Risk mitigation in wireless security is one of the largest areas of exposure in information security. The Organization requires an assessment of WiFi access points in the surrounding areas of two primary locations. Our Wireless Assessment will help the Organization determine:
- Adherence to wireless policy and effectiveness of related organizational controls; and,
- Compliance with regulations and control frameworks, such as the Payment Card Industry Data Security Standard (PCI DSS), COBIT, ISO 27002 (formerly 17799) and GLBA.
Sample Objectives for Wireless Access Assessment:
- Enumeration of Wireless Networks – Using Wi-Fi antenna, specialized software and a gps receiver to enumerate networks.
- Monitoring – Passive monitoring of the 802.11 a/b/g channel to detect the presence of wireless networks.
- Identification – Identify wireless networks belonging to the Organization
- Assessment – Assess traffic for potential wireless vulnerabilities.
Penetration (optional) – Attempt to exploit vulnerabilities discovered.