CWSP-205 Online Practice Questions and Answers

Given: You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data.

What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?

A. All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.

B. Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.

C. Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.

D. Only Wireshark can be used to capture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.

E. The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.

Given: In XYZ's small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.

What statement about the WLAN security of this company is true?

A. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.

B. A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.

C. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.

D. An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user's 4-Way Handshake.

E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

What is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism in an

802.11 WLAN?

A. EAP-TTLS sends encrypted supplicant credentials to the authentication server, but EAP-TLS uses unencrypted user credentials.

B. EAP-TTLS supports client certificates, but EAP-TLS does not.

C. EAP-TTLS does not require an authentication server, but EAP-TLS does.

D. EAP-TTLS does not require the use of a certificate for each STA as authentication credentials, but EAP-TLS does.

While performing a manual scan of your environment using a spectrum analyzer on a laptop computer, you notice a signal in the real time FFT view. The signal is characterized by having peak power centered on channel 11 with an approximate width of 20 MHz at its peak. The signal widens to approximately 40 MHz after it has weakened by about 30 dB.

What kind of signal is displayed in the spectrum analyzer?

A. A frequency hopping device is being used as a signal jammer in 5 GHz

B. A low-power wideband RF attack is in progress in 2.4 GHz, causing significant 802.11 interference

C. An 802.11g AP operating normally in 2.4 GHz

D. An 802.11a AP operating normally in 5 GHz

Given: An 802.1X/EAP implementation includes an Active Directory domain controller running Windows Server 2012 and an AP from a major vendor. A Linux server is running RADIUS and it queries the domain controller for user credentials. A Windows client is accessing the network.

What device functions as the EAP Supplicant?

A. Linux server

B. Windows client

C. Access point

D. Windows server

E. An unlisted switch

F. An unlisted WLAN controller

What drawbacks initially prevented the widespread acceptance and use of Opportunistic Key Caching (OKC)?

A. Sharing cached keys between controllers during inter-controller roaming created vulnerabilities that exposed the keys to attackers.

B. Because OKC is not defined by any standards or certification body, client support was delayed and sporadic early on.

C. Key exchanges during fast roams required processor-intensive cryptography, which was prohibitive for legacy devices supporting only TKIP.

D. The Wi-Fi Alliance continually delayed the creation of a client certification for OKC, even though it was defined by IEEE 802.11r.

You have an AP implemented that functions only using 802.11-2012 standard methods for the WLAN communications on the RF side and implementing multiple SSIDs and profiles on the management side configured as follows:

1.

SSID: Guest VLAN 90 Security: Open with captive portal authentication 2 current clients

2.

SSID: ABCData VLAN 10 Security: PEAPv0/EAP-MSCHAPv2 with AES-CCMP 5 current clients

3.

SSID: ABCVoice VLAN 60 Security: WPA2-Personal 2 current clients

Two client STAs are connected to ABCData and can access a media server that requires authentication at the Application Layer and is used to stream multicast video streams to the clients.

What client stations possess the keys that are necessary to decrypt the multicast data packets carrying these videos?

A. Only the members of the executive team that are part of the multicast group configured on the media server

B. All clients that are associated to the AP using the ABCData SSID

C. All clients that are associated to the AP using any SSID

D. All clients that are associated to the AP with a shared GTK, which includes ABCData and ABCVoice.

Given: You are installing 6 APs on the outside of your facility. They will be mounted at a height of 6 feet. What must you do to implement these APs in a secure manner beyond the normal indoor AP implementations? (Choose the single best answer.)

A. User external antennas.

B. Use internal antennas.

C. Power the APs using PoE.

D. Ensure proper physical and environmental security using outdoor ruggedized APs or enclosures.

Wireless Intrusion Prevention Systems (WIPS) are used for what purposes? (Choose 3)

A. Performance monitoring and troubleshooting

B. Enforcing wireless network security policy

C. Detecting and defending against eavesdropping attacks

D. Security monitoring and notification

E. Preventing physical carrier sense attacks

F. Classifying wired client devices

Given: WLAN protocol analyzers can read and record many wireless frame parameters.

What parameter is needed to physically locate rogue APs with a protocol analyzer?

A. SSID

B. IP Address

C. BSSID

D. Signal strength

E. RSN IE

F. Noise floor