CWNP Wireless Security Professional CWSP-207 Exam Questions

Text Material Preview

1 / 6
Pass CWNP CWSP-207 Exam with Real Questions
CWNP CWSP-207 Exam
CWNP Wireless Security Professional (CWSP)
https://www.passquestion.com/CWSP-207.html
35% OFF on All, Including CWSP-207 Questions and Answers
Pass CWNP CWSP-207 Exam with PassQuestion CWSP-207
questions and answers in the first attempt.
https://www.passquestion.com/
https://www.passquestion.com/
2 / 6
1.What are of some of the common security capabilities often integrated within in access points deployed
in a distributed WLAN architecture?
A. Captive web portal
B. Firewall
C. Integrated RADIUS
D. WIPS
E. All of the above
Answer: E
2.In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?
A. In home networks in which file and printer sharing is enabled
B. At public hot-spots in which many clients use diverse applications
C. In corporate Voice over Wi-Fi networks with push-to-talk multicast capabilities
D. In university environments using multicast video training sourced from professor's laptops
Answer: B
3.What are some of the purposes of the 4-Way Handshake? (Choose all that apply.)
A. Transfer the GTK to the supplicant.
B. Derive a PTK from the PMK.
C. Transfer the GMK to the supplicant.
D. Confirm cipher suites.
Answer: ABD
4.What kind of remote actions can an MDM administrator send to the mobile device over the Internet?
A. Configuration changes
B. Restrictions changes
C. Locking the device
D. Wiping the device
E. Application changes
F. All of the above
Answer: F
5.Given: You must implement 7 APs for a branch office location in your organization. All APs will be
autonomous and provide the same two SSIDs (CORP1879 and Guest).
Because each AP is managed directly through a web-based interface, what must be changed on every AP
before enabling the WLANs to ensure proper staging procedures are followed?
A. Fragmentation threshold
B. Administrative password
C. Output power
D. Cell radius
Answer: B
6.When using the 802.1X/EAP framework for authentication in 802.11 WLANs, why is the 802.1X
Controlled Port still blocked after the 802.1X/EAP framework has completed successfully?
3 / 6
A. The 802.1X Controlled Port is always blocked, but the Uncontrolled Port opens after the EAP
authentication process completes.
B. The 802.1X Controlled Port remains blocked until an IP address is requested and accepted by the
Supplicant.
C. The 4-Way Handshake must be performed before the 802.1X Controlled Port changes to the
unblocked state.
D. The 802.1X Controlled Port is blocked until Vender Specific Attributes (VSAs) are exchanged inside a
RADIUS packet between the Authenticator and Authentication Server.
Answer: C
7.As an auditor you have been asked to determine if the WLAN access points and client devices have
been configured with the proper encryption.
What should you use to answer this question for your customer? (Choose all that apply.)
A. Written corporate security policy
B. WLAN protocol analyzer
C. Aircrack-ng
D. coWPAtty
E. Asleap
Answer: AB
8.Which RADIUS packets can be sent from a RADIUS server to an access point when 802.1X/EAP is the
deployed WLAN security solution? (Choose all that apply.)
A. RADIUS Access-Request
B. RADIUS Access-Challenge
C. RADIUS Access-Accept
D. RADIUS Access-Reject
Answer: BCD
9.What can happen when an intruder compromises the preshared key used during WPA/WPA2-Personal
authentication? (Choose all that apply.)
A. Decryption
B. Eavesdropping
C. Spoofing
D. Encryption cracking
E. Access to network resources
Answer: AE
10.What are some of the advantages of using SAE authentication over PSK authentication? (Choose all
that apply.)
A. Protects against brute-force dictionary attacks.
B. Protects against forgery and replay attacks.
C. Protects against rogue APs and clients.
D. PMKs cannot be compromised or regenerated.
E. PMKs are no longer needed.
4 / 6
Answer: ABD
11.What protocols allow a network administrator to securely manage the configuration of WLAN
controllers and access points? (Choose 2)
A. SNMPv1
B. HTTPS
C. Telnet
D. TFTP
E. FTP
F. SSHv2
Answer: BF
12.What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA or
WPA2 is in use?
A. AKM Suite List
B. Group Cipher Suite
C. RSN Capabilities
D. Pairwise Cipher Suite List
Answer: A
13.Which management protocols are often used between a network management server (NMS) and
remote access points for the purpose of monitoring a WLAN? (Choose all that apply.)
A. IPsec
B. GRE
C. CAPWAP
D. DTLS
E. SNMP
Answer: CE
14.What would be the intended purpose of simulating Layer 2 deauthentication attacks as part of a WLAN
audit?
A. Audit Layer 1
B. Audit Layer 2
C. Audit the wired infrastructure
D. Audit the WIPS
Answer: D
15.The science of concealing plaintext and then revealing it is known as ___________, and the science of
decrypting the ciphertext without knowledge of the key or cipher is known as ____________.
A. encryption, decryption
B. cryptanalysis, cryptology
C. cryptology, cryptanalysis
D. cryptography, cryptanalysis
E. cryptography, steganography
5 / 6
Answer: D
16.Wireless Intrusion Prevention Systems (WIPS) provide what network security services? (Choose 2)
A. Configuration distribution for autonomous APs
B. Wireless vulnerability assessment
C. Application-layer traffic inspection
D. Analysis and reporting of AP CPU utilization
E. Policy enforcement and compliance management
Answer: BE
17.3DES has effective key sizes of how many bits? (Choose all that apply.)
A. 56
B. 64
C. 112
D. 128
E. 168
F. 192
Answer: ACE
18.What inputs are used by passphrase-PSK mapping to create a final 256-bit PSK during 802.11 PSK
authentication? (Choose all that apply.)
A. BSSID
B. SNonce
C. SSID
D. Client MAC address
E. AP MAC address
F. Passphrase
G. ANonce
Answer: CF
19.A WIDS/WIPS consists of which of the following components? (Choose two.)
A. WIDS/WIPS server
B. Midspan injector
C. Sensors
D. MDM server
E. SNMP server
Answer: AC
20.Which encryption types can be used to encrypt and decrypt unicast traffic with the pairwise transient
key (PTK) that is generated from a 4-Way Handshake? (Choose all that apply.)
A. Temporal Key Integrity Protocol
B. 3-DES
C. Dynamic WEP
D. CCMP
6 / 6
E. Proprietary encryption
F. Static WEP
Answer: ADE
21.What is some of the proper documentation needed prior to the WLAN security audit?
A. Statement of work
B. Liability waiver
C. Nondisclosure agreement
D. All of the above
Answer: D
22.What must occur in order for dynamic TKIP/ARC4 or CCMP/AES encryption keys to be generated?
(Choose all that apply.)
A. Shared Key authentication and 4-Way Handshake
B. 802.1X/EAP authentication and 4-Way Handshake
C. Open System authentication and 4-Way Handshake
D. PSK authentication and 4-Way Handshake
Answer: BD
23.What statement accurately describes the functionality of the IEEE 802.1X standard?
A. Port-based access control with EAP encapsulation over the LAN (EAPoL)
B. Port-based access control with dynamic encryption key management and distribution
C. Port-based access control with support for authenticated-user VLANs only
D. Port-based access control with mandatory support of AES-CCMP encryption
E. Port-based access control, which allows three frame types to traverse the uncontrolled port: EAP,
DHCP, and DNS.
Answer: A
24.Which of these types of EAP require a server-side certificate to create an encrypted TLS tunnel?
A. EAP-TTLS
B. EAP-PEAPv0 (EAP-MSCHAPv2)
C. EAP-PEAPv0 (EAP-TLS)
D. EAP-FAST
E. EAP-PEAPv1 (EAP-GTC)
F. EAP-LEAP
Answer: ABCE
	Pass CWNP CWSP-207 Exam with Real Questions
	CWNP CWSP-207 Exam
	CWNP Wireless Security Professional (CWSP)
	https://www.passquestion.com/CWSP-207.html 
	Pass CWNP CWSP-207 Exam with PassQuestion CWSP-207
	https