CWNP CWSP-208 Exam Practice Test Instant Access

Question 1

An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or dat

a. What kind of attack is described?

AMan-in-the-middle

BHijacking

CASLEAP

DDoS

Answer : D

Question 2

What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA or WPA2 is in use?

AAKM Suite List

BGroup Cipher Suite

CRSN Capabilities

DPairwise Cipher Suite List

Answer : A

Question 3

What TKIP feature was introduced to counter the weak integrity check algorithm used in WEP?

A32-bit ICV (CRC-32)

BSequence counters

CRC5 stream cipher

DMichael

EBlock cipher support

Answer : D

Question 4

The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?

AGroup Key Handshake

B802.1X/EAP authentication

CDHCP Discovery

D4-Way Handshake

EPassphrase-to-PSK mapping

FRADIUS shared secret lookup

Answer : B

Question 5

Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

AThe username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

BThe username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

C4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

DThe username can be looked up in a dictionary file that lists common username/password combinations.

Answer : B

Question 6

When monitoring APs within a LAN using a Wireless Network Management System (WNMS), what secure protocol may be used by the WNMS to issue configuration changes to APs?

AIPSec/ESP

BTFTP

C802.1X/EAP

DSNMPv3

EPPTP

Answer : D

Question 7

Given: ABC Company has 20 employees and only needs one access point to cover their entire facility. Ten of ABC Company's employees have laptops with radio cards capable of only WPA security. The other ten employees have laptops with radio cards capable of WPA2 security. The network administrator wishes to secure all wireless communications (broadcast and unicast) for each laptop with its strongest supported security mechanism, but does not wish to implement a RADIUS/AAA server due to complexity.

What security implementation will allow the network administrator to achieve this goal?

AImplement an SSID with WPA2-Personal that allows both AES-CCMP and TKIP clients to connect.

BImplement an SSID with WPA-Personal that allows both AES-CCMP and TKIP clients to connect.

CImplement two separate SSIDs on the AP---one for WPA-Personal using TKIP and one for WPA2-Personal using AES-CCMP.

DImplement an SSID with WPA2-Personal that sends all broadcast traffic using AES-CCMP and unicast traffic using either TKIP or AES-CCMP.

Answer : C

CWNP Certified Wireless Security Professional (CWSP) CWSP-208 Exam Practice Test