatory Domain Requirements 189

Data Flow Optimization Across the RF Medium 189

DCF 189

PCF 190

IEEE 802.11e and WMM 191

RTS/CTS and CTS-to-Self Protocols 193

Fragmentation 195

Dynamic Rate Switching 196

Summary 196

Key Terms 197

Review Questions 198

Part II Deploying Wireless LANs 201

Chapter 5 Wireless Design Models, Topologies, and Infrastructure 203

WLAN Service Sets 204

Stations, BSSs and BSAs 204

Ad Hoc Mode and IBSS 206

Infrastructure Mode and ESS 207

BSSID and SSID 209

Distribution System (DS) 210

Distribution System Medium (DSM) 210

Distribution System Services (DSS) 211

Starting and Joining a BSS 211

Layer 2 and Layer 3 Roaming 212

WLAN Design Models 216

Site-to-Site Connections 217

WLAN Models 218

Wireless Mesh Networks 220

Evolution of WLAN Models 222

WLAN Power Management Features 224

Active Mode 224

Power Save Mode 224

WMM Power Save (U-APSD) 225

TIM/DTIM/ATIM 225

Summary 227

Key Terms 228

Review Questions 229

Chapter 6 Site Surveys and Network Planning 233

Physical and RF Site Surveys 235

Physical Site Surveys 236

RF Site Surveys 237

Manual RF Site Survey Preparation 238

Determine the Organization’s Needs and Objectives 238

Determine How to Implement a WLAN That Meets the Objectives 246

Documenting Manual RF Site Surveys: Before and After 250

Gathering Business Requirements 251

Gathering Site-Specific Documentation 257

Gathering Permits and Zoning Requirements 263

Indoor- or Outdoor-Specific Information 264

Performing Manual and Automated Site Surveys 268

Site Survey Hardware Kits 268

Active Site Survey Tools and/or Applications 283

Passive Site Survey Tools and/or Applications 285

Manufacturer’s Client Utilities 286

Advanced Site Survey Tools 286

Automated Site Surveys 287

Performing Virtual Site Surveys 289

Independent Tools 290

Integrated Tools 291

Site Survey Verification Tools and/or Applications 292

Additional Considerations for RF Site Surveys 292

Interference Sources 292

Infrastructure Connectivity and Power Requirements 293

RF Coverage and Data Capacity Requirements 294

Voice Considerations 294

Client Connectivity Requirements 296

Documenting the Site Survey Findings 296

Site Survey Reporting Procedures 297

Creating an Implementation Plan 299

Touring Site Survey Tools 300

Aruba Mobility Management System 300

Trapeze Networks RingMaster 304

Summary 312

Key Terms 314

Review Questions 315

Chapter 7 Infrastructure Hardware and Software 319

Installing, Configuring, and Managing WLAN Devices 321

Access Points 322

Enterprise WLAN Switches/Controllers 348

Remote Office WLAN Switches/Controllers 354

PoE Injectors and Switches 355

WLAN Bridges 361

Residential WLAN Gateways 365

Enterprise Encryption Gateways 366

WLAN Mesh Routers 367

WLAN Markets and Appropriate Gear 369

New WLAN Solutions 371

Improving Manageability 371

Wireless Technology Convergence 372

Increased Data Rates 373

Location Tracking with WLAN Solutions 373

Implementing Voice-Capable WLANs 374

VoWLAN Overview 374

WLAN Accessories 376

Amplifiers 376

Attenuators 378

Lightning Arrestors 379

Grounding Rods/Wires 380

Towers, Safety Equipment, and Concerns 380

RF Cables 381

RF Connectors 381

RF Signal Splitters 382

Antenna Installation 382

A Guided Tour of WLAN Components 383

Access Points 383

WLAN Switch/Controller 387

WLAN Residential Gateway 391

Summary 396

Key Terms 398

Review Questions 399

Chapter 8 Client Devices and Software 407

WLAN Client Device Internals 408

Installing, Configuring, and Managing WLAN Client Devices 409

PC Cards (ExpressCard, CardBus, and PCMCIA) 409

USB, CF, and SD Devices 413

PCI and Mini-PCI Cards 416

Wireless Presentation Gateways 418

Installing a WLAN Client Device 421

Operating System Clients Versus NIC Vendor Clients 421

Installing WLAN Client Drivers and Software 422

Connecting to a WLAN 427

Summary 433

Key Terms 434

Review Questions 435

Part III Securing Wireless LANs 437

Chapter 9 Wireless Vulnerabilities and Attack Methods 439

Identifying and Preventing WLAN Security Attacks 440

Eavesdropping 441

Hijacking 446

Denial of Service 448

Management Interface Exploits 451

Encryption Cracking 452

Authentication Cracking 453

MAC Spoofing 454

Peer-to-Peer Attacks 457

Social Engineering 460

Know Your Enemy 463

General Security Principles 466

CIA 466

AAA 467

Summary 469

Key Terms 470

Review Questions 471

Chapter 10 Designing and Implementing Security for Wireless LANs 475

Implementing IEEE 802.11 Security 476

Pre-RSNA Security 476

RSNA Security 484

AAA Security Components 494

Common Terms 496

WLAN Client Security Solutions 497

Client Devices 497

Role-Based Access Control 499

Profile-Based firewalls 500

Network Access Control (NAC) 500

Captive Portals / Web Authentication 501

IPsec VPN 502

WLAN System Security and Management 504

SNMPv3 / HTTPS / SSH2 505

Rogue AP and Client Detection and/or Containment 507

IEEE 802.11 Network Security Policy Basics 511

Describe the Following General Security Policy Elements 512

Describe the Following Functional Security Policy Elements 513

Security Policy Recommendations 513

Advanced WLAN Security Topics 515

VLANs 516

Layered Security 516

Common Security Myths 518

MAC Filtering 518

SSID Hiding 519

All Modern Equipment Uses “Better WEP” 520

WLANs Can’t Be Secured 520

Summary 521

Key Terms 522

Review Questions 523

Part IV Installation and Analysis Tools 527

Chapter 11 Wireless Problem Discovery and Solutions 529

Installing, Configuring, Integrating, and Managing WLAN Analysis Systems 530

Handheld and Laptop Protocol Analyzers 530

Basic Protocol Analysis 534

RF Spectrum Analyzers 553

Wireless Intrusion Prevention Systems 558

Distributed RF Spectrum Analyzers 560

Protocol and Spectrum Analysis Case Studies 560

Case Study 1: Security 561

Case Study 2: Performance 562

Case Study 3: General Fault Finding 566

Summary 569

Key Terms 570

Review Questions 571

Chapter 12 Troubleshooting and Testing Tools 573

Troubleshooting Methodologies 574

REACT 575

OSI Model 578

Hardware/Software Model 580

Symptom, Diagnosis, and Solution 582

Systems Thinking 583

WLAN Implementation Challenges 584

System Throughput 585

Co-Channel and Adjacent-Channel Interference 588

RF Noise and Noise Floor 589

Narrowband and Wideband RF Interference 590

Multipath 590

Hidden Nodes 592

Near-Far Problem 594

Weather 595

Troubleshooting VoWLAN Issues 595

Summary 597

Key Terms 598

Review Questions 599

Appendix The CWNP Rosetta Stone 603

CWNP Exam Terms 604

Glossary 613

Index 625

The wireless networking market is in a continual state of change There have been more than a dozen amendments to the IEEE 802.11 standard since it was first released, and as I write these words in mid-2007, the IEEE is preparing to release the IEEE 802.11-2007 rollup any day now For this reason, it is important that a wireless network administrator stay

on top of the changes in wireless networking This book and the CWNA certification is a great place to start

This CWNA Certified Wireless Network Administrator Official Study

Guide is intended to help you understand the wireless LAN (WLAN)

technology in depth and to help you prepare for the CWNA certification exam (PW0-100) The CWNA certification is an intermediate-level certification that prepares the candidate to implement, troubleshoot, and maintain small, medium, and large wireless networks The certification covers the following major wireless networking topics:

If you are new to wireless networking, or to networking in general, this book is a great place to start When you accomplish the level of expertise needed for the CWNA exam and certification, you’ll find it much easier

to move on to more advanced certifications such as the CWSP (Certified Wireless Security Professional), and CWNE (Certified Wireless Network Engineer) You’ll also find it much easier to understand the material and concepts included in vendor-specific wireless certifications

Who This Book Is For

This book focuses on the objectives for the CWNA exam, but it’s also a useful learning tool for anyone wanting to master the many domains of wireless You’ll learn about wireless technology basics such as radio frequency–based communications, and you’ll learn about specific standards and protocols that

make it all work In addition, using step-by-step procedures, you will learn how to install, secure, and troubleshoot Wi-Fi or 802.11-based networks effectively You’ll even learn to use wireless LAN analysis tools that reveal the way your wireless network works and help you troubleshoot network problems The glossary provides you with a quick reference for definitions and basic knowledge of the many topics covered in this book.

As you prepare for the CWNA certification, as with most other certifications, you need some hands-on experience with the technology

to seal the information in your mind In particular, be sure you have experience configuring access points and client devices Linksys access points will provide all the features with which you should be familiar, and you can connect to them with most any client device However, you’ll get the best experience if you have access to small and medium business–class wireless LAN switches as well Make sure you learn to use a wireless LAN protocol analyzer as Chapter 11 teaches This makes for good testing and experience, but any vendor’s access point should suffice as long as it provides most of the common features provided by autonomous access points The main goal is to get your hands on some equipment and work through the configuration steps

The CWNP web site (www.cwnp.com) lists official CWNA training courses available in your area These courses provide you with access to

a certified instructor who can help answer any questions you may have related to the certification You will also see demonstrations of equipment that may be more difficult to acquire on your own I always recommend attending the official courses when time and the budget allow

Wireless Beginners

If you’re new to the world of wireless networking or have just acquired your Wireless# certification, the CWNA certification is for you too

There is no other vendor-neutral certification that does a better job of proving you understand how wireless really works.

What’s New in the Fourth Edition

In order to keep up with the changes in wireless networking, the Fourth Edition diminishes the coverage of older technologies such as Frequency Hopping Spread Spectrum and unused technologies such as the Point Coordination Function Basic coverage of IEEE 802.11n has been included, but the coverage is not in-depth as the standard has not yet been ratified at publication time More in-depth information is provided on the topics of protocol and spectrum analyzers as well as site survey processes and utilities

In addition, different perspectives and depth of coverage can be found in the foundational chapters that focus on radio frequency and its behavior and functionality The book is a complete rewrite from the ground up and readers

of previous editions should find many new thoughts and practical applications

to assist with exam preparation and wireless network administration

How This Book Is Organized

The CWNA Certified Wireless Network Administrator Official Study Guide

is organized so that you can start at the beginning and work your way through, or if you have mastered the information in the first few chapters, you can jump right to the chapter most relevant to your current needs Each chapter begins with a list of exam objectives covered in that chapter and ends with review questions and answers to help you retain the important information covered There are notes throughout the book that highlight interesting nuggets of information or warn you of common mistakes made with wireless technology

Exam Objectives

The CWNA certification exam certifies that successful candidates understand the following topics and concepts related to wireless LANs:

■ IEEE 802.11 Network Security

The exam lasts 90 minutes and consists of 60 questions You must answer

70 percent of the questions correctly to achieve a passing score (80 percent

if you hope to become a CWNT – Certified Wireless Networking Trainer) Practice exams are available at the CWNP web site, and the objectives listed next might change, so you should consult the web site frequently for the most current objectives The following table breaks down the weight of each section of objectives on the exam

Subject Area

Approximate Percent of Exam

IEEE 802.11 Regulations and Standards 12 percentIEEE 802.11 Protocols and Devices 14 percentIEEE 802.11 Network Implementation 21 percent

Radio Frequency (RF) Technologies – 21%

1.1 RF Fundamentals

1.1.1 Define and explain the basic concepts of RF behavior

■ Equivalent Isotropically Radiated Power (EIRP)

1.3 RF Signal and Antenna Concepts

1.3.1 Identify RF signal characteristics, the applications of basic RF antenna

concepts, and the implementation of solutions that require RF antennas

■ Isotropic Radiator

1.3.2 Explain the applications of basic RF antenna and antenna system

types and identify their basic attributes, purpose, and function

■ Omnidirectional / Dipole Antennas

■ Semidirectional Antennas

■ Highly Direction Antennas

■ Sectorized Antennas

1.3.3 Describe the proper locations and methods for installing RF antennas

■ Ceiling Mount

1.4 RF Antenna Accessories

1.4.1 Identify the use of the following WLAN accessories and explain

how to select and install them for optimal performance and regulatory domain compliance

IEEE 802.11 Regulations and Standards – 12%

2.1 Spread Spectrum Technologies

2.1.1 Identify some of the uses for spread spectrum technologies

2.1.2 Comprehend the differences between, and explain the different

types of spread spectrum technologies and how they relate to the IEEE 802.11 standard’s PHY clauses

2.1.4 Identify and apply the concepts which make up the functionality of

spread spectrum technology

■ Colocation

■ Carrier Frequencies

■ Dwell Time and Hop Time

2.2 IEEE 802.11 Standard (as amended)

2.2.1 Identify, explain, and apply the frame and frame exchange

sequences covered by the IEEE 802.11 standard (as amended).2.2.2 Identify and apply regulatory domain requirements

2.2.3 IEEE 802.11 CSMA/CA

2.3 IEEE 802.11 Industry Organizations and Their Roles

2.3.1 Define the roles of the following organizations in providing direction,

cohesion, and accountability within the WLAN industry

■ Wi-Fi Alliance

IEEE 802.11 Protocols and Devices – 14%

3.1 IEEE 802.11 Protocol Architecture

3.1.1 Summarize the processes involved in authentication and association

■ Open System Authentication, Shared Key Authentication, and Deauthentication

■ Association, Reassociation, and Disassociation3.1.2 Define, describe, and apply the following concepts associated with

WLAN service sets

■ Stations and BSSs

■ Starting and Joining a BSS

■ Distribution System (DS)

■ Distribution System Media

3.1.3 Explain and apply the following power management features

of WLANs

3.2 IEEE 802.11 MAC & PHY Layer Technologies

3.2.1 Describe and apply the following concepts surrounding

WLAN frames

■ Terminology Review: Bits, Bytes, and Octets

■ Terminology: MAC & PHY

3.2.2 Identify methods described in the IEEE 802.11 standard for

locating, joining, and maintaining connectivity with an IEEE 802.11 WLAN

■ Active Scanning (Probes)

■ Passive Scanning (Beacons)

3.2.3 Define, describe, and apply IEEE 802.11 coordination functions

and channel access methods and features available for optimizing data flow across the RF medium

3.3 WLAN Infrastructure and Client Devices

3.3.1 Identify the purpose of the following WLAN infrastructure devices

and describe how to install, configure, secure, and manage them

■ Lightweight Access Points

■ Enterprise Encryption Gateways

3.3.2 Describe the purpose of the following WLAN client devices and

explain how to install, configure, secure, and manage them

IEEE 802.11 Network Implementation – 21%

4.1 IEEE 802.11 Network Design, Implementation, and Management

4.1.1 Identify technology roles for which WLAN technology is appropriate

and describe implementation of WLAN technology in those roles

■ Building-to-Building Connectivity - Bridging

■ Last-Mile Data Delivery – Wireless ISP

■ Educational / Classroom Use

■ Healthcare – Hospitals and Offices

■ Power over Ethernet (PoE) (IEEE 802.3-2005, Clause 33)

4.2 IEEE 802.11 Network Troubleshooting

4.2.1 Identify and explain how to solve the following WLAN

implementation challenges using features available in enterprise-class WLAN equipment

■ RF Noise and Noise Floor

IEEE 802.11 Network Security – 16%

5.1 IEEE 802.11 Network Security Architecture

5.1.1 Identify and describe the strengths, weaknesses, appropriate uses,

and appropriate implementation of the following IEEE 802.11 security-related items:

■ Open System Authentication

■ Shared Key Authentication

■ IEEE 802.11, Clause 8

■ Preshared Key (PSK) / Passphrase Authentication

■ Certificates and PACs

■ Key Hierarchies

■ EAP types

■ Local Authentication Database

5.1.2 Describe the following types of WLAN security attacks, and

explain how to identify and prevent them where possible

5.1.3 Describe, explain, and illustrate the appropriate applications for the

following client-related wireless security solutions

■ Role-Based Access Control

■ IPsec VPN

■ Profile-Based Firewalls

■ Captive Portals / Web Authentication

5.1.4 Describe, explain, and illustrate the appropriate applications for the

following WLAN system security and management features

5.2 IEEE 802.11 Network Security Analysis and Troubleshooting

5.2.1 Identify the purpose and features of the following wireless analysis

systems and explain how to install, configure, integrate, and manage them as applicable

■ RF Spectrum Analyzers

■ Distributed Wireless Intrusion Prevention Systems (WIPS)

5.3 IEEE 802.11 Network Security Policy Basics

5.3.1 Describe the following General Security Policy elements

■ Impact Analysis5.3.2 Describe the following Functional Security Policy elements

■ Baseline Practices

■ Design and Implementation Practices

■ Physical Security

■ Social Engineering

■ Monitoring, Response, and Reporting

IEEE 802.11 RF Site Surveying – 16%

6.1 IEEE 802.11 Network Site Survey Fundamentals

6.1.1 Explain the importance and processes involved in conducting

a complete manual RF site survey6.1.2 Explain the importance of and the processes involved in

documenting manual RF site surveys

■ Defining Security Requirements

■ Gathering Site-Specific Documentation

■ Indoor- or Outdoor-Specific Information

6.1.3 Explain the technical aspects and information collection procedures

involved in manual and virtual RF site surveys

■ Interference Sources

■ Infrastructure Connectivity and Power Requirements

■ Data Capacity Requirements

6.2.1 Identify the equipment, applications, and system features involved

in performing virtual site surveys

■ Predictive Analysis / Simulation Applications (Also Called RF Planning Tools)

■ Integrated Virtual Site Survey Features of WLAN Switches/Controllers

■ Site Survey Verification Tools and/or Applications

■ Indoor Site Surveys Versus Outdoor Site Surveys6.2.2 Identify the equipment and applications involved in performing

manual site surveys

■ Site Survey Hardware Kits

■ Active Site Survey Tools and/or Applications

■ Passive Site Survey Tools and/or ApplicationsTips for Succeeding on the CWNA Exam

Here are some general tips that will help you become a successful CWNA examinee:

CWNP web site at www.cwnp.com

gives you time to review your notes and relax before entering the exam center

■ Read each question carefully to be sure you understand it (I always read each question at least twice even if I’m “sure”

I know the answer.)

your score

■ Do not rely on this study guide as your only learning resource This book is not intended to provide you with direct answers to every CWNA exam question, but it is intended, when used in conjunction with hands-on experience, to provide you with the knowledge and skills you need to determine the proper answers to the questions.You are provided with instant notification of passing in the Examination Score Report These scores are also sent to Planet3 Wireless, Inc., within ten working days After you pass the exam, you receive a CWNA Certificate and a welcome e-mail with your CWNP ID number within three weeks.Feel free to e-mail me with any questions you have about the technologies covered in this book My e-mail address is carpenter@sysedco.com, and I love helping people learn technology and success skills, so don’t hesitate to ask your questions Happy studying and good luck on your certification journey!

Understanding Wireless

In This Part

Wireless Standards, Organizations, and ApplicationsRadio Frequency and Antenna FundamentalsSpread Spectrum TechnologiesIEEE 802.11 In Depth

Wireless Standards,

Organizations, and Applications

CWNA Exam Objectives Covered:

❖ Define the roles of the following organizations

❖ Identify some of the uses for spread spectrum

technologies

❖ Identify technology roles for WLAN technologies

1

In This Chapter

Governing BodiesIEEE

Wi-Fi AllianceSpread Spectrum Technology UsesWLAN Technology Roles

Wireless local area networks (WLANs) are being used very heavily

in government and private sector networks today The technology needs no introduction from the perspective of awareness, but there is still much to do in the areas of understanding and effective utilization Various branches of government have come to see WLAN technology

as a value-added solution instead of a threat that is to be avoided However, they have also seen the need to implement security, which has led to both good and bad security policies, as reflected in government regulations and memos The good policies are born from a proper understanding of the functionality of WLANs, and the bad policies have evolved from errors in the understanding of foundational principles

of wireless networks The goal of this chapter—and this book—is

to take you on a journey that will lead you to a solid foundational knowledge of WLANs My hope is that fewer mistakes will be made in the areas of security and technology investment as more engineers and administrators are trained and certified in WLAN technology

When you extend the analysis to health care, private sector organizations, and home environments, the impact of wireless networking technologies greatly increases There are very few homes remaining in the United States that do not have at least one wireless device—even if it is a cordless telephone There are even fewer businesses that are not taking advantage of the benefits of wireless equipment In business, this equipment list includes the following items, as well as others that are not listed:

devicesSince this list is only partial and represents some of the more common devices implemented, you can see that wireless technology is

being used in many beneficial ways In this chapter, you will learn about the organizations that guide the WLAN industry and also briefly consider the standards that are used within WLANs Next, the four main uses of wireless spread spectrum technology are discussed, leading to an understanding of the applications available Finally, you investigate many of the specific ways in which wireless technology is being implemented today.

Roles Organizations Play

Within the WLAN Industry

There are three primary categories of organizations that guide the wireless industry These categories include regulation, standardization, and

compatibility The Federal Communications Commission (FCC) and the

European Telecommunications Standards Institute (ETSI) are examples

of regulatory bodies The Institute of Electrical and Electronics Engineers

(IEEE) is an example of a standards development organization, and the Wi-Fi Alliance is a compatibility testing and certification group.

It is important to understand what these organizations do, but it is equally important to understand how they work together As an example, consider the interdependency between the FCC and the IEEE or the relationship between the Wi-Fi Alliance and the IEEE The FCC sets the boundaries within which the IEEE may develop standards The Wi-Fi Alliance tests equipment to certify it as being reasonably interoperable These three organizations provide regulation, standardization, and compatibility services for WLAN technologies within the United States.The benefits to the consumer are clear When there are regulations

in place, such as power output limits, it is easier to implement localized wireless networks with less interference from surrounding networks When there are standards in place, such as the IEEE 802.11 standard, it is easier

to purchase devices from different vendors that are interoperable When there are certifications in place that validate interoperability, consumers can buy products with confidence that those similarly certified devices should be interoperable at some level and fewer man-hours are required for compatibility testing

In the ideal world, we would get all these benefits with exact perfection

In the real world, interference is reduced, but not eliminated; hardware is interoperable, but not necessarily fully compatible; testing time is reduced, but not completely eliminated If you are installing a wireless network in

an office, which shares space with other offices, you may still encounter interference—even with the lower output power If you are working with devices from different vendors, you may encounter specific compatibility issues outside the standards upon which the devices are based If you are implementing hardware that has been certified by the Wi-Fi Alliance, you should still test it with your hardware to ensure there are no compatibility issues Even with these realities, the benefits that the regulatory, standards, and compatibility organizations have brought to the wireless industry are immeasurable.

Regulatory Domain Governing Bodies

A regulatory domain can be defined as a bounded area that is controlled

by a set of laws or policies Currently, there are governing bodies at the city, county, state, and country levels within the United States In other countries, governments exist with similar hierarchies or with a single level of authority at the top level of the country In many cases, these governments have assigned the responsibility of managing communications

to a specific organization that is responsible to the government In the United States, this organization is the FCC In the UK, it is the Office of Communications (OfCom) In Australia, it is the Australian Communications and Media Authority The following sections outline just four of these governing bodies and the roles they play in the wireless networking industry of their respective regulatory domains

FCC

The Federal Communications Commission (FCC) was born out of the Communications Act of 1934 Charged with the regulation of interstate and international communications by radio, television, cable, satellite, and wire, the FCC has a large body of responsibility The regulatory domain covered

by the FCC includes all 50 states of the United States as well as the District

of Columbia and other U.S possessions like the Virgin Islands and Guam.Because WLAN devices use radio wave communications, they fall under the regulatory control of the FCC The factors regulated by the FCC include

Radio Frequencies Available You will learn more about radio

frequencies in Chapters 2 and 3 For now, it is enough to know that a radio

frequency is measured in hertz (Hz) Hertz is the measurement of wave

cycles per second; therefore, a radio frequency of 2.412 gigahertz (GHz) cycles 2,412,000 times per second The FCC regulates which frequencies may be used within the regulatory domain it manages For example, the FCC provides two types of license-free bands for radio communications: the Industrial Scientific Medical (ISM) bands and the Unlicensed National

Information Infrastructure (U-NII—usually pronounced you-knee) bands

Currently, there are 11 ISM bands in various frequencies throughout the radio frequency spectrum, but only the one starting at 2.4 GHz is used by IEEE 802.11, and it is the frequency band most familiar to WLAN users The four U-NII bands exist in the 5 GHz frequency range, and are all used

by IEEE 802.11 Table 1.1 provides a summary of the ISM and U-NII license-free bands used by IEEE 802.11

These license-free bands provide both a benefit and a disadvantage The benefit comes from the fact that you are not required to obtain a license

to communicate within these license-free bands This means that you can buy FCC authorized equipment and install it in your environment without any required permits or fees However, the disadvantage of using license-free bands is that others can also use them This means you will have to deal with contention and interference issues and ensure that you have the bandwidth available for your intended purpose in the environment where you will be implementing the WLAN

It would be nice if we could even say that the use of the license-free bands is on a “first-come, first-serve” basis, but it is not You may have

a WLAN installed for years only to have a nearby organization install a WLAN on the same frequencies you’ve been using, which can cause major contention on your network The reality is that, as long as this neighboring

TABLE 1.1 Unlicensed (License-Free) Bands Used by IEEE 802.11

Frequency Band Total Bandwidth License-Free Band

network is within FCC regulations, there is very little that can be done aside from some careful negotiations on wireless device placement and channel usage I will provide more information about this in Chapter 6.

Output Power Levels The FCC also regulates the output power levels

of radio frequency devices within these license-free bands Table 1.2 gives

a brief summary of the output power limits imposed by the FCC There are more complex scenarios that apply to the use of the ISM band that will be covered in Chapter 2

Indoor and Outdoor Usage Finally, the FCC limits the 5.15–5.25

U-NII band to indoor-only usage The other U-NII bands can be used indoors or outdoors; however, the 5.725–5.825 band is especially well suited for outdoor operations The area usage of the U-NII bands is summarized in Table 1.2

The 2.4 GHz ISM band may be used indoors or outdoors, and the output power at the intentional radiator cannot exceed 1 watt For indoor devices, the output power is usually well under 1 watt and generally resides

in a range from 30 to 300 milliwatts

I’ll cover output power concepts and regulations in more detail in Chapter 2 For now, you will want to remember that in the United States, the FCC regulates the frequencies used, the output power levels, and the indoor/outdoor usage limitations

OfCom and ETSI

The Office of Communications (OfCom) is charged with ensuring optimal use of the electromagnetic spectrum, for radio communications, within the UK OfCom provides documentation of and forums for discussion

of valid frequency usage in radio communications The regulations put forth by the OfCom are based on standards developed by the European

TABLE 1.2 FCC Power Output Limits—U-NII Bands

Band

Power Output Limits Area Usage

U-NII 5.15–5.25 GHz 40 mW Restricted to indoor operationsU-NII 5.25–5.35 GHz 200 mW Indoor/outdoor

U-NII 5.470–5.725 GHz 200 mW Indoor/outdoorU-NII 5.725–5.825 GHz 800 mW Higher output power assumes

outdoor operations

Telecommunications Standards Institute (ETSI) These two organizations work together in much the same way the FCC and IEEE do in the United States.

MIC and ARIB

In Japan, the Ministry of Internal Affairs and Communications (MIC) is the governing body over radio communications However, the Association

of Radio Industries and Businesses (ARIB) was appointed to manage the efficient utilization of the radio spectrum by the MIC In the end, ARIB is responsible for regulating which frequencies can be used and such factors

as power output levels

ACMA

The Australian Communications and Media Authority (ACMA) replaced the Australian Communications Authority in July 2005 as the governing body over the regulatory domain of Australia for radio communications management Like the FCC in the United States, the ACMA is charged with managing the electromagnetic spectrum in order to minimize interference This is done by limiting output power in license-free frequencies and by requiring licenses in some frequencies

ITU-R

The International Telecommunications Union Radiocommunication Sector (ITU-R) is a sector of the International Telecommunications Union (ITU) The ITU, after an evolving history, was designated as a United Nations specialized agency on October 15, 1947 The constitution of the ITU declares its purposes as

its Member States for the improvement and rational use of telecommunications of all kinds

in the activities of the Union, and to foster fruitful cooperation and partnership between them and Member States for the fulfillment of the overall objectives embodied in the purposes of the Union

■ To promote and offer technical assistance to developing countries

in the field of telecommunications, and also to promote the mobilization of the material, human, and financial resources needed

to improve access to telecommunications services in such countries

■ To promote the development of technical facilities and their most efficient operation, with a view to improving the efficiency

of telecommunication services, increasing their usefulness and making them, so far as possible, generally available to the public

technologies to all the world’s inhabitants

objective of facilitating peaceful relations

and constructive cooperation and partnership between Member States and Sector Members in the attainment of those ends

■ To promote, at the international level, the adoption of a broader approach to the issues of telecommunications in the global information economy and society, by cooperating with other world and regional intergovernmental organizations and those nongovernmental organizations concerned with telecommunications.The ITU-R, specifically, maintains a database of the frequency

assignments worldwide and helps coordinate electromagnetic spectrum management through five administrative regions These five regions are

■ Region D: Africa

Each region has one or more local regulatory groups such as the FCC in Region A for the United States or the ACMA in Region E for Australia Ultimately, the ITU-R provides the service of maintaining the Master International Frequency Register of 1,265,000 terrestrial frequency assignments

IEEE

The Institute of Electrical and Electronics Engineers (IEEE) states their mission as being the world’s leading professional association for the