최신 CWSP-208 무료덤프 - CWNP Certified Wireless Security Professional (CWSP)

문제1

Given: Your organization is using EAP as an authentication framework with a specific type that meets the requirements of your corporate policies.
Which one of the following statements is true related to this implementation?

A. The client STAs may communicate over the controlled port in order to authenticate as soon as the Open System authentication completes.

B. The client STAs may communicate over the uncontrolled port in order to authenticate as soon as Open System authentication completes.

C. The client STAs must use a different, but complementary, EAP type than the AP STAs.

D. The client will be the authenticator in this scenario.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or data. What kind of attack is described?

A. DoS

B. Hijacking

C. ASLEAP

D. Man-in-the-middle

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제3

What statement is true regarding the nonces (ANonce and SNonce) used in the IEEE 802.11 4 Way Handshake?

A. The Supplicant uses the SNonce to derive its unique PTK and the Authenticator uses the ANonce to derive its unique PTK, but the nonces are not shared.

B. Nonces are sent in EAPoL frames to indicate to the receiver that the sending station has installed and validated the encryption keys.

C. The nonces are created by combining the MAC addresses of the Supplicant, Authenticator, and Authentication Server into a mixing algorithm.

D. Both nonces are used by the Supplicant and Authenticator in the derivation of a single PTK.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

What EAP type supports using MS-CHAPv2, EAP-GTC or EAP-TLS for wireless client authentication?

A. PEAP

B. EAP-TTLS

C. H-REAP

D. LEAP

E. EAP-GTC

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제5

When TKIP is selected as the pairwise cipher suite, what frame types may be protected with data confidentiality? (Choose 2)

A. Data

B. QoS Data

C. Control

D. Robust broadcast management

E. Robust unicast management

F. ACK

정답: A,B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which one of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

A. It does not support a RADIUS server.

B. It is not a valid EAP type.

C. It does not support the outer identity.

D. It does not support mutual authentication.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection.
What security characteristics and/or components play a role in preventing data decryption? (Choose 2)

A. 4-Way Handshake

B. Group Temporal Keys

C. PLCP Cyclic Redundancy Check (CRC)

D. Integrity Check Value (ICV)

E. Multi-factor authentication

F. Encrypted Passphrase Protocol (EPP)

정답: A,B

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Given: The Marketing department's WLAN users need to reach their file and email server as well as the Internet, but should not have access to any other network resources.
What single WLAN security feature should be implemented to comply with these requirements?

A. Group authentication

B. Mutual authentication

C. RADIUS policy accounting

D. Captive portal

E. Role-based access control

정답: E

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Given: You are using WEP as an encryption solution. You are using VLANs for network segregation.
Why can you not establish an RSNA?

A. RSNA connections do not work in conjunction with VLANs.

B. RSNA connections require BIP and do not support TKIP, CCMP or WEP.

C. RSNA connections require TKIP or CCMP.

D. RSNA connections require CCMP and do not support TKIP or WEP.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Given: ABC Company is implementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources.
What security best practices should be followed in this deployment scenario?

A. An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.

B. Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.

C. RADIUS services should be provided at branch offices so that authentication server and supplicant credentials are not sent over the Internet.

D. APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID for user accounting purposes.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 CWSP-208 무료덤프 - CWNP Certified Wireless Security Professional (CWSP)

우리와 연락하기

유용한 링크

최신 업데이트