CWSP-205 Online Practice Questions and Answers

What 802.11 WLAN security problem is directly addressed by mutual authentication?

A. Wireless hijacking attacks

B. Weak password policies

C. MAC spoofing

D. Disassociation attacks

E. Offline dictionary attacks

F. Weak Initialization Vectors

ABC Company uses the wireless network for highly sensitive network traffic. For that reason, they intend to protect their network in all possible ways. They are continually researching new network threats and new preventative measures. They are interested in the security benefits of 802.11w, but would like to know its limitations.

What types of wireless attacks are protected by 802.11w? (Choose 2)

A. RF DoS attacks

B. Layer 2 Disassociation attacks

C. Robust management frame replay attacks

D. Social engineering attacks

As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.

When writing the 802.11 security policy, what password-related items should be addressed?

A. MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

B. Password complexity should be maximized so that weak WEP IV attacks are prevented.

C. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.

D. Certificates should always be recommended instead of passwords for 802.11 client authentication.

E. EAP-TLS must be implemented in such scenarios.

Given: ABC Company has 20 employees and only needs one access point to cover their entire facility. Ten of ABC Company's employees have laptops with radio cards capable of only WPA security. The other ten employees have laptops with radio cards capable of WPA2 security. The network administrator wishes to secure all wireless communications (broadcast and unicast) for each laptop with its strongest supported security mechanism, but does not wish to implement a RADIUS/AAA server due to complexity.

What security implementation will allow the network administrator to achieve this goal?

A. Implement an SSID with WPA2-Personal that allows both AES-CCMP and TKIP clients to connect.

B. Implement an SSID with WPA-Personal that allows both AES-CCMP and TKIP clients to connect.

C. Implement two separate SSIDs on the AP--one for WPA-Personal using TKIP and one for WPA2Personal using AES-CCMP.

D. Implement an SSID with WPA2-Personal that sends all broadcast traffic using AES-CCMP and unicast traffic using either TKIP or AES-CCMP.

Which one of the following describes the correct hierarchy of 802.1X authentication key derivation?

A. The MSK is generated from the 802.1X/EAP authentication. The PMK is derived from the MSK. The PTK is derived from the PMK, and the keys used for actual data encryption are a part of the PTK.

B. If passphrase-based client authentication is used by the EAP type, the PMK is mapped directly from the user's passphrase. The PMK is then used during the 4-way handshake to create data encryption keys.

C. After successful EAP authentication, the RADIUS server generates a PMK. A separate key, the MSK, is derived from the AAA key and is hashed with the PMK to create the PTK and GTK.

D. The PMK is generated from a successful mutual EAP authentication. When mutual authentication is not used, an MSK is created. Either of these two keys may be used to derive the temporal data encryption keys during the 4-way handshake.

What statements are true about 802.11-2012 Protected Management Frames? (Choose 2)

A. 802.11w frame protection protects against some Layer 2 denial-of-service (DoS) attacks, but it cannot prevent all types of Layer 2 DoS attacks.

B. When frame protection is in use, the PHY preamble and header as well as the MAC header are encrypted with 256- or 512-bit AES.

C. Authentication, association, and acknowledgment frames are protected if management frame protection is enabled, but deauthentication and disassociation frames are not.

D. Management frame protection protects disassociation and deauthentication frames.

What security benefits are provided by endpoint security solution software? (Choose 3)

A. Can prevent connections to networks with security settings that do not conform to company policy

B. Can collect statistics about a user's network use and monitor network threats while they are connected

C. Can restrict client connections to networks with specific SSIDs and encryption types

D. Can be used to monitor for and prevent network attacks by nearby rogue clients or APs

What drawbacks initially prevented the widespread acceptance and use of Opportunistic Key Caching (OKC)?

A. Sharing cached keys between controllers during inter-controller roaming created vulnerabilities that exposed the keys to attackers.

B. Because OKC is not defined by any standards or certification body, client support was delayed and sporadic early on.

C. Key exchanges during fast roams required processor-intensive cryptography, which was prohibitive for legacy devices supporting only TKIP.

D. The Wi-Fi Alliance continually delayed the creation of a client certification for OKC, even though it was defined by IEEE 802.11r.

Given: When the CCMP cipher suite is used for protection of data frames, 16 bytes of overhead are added to the Layer 2 frame. 8 of these bytes comprise the MIC.

What purpose does the encrypted MIC play in protecting the data frame?

A. The MIC is used as a first layer of validation to ensure that the wireless receiver does not incorrectly process corrupted signals.

B. The MIC provides for a cryptographic integrity check against the data payload to ensure that it matches the original transmitted data.

C. The MIC is a hash computation performed by the receiver against the MAC header to detect replay attacks prior to processing the encrypted payload.

D. The MIC is a random value generated during the 4-way handshake and is used for key mixing to enhance the strength of the derived PTK.

For a WIPS system to identify the location of a rogue WLAN device using location patterning (RF fingerprinting), what must be done as part of the WIPS installation?

A. All WIPS sensors must be installed as dual-purpose (AP/sensor) devices.

B. A location chipset (GPS) must be installed with it.

C. At least six antennas must be installed in each sensor.

D. The RF environment must be sampled during an RF calibration process.