CWNP CWSP-207 Exam Questions Instant Access

Question 1

Given: The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions.

What are three uses for such a tool? (Choose 3)

ATransmitting a deauthentication frame to disconnect a user from the AP.

BAuditing the configuration and functionality of a WIPS by simulating common attack sequences

CProbing the RADIUS server and authenticator to expose the RADIUS shared secret

DCracking the authentication or encryption processes implemented poorly in some WLANs

Answer : A, B, D

Question 2

What 802.11 WLAN security problem is directly addressed by mutual authentication?

AWireless hijacking attacks

BWeak password policies

CMAC spoofing

DDisassociation attacks

EOffline dictionary attacks

FWeak Initialization Vectors

Answer : A

Question 3

The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?

APhase Shift Key (PSK)

BGroup Master Key (GMK)

CPairwise Master Key (PMK)

DGroup Temporal Key (GTK)

EPeerKey (PK)

FKey Confirmation Key (KCK)

Answer : C

Question 4

What statements are true about 802.11-2012 Protected Management Frames? (Choose 2)

A802.11w frame protection protects against some Layer 2 denial-of-service (DoS) attacks, but it cannot prevent all types of Layer 2 DoS attacks.

BWhen frame protection is in use, the PHY preamble and header as well as the MAC header are encrypted with 256- or 512-bit AES.

CAuthentication, association, and acknowledgment frames are protected if management frame protection is enabled, but deauthentication and disassociation frames are not.

DManagement frame protection protects disassociation and deauthentication frames.

Answer : A, D

Question 5

Given: The ABC Corporation currently utilizes an enterprise Public Key Infrastructure (PKI) to allow employees to securely access network resources with smart cards. The new wireless network will use WPA2-Enterprise as its primary authentication solution. You have been asked to recommend a Wi-Fi Alliance-tested EAP method.

What solutions will require the least change in how users are currently authenticated and still integrate with their existing PKI?

AEAP-FAST

BEAP-TLS

CPEAPv0/EAP-MSCHAPv2

DLEAP

EPEAPv0/EAP-TLS

FEAP-TTLS/MSCHAPv2

Answer : B

Question 6

In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?

AIn home networks in which file and printer sharing is enabled

BAt public hot-spots in which many clients use diverse applications

CIn corporate Voice over Wi-Fi networks with push-to-talk multicast capabilities

DIn university environments using multicast video training sourced from professor's laptops

Answer : B

Question 7

What EAP type supports using MS-CHAPv2, EAP-GTC or EAP-TLS for wireless client authentication?

AH-REAP

BEAP-GTC

CEAP-TTLS

DPEAP

ELEAP

Answer : D

CWNP Certified Wireless Security Professional CWSP-207 Exam Questions