CWNP CWSP-208 Exam Questions Instant Access

Question 1

What is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism in an 802.11 WLAN?

AEAP-TTLS sends encrypted supplicant credentials to the authentication server, but EAP-TLS uses unencrypted user credentials.

BEAP-TTLS supports client certificates, but EAP-TLS does not.

CEAP-TTLS does not require an authentication server, but EAP-TLS does.

DEAP-TTLS does not require the use of a certificate for each STA as authentication credentials, but EAP-TLS does.

Answer : D

Question 2

What security benefits are provided by endpoint security solution software? (Choose 3)

ACan prevent connections to networks with security settings that do not conform to company policy

BCan collect statistics about a user's network use and monitor network threats while they are connected

CCan restrict client connections to networks with specific SSIDs and encryption types

DCan be used to monitor for and prevent network attacks by nearby rogue clients or APs

Answer : A, B, C

Question 3

Given: You have implemented strong authentication and encryption mechanisms for your enterprise 802.11 WLAN using 802.1X/EAP with AES-CCMP.

For users connecting within the headquarters office, what other security solution will provide continuous monitoring of both clients and APs with 802.11-specific tracking?

AIPSec VPN client and server software

BInternet firewall software

CWireless intrusion prevention system

DWLAN endpoint agent software

ERADIUS proxy server

Answer : C

Question 4

Given: A large enterprise is designing a secure, scalable, and manageable 802.11n WLAN that will support thousands of users. The enterprise will support both 802.1X/EAP-TTLS and PEAPv0/MSCHAPv2. Currently, the company is upgrading network servers as well and will replace their existing Microsoft IAS implementation with Microsoft NPS, querying Active Directory for user authentication.

For this organization, as they update their WLAN infrastructure, what WLAN controller feature will likely be least valuable?

AWPA2-Enterprise authentication/encryption

BInternal RADIUS server

CWIPS support and integration

D802.1Q VLAN trunking

ESNMPv3 support

Answer : B

Question 5

Given: You support a coffee shop and have recently installed a free 802.11ac wireless hot-spot for the benefit of your customers. You want to minimize legal risk in the event that the hot-spot is used for illegal Internet activity.

What option specifies the best approach to minimize legal risk at this public hot-spot while maintaining an open venue for customer Internet access?

AConfigure WPA2-Enterprise security on the access point

BBlock TCP port 25 and 80 outbound on the Internet router

CRequire client STAs to have updated firewall and antivirus software

DAllow only trusted patrons to use the WLAN

EUse a WIPS to monitor all traffic and deauthenticate malicious stations

FImplement a captive portal with an acceptable use disclaimer

Answer : F

Question 6

Given: XYZ Company has recently installed an 802.11ac WLAN. The company needs the ability to control access to network services, such as file shares, intranet web servers, and Internet access based on an employee's job responsibilities.

What WLAN security solution meets this requirement?

AAn autonomous AP system with MAC filters

BWPA2-Personal with support for LDAP queries

CA VPN server with multiple DHCP scopes

DA WLAN controller with RBAC features

EA WLAN router with wireless VLAN support

Answer : D

Question 7

A WLAN is implemented using WPA-Personal and MAC filtering.

To what common wireless network attacks is this network potentially vulnerable? (Choose 3)

AOffline dictionary attacks

BMAC Spoofing

CASLEAP

DDoS

Answer : A, B, D

CWNP Certified Wireless Security Professional (CWSP) CWSP-208 Exam Questions