CWSP-208 Leak Questions

When compliance reporting and forensic analysis are required and the WLAN vendor’s centralized management system does not provide it, deploying a dedicated overlay WIPS is the most effective solution. Overlay WIPS uses dedicated sensors independent of the WLAN’s operational radios, offering detailed threat detection, compliance logging, and reporting capabilities that often surpass native WLAN features.

WIPS (Wireless Intrusion Prevention Systems) monitor the RF environment and detect unauthorized activities. However, eavesdropping involves passive listening to wireless communications without transmitting any signals. Because the attacker is not transmitting or generating any detectable activity, a WIPS has no RF signal to detect and is thus unable to identify or prevent this attack.

PCI-DSS (Payment Card Industry Data Security Standard) applies to all entities that process, store, or transmit credit card data. Since Point-of-Sale (PoS) systems handle such transactions in retail environments, the wireless network supporting them must comply with PCI-DSS. This includes encrypting wireless transmissions, segmenting network traffic, and implementing WIPS for rogue detection and logging.

Many protocol analyzers require special drivers or place the NIC into monitor/promiscuous mode. When used this way, the original driver stack may be altered or replaced. Afterward, if not correctly reloaded, the adapter may lack full 802.1X support or required encryption features. This is likely the case here — Mary's WLAN adapter is still under the control of or affected by the analyzer’s NIC driver, which doesn’t support PEAP properly.