Wireless, including (and especially) Wi-Fi is no longer set-and-forget. The systems need at least a bit of continuous care and feeding, along with basic monitoring and reporting to ensure integrity of the system is being maintained, and that the infrastructure is ready for tomorrow's demands.

This chapter includes the following topics:

• Security Testing and Assessments of Wireless Networks
• Security Monitoring and Tools for Wireless
• Logging, Alerting, and Reporting Best Practices
• Troubleshooting Wi-Fi Security
• Training and Other Resources

Security Testing and Assessments of Wireless Networks

First, let's talk about security testing and assessments, which specifically encompasses the types of services and testing that are frequently performed by a third party (exclusively or in addition to internal testing). These include audits (against some compliance framework), security assessments, vulnerability assessments, and of course penetration testing.

These four types of testing are often confused and conflated with one another, but in all cases in information security these are each quite unique with different methodologies, goals, and deliverables. Together, these practices along with ongoing internal monitoring comprise a robust security management program for wireless networks (or any network, for that matter.)