CWSP-206 Online Practice Questions and Answers

In order to acquire credentials of a valid user on a public hotspot network, what attacks may be conducted? Choose the single completely correct answer.

A. MAC denial of service and/or physical theft

B. Social engineering and/or eavesdropping

C. Authentication cracking and/or RF DoS

D. Code injection and/or XSS

E. RF DoS and/or physical theft

Your organization is using EAP as an authentication framework with a specific type that meets the requirements of your corporate policies. Which one of the following statements is true related to this implementation?

A. The client STAs may communicate over the controlled port in order to authenticate as soon as the Open System authentication completes.

B. The client STAs may communicate over the uncontrolled port in order to authenticate as soon as the Open System authentication completes.

C. The client STAs may use a different, but complementary, EAP type than the AP STAs.

D. The client will be the authenticator in this scenario.

In an IEEE 802.11-compliant WLAN, when is the 802.1X Controlled Port placed into the unblocked state?

A. After EAP authentication is successful

B. After Open System authentication

C. After the 4-Way Handshake

D. After any Group Handshake

ABC Company is implementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources. What security best practices should be followed in this deployment scenario?

A. Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.

B. RADIUS services should be provided at branch offices so that authentication server and suppliant credentials are not sent over the Internet.

C. An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.

D. APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID for user accounting purposes.

ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection. What security characteristic and/or component plays a role in preventing data decryption?

A. 4-Way Handshake

B. PLCP Cyclic Redundancy Check (CRC)

C. Multi-factor authentication

D. Encrypted Passphrase Protocol (EPP)

E. Integrity Check Value (ICV)

The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?

A. PeerKey (PK)

B. Group Master Key (GMK)

C. Key Confirmation Key (KCK)

D. Pairwise Master Key (PMK)

E. Phase Shift Key (PSK)

F. Group Temporal Key (GTK)

For which one of the following purposes would a WIPS not be a good solution?

A. Enforcing wireless network security policy.

B. Detecting and defending against eavesdropping attacks.

C. Performance monitoring and troubleshooting.

D. Security monitoring and notification.

For a WIPS system to identify the location of a rogue WLAN device using location pattering (RF fingerprinting), what must be done as part of the WIPS installation?

A. A location chipset (GPS) must be installed with it.

B. At least six antennas must be installed in each sector.

C. The RF environment must be sampled during an RF calibration process.

D. All WIPS sensors must be installed as dual-purpose (AP/sensor) devices.

A network security auditor is preparing to perform a comprehensive assessment of an 802.11ac network's security. What task should be performed at the beginning of the audit to maximize the auditor's ability to expose network vulnerabilities?

A. Identify the IP subnet information for each network segment.

B. Identify the manufacturer of the wireless infrastructure hardware.

C. Identify the skill level of the wireless network security administrator(s).

D. Identify the manufacturer of the wireless intrusion prevention system.

E. Identify the wireless security solution(s) currently in use.

What preventative measures are performed by a WIPS against intrusions?

A. Uses SNMP to disable the switch port to which rogue APs connect.

B. Evil twin attack against a rogue AP.

C. EAPoL Reject frame flood against a rogue AP.

D. Deauthentication attack against a classified neighbor AP.

E. ASLEAP attack against a rogue AP.