Summer Sale- Special Discount Limited Time 65% Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

CWNP CWSP-208 Certified Wireless Security Professional (CWSP) Exam Practice Test

Page: 1 / 12
Total 119 questions

Certified Wireless Security Professional (CWSP) Questions and Answers

Question 1

Given: You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data.

What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?

Options:

A.

All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.

B.

Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.

C.

Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.

D.

Only Wireshark can be used to capture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.

E.

The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.

Question 2

Which of the following security attacks cannot be detected by a WIPS solution of any kind? (Choose 2)

Options:

A.

Rogue APs

B.

DoS

C.

Eavesdropping

D.

Social engineering

Question 3

Given: The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions.

What are three uses for such a tool? (Choose 3)

Options:

A.

Transmitting a deauthentication frame to disconnect a user from the AP.

B.

Auditing the configuration and functionality of a WIPS by simulating common attack sequences

C.

Probing the RADIUS server and authenticator to expose the RADIUS shared secret

D.

Cracking the authentication or encryption processes implemented poorly in some WLANs

Question 4

You are configuring seven APs to prevent common security attacks. The APs are to be installed in a small business and to reduce costs, the company decided to install all consumer-grade wireless routers. The wireless routers will connect to a switch, which connects directly to the Internet connection providing 50 Mbps of Internet bandwidth that will be shared among 53 wireless clients and 17 wired clients.

To ensure the wireless network is as secure as possible from common attacks, what security measure can you implement given only the hardware referenced?

Options:

A.

WPA-Enterprise

B.

802.1X/EAP-PEAP

C.

WPA2-Enterprise

D.

WPA2-Personal

Question 5

What software and hardware tools are used together to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network? (Choose 2)

Options:

A.

RF jamming device and a wireless radio card

B.

A low-gain patch antenna and terminal emulation software

C.

A wireless workgroup bridge and a protocol analyzer

D.

DHCP server software and access point software

E.

MAC spoofing software and MAC DoS software

Question 6

What type of WLAN attack is prevented with the use of a per-MPDU TKIP sequence counter (TSC)?

Options:

A.

Weak-IV

B.

Forgery

C.

Replay

D.

Bit-flipping

E.

Session hijacking

Question 7

Given: One of the security risks introduced by WPA2-Personal is an attack conducted by an authorized network user who knows the passphrase. In order to decrypt other users’ traffic, the attacker must obtain certain information from the 4-way handshake of the other users.

In addition to knowing the Pairwise Master Key (PMK) and the supplicant’s address (SA), what other three inputs must be collected with a protocol analyzer to recreate encryption keys? (Choose 3)

Options:

A.

Authenticator nonce

B.

Supplicant nonce

C.

Authenticator address (BSSID)

D.

GTKSA

E.

Authentication Server nonce

Question 8

What 802.11 WLAN security problem is directly addressed by mutual authentication?

Options:

A.

Wireless hijacking attacks

B.

Weak password policies

C.

MAC spoofing

D.

Disassociation attacks

E.

Offline dictionary attacks

F.

Weak Initialization Vectors

Question 9

You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?

Options:

A.

802.1X/EAP-TTLS

B.

Open 802.11 authentication with IPSec

C.

802.1X/PEAPv0/MS-CHAPv2

D.

WPA2-Personal with AES-CCMP

E.

EAP-MD5

Question 10

What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hot-spots?

Options:

A.

Require Port Address Translation (PAT) on each laptop.

B.

Require secure applications such as POP, HTTP, and SSH.

C.

Require VPN software for connectivity to the corporate network.

D.

Require WPA2-Enterprise as the minimal WLAN security solution.

Question 11

What elements should be addressed by a WLAN security policy? (Choose 2)

Options:

A.

Enabling encryption to prevent MAC addresses from being sent in clear text

B.

How to prevent non-IT employees from learning about and reading the user security policy

C.

End-user training for password selection and acceptable network use

D.

The exact passwords to be used for administration interfaces on infrastructure devices

E.

Social engineering recognition and mitigation techniques

Question 12

In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?

Options:

A.

In home networks in which file and printer sharing is enabled

B.

At public hot-spots in which many clients use diverse applications

C.

In corporate Voice over Wi-Fi networks with push-to-talk multicast capabilities

D.

In university environments using multicast video training sourced from professor’s laptops

Question 13

As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?

Options:

A.

Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.

B.

Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.

C.

Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.

D.

A trained employee should install and configure a WIPS for rogue detection and response measures.

E.

Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

Question 14

As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.

When writing the 802.11 security policy, what password-related items should be addressed?

Options:

A.

MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

B.

Password complexity should be maximized so that weak WEP IV attacks are prevented.

C.

Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.

D.

Certificates should always be recommended instead of passwords for 802.11 client authentication.

E.

EAP-TLS must be implemented in such scenarios.

Question 15

Given: ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN.

Before creating the WLAN security policy, what should you ensure you possess?

Options:

A.

Awareness of the exact vendor devices being installed

B.

Management support for the process

C.

End-user training manuals for the policies to be created

D.

Security policy generation software

Question 16

You must support a TSN as you have older wireless equipment that will not support the required processing of AES encryption. Which one of the following technologies will you use on the network so that a TSN can be implemented that would not be required in a network compliant with 802.11-2012 non-deprecated technologies?

Options:

A.

WEP

B.

RC4

C.

CCMP

D.

WPA2

Question 17

What disadvantage does EAP-TLS have when compared with PEAPv0 EAP/MSCHAPv2 as an 802.11 WLAN security solution?

Options:

A.

Fast/secure roaming in an 802.11 RSN is significantly longer when EAP-TLS is in use.

B.

EAP-TLS does not protect the client's username and password inside an encrypted tunnel.

C.

EAP-TLS cannot establish a secure tunnel for internal EAP authentication.

D.

EAP-TLS is supported only by Cisco wireless infrastructure and client devices.

E.

EAP-TLS requires extensive PKI use to create X.509 certificates for both the server and all clients, which increases administrative overhead.

Question 18

When used as part of a WLAN authentication solution, what is the role of LDAP?

Options:

A.

A data retrieval protocol used by an authentication service such as RADIUS

B.

An IEEE X.500 standard compliant database that participates in the 802.1X port-based access control process

C.

A SQL compliant authentication service capable of dynamic key generation and distribution

D.

A role-based access control protocol for filtering data to/from authenticated stations.

E.

An Authentication Server (AS) that communicates directly with, and provides authentication for, the Supplicant.

Question 19

What preventative measures are performed by a WIPS against intrusions?

Options:

A.

EAPoL Reject frame flood against a rogue AP

B.

Evil twin attack against a rogue AP

C.

Deauthentication attack against a classified neighbor AP

D.

ASLEAP attack against a rogue AP

E.

Uses SNMP to disable the switch port to which rogue APs connect

Question 20

Wireless Intrusion Prevention Systems (WIPS) are used for what purposes? (Choose 3)

Options:

A.

Performance monitoring and troubleshooting

B.

Enforcing wireless network security policy

C.

Detecting and defending against eavesdropping attacks

D.

Security monitoring and notification

E.

Preventing physical carrier sense attacks

F.

Classifying wired client devices

Question 21

What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA or WPA2 is in use?

Options:

A.

AKM Suite List

B.

Group Cipher Suite

C.

RSN Capabilities

D.

Pairwise Cipher Suite List

Question 22

You have been recently hired as the wireless network administrator for an organization spread across seven locations. They have deployed more than 100 APs, but they have not been managed in either an automated or manual process for more than 18 months. Given this length of time, what is one of the first things you should evaluate from a security perspective?

Options:

A.

The channel widths configured

B.

The channels in use

C.

The VLANs in use

D.

The firmware revision

Question 23

Wireless Intrusion Prevention Systems (WIPS) provide what network security services? (Choose 2)

Options:

A.

Configuration distribution for autonomous APs

B.

Wireless vulnerability assessment

C.

Application-layer traffic inspection

D.

Analysis and reporting of AP CPU utilization

E.

Policy enforcement and compliance management

Question 24

Joe’s new laptop is experiencing difficulty connecting to ABC Company’s 802.11 WLAN using 802.1X/EAP PEAPv0. The company’s wireless network administrator assured Joe that his laptop was authorized in the WIPS management console for connectivity to ABC’s network before it was given to him. The WIPS termination policy includes alarms for rogue stations, roque APs, DoS attacks and unauthorized roaming.

What is a likely reason that Joe cannot connect to the network?

Options:

A.

Joe disabled his laptop’s integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.

B.

Joe’s integrated 802.11 radio is sending multiple Probe Request frames on each channel.

C.

An ASLEAP attack has been detected on APs to which Joe’s laptop was trying to associate. The WIPS responded by disabling the APs.

D.

Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.

Question 25

You work as the security administrator for your organization. In relation to the WLAN, you are viewing a dashboard that shows security threat, policy compliance and rogue threat charts. What type of system is in view?

Options:

A.

Wireshark Protocol Analyzer

B.

Wireless VPN Management Systems

C.

Wireless Intrusion Prevention System

D.

Distributed RF Spectrum Analyzer

E.

WLAN Emulation System

Question 26

In an effort to optimize WLAN performance, ABC Company has upgraded their WLAN infrastructure from 802.11a/g to 802.11n. 802.11a/g clients are still supported and are used throughout ABC’s facility. ABC has always been highly security conscious, but due to budget limitations, they have not yet updated their overlay WIPS solution to 802.11n or 802.11ac.

Given ABC’s deployment strategy, what security risks would not be detected by the 802.11a/g WIPS?

Options:

A.

Hijacking attack performed by using a rogue 802.11n AP against an 802.11a client

B.

Rogue AP operating in Greenfield 40 MHz-only mode

C.

802.11a STA performing a deauthentication attack against 802.11n APs

D.

802.11n client spoofing the MAC address of an authorized 802.11n client

Question 27

After completing the installation of a new overlay WIPS for the purpose of rogue detection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify security threats?

Options:

A.

Authorized PEAP usernames must be added to the WIPS server’s user database.

B.

WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.

C.

Separate security profiles must be defined for network operation in different regulatory domains

D.

Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements are being met.

Page: 1 / 12
Total 119 questions