CWNP CWSP-207 Exam Practice Test Instant Access

Question 1

Given: The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions.

What are three uses for such a tool? (Choose 3)

ATransmitting a deauthentication frame to disconnect a user from the AP.

BAuditing the configuration and functionality of a WIPS by simulating common attack sequences

CProbing the RADIUS server and authenticator to expose the RADIUS shared secret

DCracking the authentication or encryption processes implemented poorly in some WLANs

Answer : A, B, D

Question 2

Given: In XYZ's small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.

What statement about the WLAN security of this company is true?

AIntruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.

BA successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.

CAn unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.

DAn unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user's 4-Way Handshake.

EBecause WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

Answer : B

Question 3

What protocols allow a network administrator to securely manage the configuration of WLAN controllers and access points? (Choose 2)

ASNMPv1

BHTTPS

CTelnet

DTFTP

EFTP

FSSHv2

Answer : B, F

Question 4

When using the 802.1X/EAP framework for authentication in 802.11 WLANs, why is the 802.1X Controlled Port still blocked after the 802.1X/EAP framework has completed successfully?

AThe 802.1X Controlled Port is always blocked, but the Uncontrolled Port opens after the EAP authentication process completes.

BThe 802.1X Controlled Port remains blocked until an IP address is requested and accepted by the Supplicant.

CThe 4-Way Handshake must be performed before the 802.1X Controlled Port changes to the unblocked state.

DThe 802.1X Controlled Port is blocked until Vender Specific Attributes (VSAs) are exchanged inside a RADIUS packet between the Authenticator and Authentication Server.

Answer : C

Question 5

Given: WLAN attacks are typically conducted by hackers to exploit a specific vulnerability within a network.

What statement correctly pairs the type of WLAN attack with the exploited vulnerability? (Choose 3)

AManagement interface exploit attacks are attacks that use social engineering to gain credentials from managers.

BZero-day attacks are always authentication or encryption cracking attacks.

CRF DoS attacks prevent successful wireless communication on a specific frequency or frequency range.

DHijacking attacks interrupt a user's legitimate connection and introduce a new connection with an evil twin AP.

ESocial engineering attacks are performed to collect sensitive information from unsuspecting users

FAssociation flood attacks are Layer 3 DoS attacks performed against authenticated client stations

Answer : C, D, E

Question 6

What is the purpose of the Pairwise Transient Key (PTK) in IEEE 802.11 Authentication and Key Management?

AThe PTK is a type of master key used as an input to the GMK, which is used for encrypting multicast data frames.

BThe PTK contains keys that are used to encrypt unicast data frames that traverse the wireless medium.

CThe PTK is XOR'd with the PSK on the Authentication Server to create the AAA key.

DThe PTK is used to encrypt the Pairwise Master Key (PMK) for distribution to the 802.1X Authenticator prior to the 4-Way Handshake.

Answer : B

Question 7

A WLAN is implemented using WPA-Personal and MAC filtering.

To what common wireless network attacks is this network potentially vulnerable? (Choose 3)

AOffline dictionary attacks

BMAC Spoofing

CASLEAP

DDoS

Answer : A, B, D

CWNP Certified Wireless Security Professional CWSP-207 Exam Practice Test