Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Discussions
  1. Home
  2. CWNP
  3. CWSP
  4. CWSP-207
  5. Certified Wireless Security Professional (CWSP) Questions and Answers

Pass the CWNP CWSP CWSP-207 Questions and answers with ValidTests

Exam CWSP-207 All Questions
Exam CWSP-207 Premium Access

View all detail and faqs for the CWSP-207 exam

Go to Exam
Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions
Questions # 1:

Given: ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individualshave raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations.

As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication? (Choose 2)

Options:

A.

MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.

B.

MS-CHAPv2 is subject to offline dictionary attacks.

C.

LEAP’s use of MS-CHAPv2 is only secure when combined with WEP.

D.

MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.

E.

MS-CHAPv2 uses AES authentication, and is therefore secure.

F.

When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.

Expert Solution
Questions # 2:

Given: You are using a Wireless Aggregator utility to combine multiple packet captures. One capture exists for each of channels 1, 6 and 11. What kind of troubleshooting are you likely performing with such a tool?

Options:

A.

Wireless adapter failure analysis.

B.

Interference source location.

C.

Fast secure roaming problems.

D.

Narrowband DoS attack detection.

Expert Solution
Questions # 3:

What 802.11 WLAN security problem is directly addressed by mutual authentication?

Options:

A.

Wireless hijacking attacks

B.

Weak password policies

C.

MAC spoofing

D.

Disassociation attacks

E.

Offline dictionary attacks

F.

Weak Initialization Vectors

Expert Solution
Questions # 4:

Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website. The bank’s website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain John’s bank account user ID and password and exploit this information.

What likely scenario could have allowed the hacker to obtain John’s bank account user ID and password?

Options:

A.

John's bank is using an expired X.509 certificate on their web server. The certificate is on John's Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted.

B.

John uses the same username and password for banking that he does for email. John used a POP3 email client at the wireless hot-spot to check his email, and the user ID and password were not encrypted.

C.

John accessed his corporate network with his IPSec VPN software at the wireless hot-spot. An IPSec VPN only encrypts data, so the user ID and password were sent in clear text. John uses the same username and password for banking that he does for his IPSec VPN software.

D.

The bank’s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

E.

Before connecting to the bank’s website, John’s association to the AP was hijacked. The attacker intercepted the HTTPS public encryption key from the bank’s web server and has decrypted John’s login credentials in near real-time.

Expert Solution
Questions # 5:

What software and hardware tools are used together to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network? (Choose 2)

Options:

A.

RF jamming device and a wireless radio card

B.

A low-gain patch antenna and terminal emulation software

C.

A wireless workgroup bridge and a protocol analyzer

D.

DHCP server software and access point software

E.

MAC spoofing software and MAC DoS software

Expert Solution
Questions # 6:

Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

Options:

A.

The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

B.

The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

C.

4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

D.

The username can be looked up in a dictionary file that lists common username/password combinations.

Expert Solution
Questions # 7:

What is a primary criteria for a network to qualify as a Robust Security Network (RSN)?

Options:

A.

Token cards must be used for authentication.

B.

Dynamic WEP-104 encryption must be enabled.

C.

WEP may not be used for encryption.

D.

WPA-Personal must be supported for authentication and encryption.

E.

WLAN controllers and APs must not support SSHv1.

Expert Solution
Questions # 8:

Given: In XYZ’s small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.

What statement about the WLAN security of this company is true?

Options:

A.

Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.

B.

A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.

C.

An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.

D.

An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user’s 4-Way Handshake.

E.

Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

Expert Solution
Questions # 9:

In order to acquire credentials of a valid user on a public hot-spot network, what attacks may be conducted? Choose the single completely correct answer.

Options:

A.

Social engineering and/or eavesdropping

B.

RF DoS and/or physical theft

C.

MAC denial of service and/or physical theft

D.

Authentication cracking and/or RF DoS

E.

Code injection and/or XSS

Expert Solution
Questions # 10:

As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?

Options:

A.

Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.

B.

Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.

C.

Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.

D.

A trained employee should install and configure a WIPS for rogue detection and response measures.

E.

Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

Expert Solution
Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions