Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

CWNP CWSP-207 - Certified Wireless Security Professional (CWSP)

CWNP CWSP-207 Premium Access     Download Demo    
Page: 3 / 4
Total 119 questions

Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

A.

The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

B.

The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

C.

4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

D.

The username can be looked up in a dictionary file that lists common username/password combinations.

A WLAN is implemented using WPA-Personal and MAC filtering.

To what common wireless network attacks is this network potentially vulnerable? (Choose 3)

A.

Offline dictionary attacks

B.

MAC Spoofing

C.

ASLEAP

D.

DoS

Given: You are using a Wireless Aggregator utility to combine multiple packet captures. One capture exists for each of channels 1, 6 and 11. What kind of troubleshooting are you likely performing with such a tool?

A.

Wireless adapter failure analysis.

B.

Interference source location.

C.

Fast secure roaming problems.

D.

Narrowband DoS attack detection.

Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation’s wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user’s connections. XYZ’s legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices.

With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

A.

All WLAN clients will reassociate to the consultant’s software AP if the consultant’s software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.

B.

A higher SSID priority value configured in the Beacon frames of the consultant’s software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.

C.

When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant’s software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.

D.

If the consultant’s software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ’s current 802.11b data rates, all WLAN clients will reassociate to the faster AP.

What software and hardware tools are used together to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network? (Choose 2)

A.

RF jamming device and a wireless radio card

B.

A low-gain patch antenna and terminal emulation software

C.

A wireless workgroup bridge and a protocol analyzer

D.

DHCP server software and access point software

E.

MAC spoofing software and MAC DoS software

What 802.11 WLAN security problem is directly addressed by mutual authentication?

A.

Wireless hijacking attacks

B.

Weak password policies

C.

MAC spoofing

D.

Disassociation attacks

E.

Offline dictionary attacks

F.

Weak Initialization Vectors

You are configuring seven APs to prevent common security attacks. The APs are to be installed in a small business and to reduce costs, the company decided to install all consumer-grade wireless routers. The wireless routers will connect to a switch, which connects directly to the Internet connection providing 50 Mbps of Internet bandwidth that will be shared among 53 wireless clients and 17 wired clients.

To ensure the wireless network is as secure as possible from common attacks, what security measure can you implement given only the hardware referenced?

A.

WPA-Enterprise

B.

802.1X/EAP-PEAP

C.

WPA2-Enterprise

D.

WPA2-Personal

As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?

A.

Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.

B.

Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.

C.

Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.

D.

A trained employee should install and configure a WIPS for rogue detection and response measures.

E.

Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

What elements should be addressed by a WLAN security policy? (Choose 2)

A.

Enabling encryption to prevent MAC addresses from being sent in clear text

B.

How to prevent non-IT employees from learning about and reading the user security policy

C.

End-user training for password selection and acceptable network use

D.

The exact passwords to be used for administration interfaces on infrastructure devices

E.

Social engineering recognition and mitigation techniques

Given: ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN.

Before creating the WLAN security policy, what should you ensure you possess?

A.

Awareness of the exact vendor devices being installed

B.

Management support for the process

C.

End-user training manuals for the policies to be created

D.

Security policy generation software