Manual
Scope
- Document written authorization and test window
- Define target area and acceptable techniques
- Define evidence handling and redaction rules
Survey
- Inventory SSIDs/BSSIDs/channels
- Record signal observations and environmental factors
- Capture evidence artifacts (timestamps, configurations)
Analysis
- Identify weak configurations and exposure points
- Correlate with business impact (coverage, rogue AP risk, weak auth)
- Prepare clean, reproducible notes for the report
Reinforcement
- Hardening recommendations (auth, segmentation, monitoring)
- Operational mitigations (rogue detection, logging, alerting)