CWNP cwsp-206 practice test

Certified Wireless Security Professional (CWSP) Exam


Question 1

A WLAN protocol analyzer trace reveals the following sequence of frames (excluding the ACK
frames):
802.11 Probe Req and 802.11 Probe Rsp
802.11 Auth and then another 802.11 Auth
802.11 Assoc Req and 802.11 Assoc Rsp
EAPOL-KEY
EAPOL-KEY
EAPOL-KEY
EAPOL-KEY
What security mechanism is being used on the WLAN?

  • A. WPA2-Personal
  • B. 802.1X/LEAP
  • C. EAP-TLS
  • D. WPA-Enterprise
  • E. WEP-128
Answer:

A

Discussions

Question 2

After completing the installation of a new overlay WIPS for the purpose of rogue detection and
security monitoring at your corporate headquarters, what baseline function MUST be performed in
order to identify the security threats?

  • A. Separate security profiles must be defined for network operation in different regulatory domains.
  • B. WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.
  • C. Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements are being met.
  • D. Authorized PEAP usernames must be added to the WIPS server’s user database.
Answer:

B

Discussions

Question 3

WLAN protocol analyzers can read and record many wireless frame parameters. What parameter is
needed to physically locate rogue APs with a protocol analyzer?

  • A. IP Address
  • B. Noise floor
  • C. RSN IE
  • D. SSID
  • E. Signal strength
  • F. BSSID
Answer:

E

Discussions

Question 4

When monitoring APs within a LAN using a Wireless Network Management System (WNMS), what
secure protocol may be used by the WNMS to issue configuration changes to APs?

  • A. PPTP
  • B. 802.1X/EAP
  • C. TFTP
  • D. SNMPv3
  • E. IPSec/ESP
Answer:

D

Discussions

Question 5

What preventative measures are performed by a WIPS against intrusions?

  • A. Uses SNMP to disable the switch port to which rogue APs connect.
  • B. Evil twin attack against a rogue AP.
  • C. EAPoL Reject frame flood against a rogue AP.
  • D. Deauthentication attack against a classified neighbor AP.
  • E. ASLEAP attack against a rogue AP.
Answer:

A

Discussions

Question 6

What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA
or WPA2 is in use?

  • A. Group Cipher Suite
  • B. Pairwise Cipher Suite List
  • C. AKM Suite List
  • D. RSN Capabilities
Answer:

C

Discussions

Question 7

What security vulnerability may result from a lack of staging, change management, and installation
procedures for WLAN infrastructure equipment?

  • A. The WLAN system may be open to RF Denial-of-Service attacks.
  • B. Authentication cracking of 64-bit Hex WPA-Personal PSK.
  • C. AES-CCMP encryption keys may be decrypted.
  • D. WIPS may not classify authorized, rogue, and neighbor APs accurately.
Answer:

D

Discussions

Question 8

What attack cannot be detected by a Wireless Intrusion Prevention System (WIPS)?

  • A. Deauthentication flood
  • B. Soft AP
  • C. EAP flood
  • D. Eavesdropping
  • E. MAC Spoofing
  • F. Hotspotter
Answer:

D

Discussions

Question 9

You are the WLAN administrator in your organization and you are required to monitor the network
and ensure all active WLANs are providing RSNs. You have a laptop protocol analyzer configured. In
what frame could you see the existence or non-existence of proper RSN configuration parameters for
each BSS through the RSN IE?

  • A. CTS
  • B. Beacon
  • C. RTS
  • D. Data frames
  • E. Probe request
Answer:

B

Discussions

Question 10

The following numbered items show some of the contents of each of the four frames exchanged
during the 4-way handshake.
Encrypted GTK sent
Confirmation of temporal key installation
ANonce sent from authenticator to supplicant
SNonce sent from supplicant to authenticator, MIC included
Arrange the frames in the correct sequence beginning with the start of the 4-way handshake.

  • A. 1, 2, 3, 4
  • B. 3, 4, 1, 2
  • C. 4, 3, 1, 2
  • D. 2, 3, 4, 1
Answer:

B

Discussions
To page 2