CWSP-206 CWNP Exam Questions and Free Practice Test

Question 13

What attack cannot be detected by a Wireless Intrusion Prevention System (WIPS)?

A. Deauthentication flood

B. Soft AP

C. EAP flood

D. Eavesdropping

E. MAC Spoofing

F. Hotspotter

Correct Answer:D

Question 14

XYZ Hospital plans to improve the security and performance of their Voice over Wi-Fi implementation and will be upgrading to 802.11n phones with 802.1X/EAP authentication. XYZ would like to support fast secure roaming for the phones and will require the ability to troubleshoot reassociations that are delayed or dropped during inter-channel roaming. What portable solution would be recommended for XYZ to troubleshoot roaming problems?

A. Spectrum analyzer software installed on a laptop computer.

B. An autonomous AP mounted on a mobile cart and configured to operate in monitor mode.

C. Laptop-based protocol analyzer with multiple 802.11n adapters.

D. WIPS sensor software installed on a laptop computer.

Correct Answer:C

Question 15

Your organization is using EAP as an authentication framework with a specific type that meets the requirements of your corporate policies. Which one of the following statements is true related to this implementation?

A. The client STAs may communicate over the controlled port in order to authenticate as soon as the Open System authentication completes.

B. The client STAs may communicate over the uncontrolled port in order to authenticate as soon as the Open System authentication completes.

C. The client STAs may use a different, but complementary, EAP type than the AP STAs.

D. The client will be the authenticator in this scenario.

Correct Answer:B

Question 16

You manage a wireless network that services 200 wireless users. Your facility requires 20 access points, and you have installed an IEEE 802.11-compliant implementation of 802.1X/LEAP with AES-CCMP as an authentication and encryption solution. In this configuration, the wireless network is initially susceptible to what type of attack?

A. Offline dictionary attacks

B. Application eavesdropping

C. Session hijacking

D. Layer 3 peer-to-peer

E. Encryption cracking

Correct Answer:A

Question 17

Your company has just completed installation of an IEEE 802.11 WLAN controller with 20 controller-based APs. The CSO has specified PEAPv0/EAP-MSCHAPv2 as the only authorized WLAN authentication mechanism. Since an LDAPcompliant user database was already in use, a RADIUS server was installed and is querying authentication requests to the LDAP server. Where must the X.509 server certificate and private key be installed in this network?

A. Controller-based APs

B. WLAN controller

C. RADIUS server

D. Supplicant devices

E. LDAP server

Correct Answer:C

Question 18

ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN. Before creating the WLAN security policy, what should you ensure you possess?

A. Management support for the process.

B. Security policy generation software.

C. End-user training manuals for the policies to be created.

D. Awareness of the exact vendor devices being installed.

Correct Answer:A

START CWSP-206 EXAM