최신 CWSP-207 무료덤프 - CWNP Wireless Security Professional (CWSP)

문제1

Given: A large enterprise is designing a secure, scalable, and manageable 802.11n WLAN that will support thousands of users. The enterprise will support both 802.1X/EAP-TTLS and PEAPv0/MSCHAPv2. Currently, the company is upgrading network servers as well and willreplace their existing Microsoft IAS implementation with Microsoft NPS, querying Active Directory for user authentication.
For this organization, as they update their WLAN infrastructure, what WLAN controller feature will likely be least valuable?

A. SNMPv3 support

B. WPA2-Enterprise authentication/encryption

C. 802.1Q VLAN trunking

D. Internal RADIUS server

E. WIPS support and integration

정답: D

문제2

The following numbered items show some of the contents of each of the four frames exchanged during the
4-way handshake:
1. Encrypted GTK sent
2. Confirmation of temporal key installation
3. Anonce sent from authenticator to supplicant
4. Snonce sent from supplicant to authenticator, MIC included
Arrange the frames in the correct sequence beginning with the start of the 4-way handshake.

A. 2, 3, 4, 1

B. 4, 3, 1, 2

C. 1, 2, 3, 4

D. 3, 4, 1, 2

정답: D

문제3

You have been recently hired as the wireless network administrator for an organization spread across seven locations. They have deployed more than 100 APs, but they have not been managedin either an automated or manual process for more than 18 months. Given this length of time, what is one of the first things you should evaluate from a security perspective?

A. The channel widths configured

B. The firmware revision

C. The channels in use

D. The VLANs in use

정답: B

문제4

Given: You must implement 7 APs for a branch office location in your organization. All APs will be autonomous and provide the same two SSIDs (CORP1879 and Guest).
Because each AP is managed directly through a web-based interface, what must be changed on every AP before enabling the WLANs to ensure proper staging procedures are followed?

A. Cell radius

B. Fragmentation threshold

C. Administrative password

D. Output power

정답: C

문제5

You must support a TSN as you have older wireless equipment that will not support the required processing of AES encryption. Which one of the following technologies will you use on the network so that a TSN can be implemented that would not be required in a network compliant with 802.11-2012 non-deprecated technologies?

A. RC4

B. WPA2

C. WEP

D. CCMP

정답: A

문제6

In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce? (Choose 2)

A. They allow the participating STAs to create dynamic keys while avoiding sending unicast encryption keys across the wireless medium.

B. They are input values used in the derivation of the Pairwise Transient Key.

C. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.

D. They are added together and used as the GMK, from which the GTK is derived.

E. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).

정답: A,B

문제7

Given: A WLAN protocol analyzer trace reveals the following sequence of frames (excluding the ACK frames):
1) 802.11 Probe Req and 802.11 Probe Rsp
2) 802.11 Auth and then another 802.11 Auth
3) 802.11 Assoc Req and 802.11 Assoc Rsp
4) EAPOL-KEY
5) EAPOL-KEY
6) EAPOL-KEY
7) EAPOL-KEY
What security mechanism is being used on the WLAN?

A. WPA-Enterprise

B. EAP-TLS

C. 802.1X/LEAP

D. WPA2-Personal

E. WEP-128

정답: D

문제8

Given: In XYZ's small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.
What statement about the WLAN security of this company is true?

A. A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.

B. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.

C. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.

D. An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user's 4-Way Handshake.

E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

정답: A

문제9

Given: You have implemented strong authentication and encryption mechanisms for your enterprise 802.11 WLAN using 802.1X/EAP with AES-CCMP.
For users connecting within the headquarters office, what other security solution will provide continuous monitoring of both clients and APs with 802.11-specific tracking?

A. Internet firewall software

B. WLAN endpoint agent software

C. RADIUS proxy server

D. IPSec VPN client and server software

E. Wireless intrusion prevention system

정답: E

문제10

Given: An 802.1X/EAP implementation includes an Active Directory domain controller running Windows Server 2012 and an AP from a major vendor. A Linux server is running RADIUS and it queries the domain controller for user credentials. A Windows client is accessing the network.
What device functions as the EAP Supplicant?

A. Windows client

B. Linux server

C. Windows server

D. An unlisted switch

E. Access point

F. An unlisted WLAN controller

정답: A

최신 CWSP-207 무료덤프 - CWNP Wireless Security Professional (CWSP)

우리와 연락하기

유용한 링크

최신 업데이트