CWNP CWSP-207 Exam Practice Test Instant Access

Question 1

When used as part of a WLAN authentication solution, what is the role of LDAP?

AA data retrieval protocol used by an authentication service such as RADIUS

BAn IEEE X.500 standard compliant database that participates in the 802.1X port-based access control process

CA SQL compliant authentication service capable of dynamic key generation and distribution

DA role-based access control protocol for filtering data to/from authenticated stations.

EAn Authentication Server (AS) that communicates directly with, and provides authentication for, the Supplicant.

Answer : A

Question 2

Given: ABC Company secures their network with WPA2-Personal authentication and AES-CCMP encryption.

What part of the 802.11 frame is always protected from eavesdroppers by this type of security?

AAll MSDU contents

BAll MPDU contents

CAll PPDU contents

DAll PSDU contents

Answer : A

Question 3

Given: When the CCMP cipher suite is used for protection of data frames, 16 bytes of overhead are added to the Layer 2 frame. 8 of these bytes comprise the MIC.

What purpose does the encrypted MIC play in protecting the data frame?

AThe MIC is used as a first layer of validation to ensure that the wireless receiver does not incorrectly process corrupted signals.

BThe MIC provides for a cryptographic integrity check against the data payload to ensure that it matches the original transmitted data.

CThe MIC is a hash computation performed by the receiver against the MAC header to detect replay attacks prior to processing the encrypted payload.

DThe MIC is a random value generated during the 4-way handshake and is used for key mixing to enhance the strength of the derived PTK.

Answer : B

Question 4

Which one of the following describes the correct hierarchy of 802.1X authentication key derivation?

AThe MSK is generated from the 802.1X/EAP authentication. The PMK is derived from the MSK. The PTK is derived from the PMK, and the keys used for actual data encryption are a part of the PTK.

BIf passphrase-based client authentication is used by the EAP type, the PMK is mapped directly from the user's passphrase. The PMK is then used during the 4-way handshake to create data encryption keys.

CAfter successful EAP authentication, the RADIUS server generates a PMK. A separate key, the MSK, is derived from the AAA key and is hashed with the PMK to create the PTK and GTK.

DThe PMK is generated from a successful mutual EAP authentication. When mutual authentication is not used, an MSK is created. Either of these two keys may be used to derive the temporal data encryption keys during the 4-way handshake.

Answer : A

Question 5

When implementing a WPA2-Enterprise security solution, what protocol must the selected RADIUS server support?

ALWAPP, GRE, or CAPWAP

BIPSec/ESP

CEAP

DCCMP and TKIP

ELDAP

Answer : C

Question 6

What statement is true regarding the nonces (ANonce and SNonce) used in the IEEE 802.11 4 Way Handshake?

ABoth nonces are used by the Supplicant and Authenticator in the derivation of a single PTK.

BThe Supplicant uses the SNonce to derive its unique PTK and the Authenticator uses the ANonce to derive its unique PTK, but the nonces are not shared.

CNonces are sent in EAPoL frames to indicate to the receiver that the sending station has installed and validated the encryption keys.

DThe nonces are created by combining the MAC addresses of the Supplicant, Authenticator, and Authentication Server into a mixing algorithm.

Answer : A

Question 7

In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?

AIn home networks in which file and printer sharing is enabled

BAt public hot-spots in which many clients use diverse applications

CIn corporate Voice over Wi-Fi networks with push-to-talk multicast capabilities

DIn university environments using multicast video training sourced from professor's laptops

Answer : B

CWNP CWSP-207 Certified Wireless Security Professional Exam Practice Test