CWSP Certified Wireless Security Professional

Question 1

Which of the following protocols is used for authentication in an 802.1X framework?

A. EAP

B. IPSec

C. L2TP

D. TKIP

Correct Answer: A

Question 2

ABC Company has recently installed a WLAN controller and configured it to support WPA2- Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

A. The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.

B. The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

C. The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.

D. The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.

Correct Answer: A

Question 3

ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN. Before creating the WLAN security policy, what should you ensure you possess?

A. Security policy generation software.

B. End-user training manuals for the policies to be created.

C. Awareness of the exact vendor devices being installed.

D. Management support for the process.

Correct Answer: D

Question 4

You work as a Network Administrator for uCertify Inc.
You need to provide a secure communication between the server and the client computers of the company.
Which of the following protocols will you use to manage the communication securely?

A. TLS

B. TCP

C. SSL

D. HTTP

Correct Answer: A,C

Question 5

In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce?

A. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.

B. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).

C. They are input values used in the derivation of the Pairwise Transient Key.

D. They are added together and used as the GMK, from which the GTK is derived.

Correct Answer: C

Question 6

The Marketing department's WLAN users need to reach their file and email server as well as the Internet, but should not have access to any other network resources. What single WLAN security feature should be implemented to comply with these requirements?

A. Mutual authentication

B. Captive portal

C. RADIUS policy accounting

D. Role-based access control

E. Group authentication

Correct Answer: D

Question 7

Which of the following is a passive device that cannot be detected by a wireless intrusion detection system (WIDS)?

A. MAC spoofing

B. Rogue access point

C. Protocol analyzer

D. Spectrum analyzer

Correct Answer: C

Question 8

Which of the following provides the best protection against a man-in-the-middle attack?

A. Firewall

B. Strong encryption

C. Fiber-optic cable

D. Strong password

Correct Answer: B

Question 9

Many computer users connect to the Internet at airports, which often have 802.11n access points with a captive portal for authentication. While using an airport hotspot with this security solution, to what type of wireless attack is a user susceptible?

A. IGMP snooping

B. Management interface exploits

C. UDP port redirection

D. Wi-Fi phishing

Correct Answer: D

Question 10

You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?

A. Open 802.11 authentication with IPSec

B. 802.1X/EAP-TTLS

C. EAP-MD5

D. WPA2-Personal with AES-CCMP

E. 802.1X/PEAPv0/MS-CHAPv2

Correct Answer: A

CWNP CWSP Certified Wireless Security Professional - CWSP-206 Exam Practice Test

Latest Update

Useful Links

Contact Us