CWSP-205 Online Practice Questions and Answers

Given: ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN.

Before creating the WLAN security policy, what should you ensure you possess?

A. Awareness of the exact vendor devices being installed

B. Management support for the process

C. End-user training manuals for the policies to be created

D. Security policy generation software

What wireless security protocol provides mutual authentication without using an X.509 certificate?

A. EAP-FAST

B. EAP-MD5

C. EAP-TLS

D. PEAPv0/EAP-MSCHAPv2

E. EAP-TTLS

F. PEAPv1/EAP-GTC

Given: A large enterprise is designing a secure, scalable, and manageable 802.11n WLAN that will support thousands of users. The enterprise will support both 802.1X/EAP-TTLS and PEAPv0/MSCHAPv2. Currently, the company is upgrading network servers as well and will replace their existing Microsoft IAS implementation with Microsoft NPS, querying Active Directory for user authentication.

For this organization, as they update their WLAN infrastructure, what WLAN controller feature will likely be least valuable?

A. WPA2-Enterprise authentication/encryption

B. Internal RADIUS server

C. WIPS support and integration

D. 802.1Q VLAN trunking

E. SNMPv3 support

The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?

A. Group Key Handshake

B. 802.1X/EAP authentication

C. DHCP Discovery

D. 4-Way Handshake

E. Passphrase-to-PSK mapping

F. RADIUS shared secret lookup

Given: The Marketing department's WLAN users need to reach their file and email server as well as the Internet, but should not have access to any other network resources.

What single WLAN security feature should be implemented to comply with these requirements?

A. Mutual authentication

B. Captive portal

C. Role-based access control

D. Group authentication

E. RADIUS policy accounting

Given: You are the WLAN administrator in your organization and you are required to monitor the network and ensure all active WLANs are providing RSNs. You have a laptop protocol analyzer configured.

In what frame could you see the existence or non-existence of proper RSN configuration parameters for each BSS through the RSN IE?

A. Probe request

B. Beacon

C. RTS

D. CTS

E. Data frames

What preventative measures are performed by a WIPS against intrusions?

A. EAPoL Reject frame flood against a rogue AP

B. Evil twin attack against a rogue AP

C. Deauthentication attack against a classified neighbor AP

D. ASLEAP attack against a rogue AP

E. Uses SNMP to disable the switch port to which rogue APs connect

Given: WLAN protocol analyzers can read and record many wireless frame parameters.

What parameter is needed to physically locate rogue APs with a protocol analyzer?

A. SSID

B. IP Address

C. BSSID

D. Signal strength

E. RSN IE

F. Noise floor

You work as the security administrator for your organization. In relation to the WLAN, you are viewing a dashboard that shows security threat, policy compliance and rogue threat charts. What type of system is in view?

A. Wireshark Protocol Analyzer

B. Wireless VPN Management Systems

C. Wireless Intrusion Prevention System

D. Distributed RF Spectrum Analyzer

E. WLAN Emulation System

Wireless Intrusion Prevention Systems (WIPS) provide what network security services? (Choose 2)

A. Configuration distribution for autonomous APs

B. Wireless vulnerability assessment

C. Application-layer traffic inspection

D. Analysis and reporting of AP CPU utilization

E. Policy enforcement and compliance management