New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. CWNP
  3. CWNP Certification
  4. CWSP-207 - Certified Wireless Security Professional (CWSP)

CWSP-207 Exam Dumps - Certified Wireless Security Professional (CWSP)

Go to page:
Question # 17

Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

A.

The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

B.

The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

C.

4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

D.

The username can be looked up in a dictionary file that lists common username/password combinations.

Full Access
Question # 18

In order to acquire credentials of a valid user on a public hot-spot network, what attacks may be conducted? Choose the single completely correct answer.

A.

Social engineering and/or eavesdropping

B.

RF DoS and/or physical theft

C.

MAC denial of service and/or physical theft

D.

Authentication cracking and/or RF DoS

E.

Code injection and/or XSS

Full Access
Question # 19

A WLAN is implemented using WPA-Personal and MAC filtering.

To what common wireless network attacks is this network potentially vulnerable? (Choose 3)

A.

Offline dictionary attacks

B.

MAC Spoofing

C.

ASLEAP

D.

DoS

Full Access
Question # 20

Given: WLAN attacks are typically conducted by hackers to exploit a specific vulnerability within a network.

What statement correctly pairs the type of WLAN attack with the exploited vulnerability? (Choose 3)

A.

Management interface exploit attacks are attacks that use social engineering to gain credentials from managers.

B.

Zero-day attacks are always authentication or encryption cracking attacks.

C.

RF DoS attacks prevent successful wireless communication on a specific frequency or frequency range.

D.

Hijacking attacks interrupt a user’s legitimate connection and introduce a new connection with an evil twin AP.

E.

Social engineering attacks are performed to collect sensitive information from unsuspecting users

F.

Association flood attacks are Layer 3 DoS attacks performed against authenticated client stations

Full Access
Question # 21

You are configuring seven APs to prevent common security attacks. The APs are to be installed in a small business and to reduce costs, the company decided to install all consumer-grade wireless routers. The wireless routers will connect to a switch, which connects directly to the Internet connection providing 50 Mbps of Internet bandwidth that will be shared among 53 wireless clients and 17 wired clients.

To ensure the wireless network is as secure as possible from common attacks, what security measure can you implement given only the hardware referenced?

A.

WPA-Enterprise

B.

802.1X/EAP-PEAP

C.

WPA2-Enterprise

D.

WPA2-Personal

Full Access
Question # 22

What attack cannot be detected by a Wireless Intrusion Prevention System (WIPS)?

A.

MAC Spoofing

B.

Eavesdropping

C.

Hot-spotter

D.

Soft AP

E.

Deauthentication flood

F.

EAP flood

Full Access
Question # 23

As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?

A.

Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.

B.

Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.

C.

Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.

D.

A trained employee should install and configure a WIPS for rogue detection and response measures.

E.

Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

Full Access
Question # 24

As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.

When writing the 802.11 security policy, what password-related items should be addressed?

A.

MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

B.

Password complexity should be maximized so that weak WEP IV attacks are prevented.

C.

Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.

D.

Certificates should always be recommended instead of passwords for 802.11 client authentication.

E.

EAP-TLS must be implemented in such scenarios.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps