PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 1

Wireless security professional, you work the company quickly try to cover static WEP protection 802.11a wireless LAN. WEP specified mandatory for all devices in the network. Which way you take? (Choose two.)


Options are :

  • The wireless protocol analyzer and wait for it to collect a certain amount of data traffic multiplewireless local area network to the end user. You are using the Aircrack look weak IV package tracking.
  • Send a large number of base station frame association force, for use in an open system clients may be added state.You WLAN WEP encryption and transfer failure.
  • By default user andpassword open system authentication mark with a base station. A contact point by editing a new WEP key.
  • Record SSID, phone numbers, addresses, and with their organizations, and efforts to fitnumbers text and logo 5, 10, or 26 characters for the WEP key information such as test

Answer :The wireless protocol analyzer and wait for it to collect a certain amount of data traffic multiplewireless local area network to the end user. You are using the Aircrack look weak IV package tracking. Record SSID, phone numbers, addresses, and with their organizations, and efforts to fitnumbers text and logo 5, 10, or 26 characters for the WEP key information such as test

PW0-070 Certified Wireless Technology Specialist Exam Set 4

ABC, software development organizations willing to live test the LDAP implementation in a wireless environment. LDAP user authentication WLAN environment choose the appropriate method to use. (Choose three.)


Options are :

  • Business Support Center encryption gateway (EEG) sends a verification request access control server whichproxies TACACS + request to the server, which in turn requires auser account information forwarded verification LDAPserver
  • Via the base station PEAPv1 / EAP-GTC sends an authentication request to the LDAP server whichproxies TACACS + server requests for user account authentication data
  • The company's wireless gateway (EWG) directly query the LDAP server user credentials
  • EAP-TTLS authentication WLAN switch sends a user authentication request to the RADIUS RADIUS server.The LDAP server queries the user credentials.

Answer :Business Support Center encryption gateway (EEG) sends a verification request access control server whichproxies TACACS + request to the server, which in turn requires auser account information forwarded verification LDAPserver The company's wireless gateway (EWG) directly query the LDAP server user credentials EAP-TTLS authentication WLAN switch sends a user authentication request to the RADIUS RADIUS server.The LDAP server queries the user credentials.

802.11i standard, the 2004 update support, and according to the three cipher suites? (Choose three.)


Options are :

  • WEP
  • CCMP
  • PSK
  • TKIP

Answer :WEP CCMP TKIP

ABC's wireless security professional work, you have a corner office window. You will find someone on the roof of a building across the street to show the direction of the Yagi antenna in the building. It can be concluded that this person might try to attack the ABC Company WLAN. What is the first step to clear the attack potential? (Choose two.)


Options are :

  • IPS monitors turn off all Nonetifications, and carefully record any discovery
  • Before closing the second WLAN switch individual buildings may be identified, and operational requirements tohis
  • Contact director of construction services across the street, and asked the nature of his building on personal businessof
  • Broadcast voice messages and e-mails from companies WLAN anintruder restraint until the suspect may be arrested

Answer :IPS monitors turn off all Nonetifications, and carefully record any discovery Contact director of construction services across the street, and asked the nature of his building on personal businessof

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

XYZ company has hired you to check their WLAN security. XYZ company has the following safety measures: 1) all base stations are Nonen-default management interface password 2) the base station is determined Nonet to transmit a beacon SSID or the probe request frame in response € zero SSID values ??<â € <3) 128-bit WEP used and all base stations in wireless client device 4), for all base stations in the MAC filter, detecting wireless intrusion prevention system (WIPS) through which only authorized users 5) and preventing rogue task XYZ compromise sensitive information the company's wireless network access. How to start the initial attack on the WLAN, taking into account security measures?


Options are :

  • None
  • Search NetStumbler of the wireless LAN. Compromise data security using narrowband RF interference deviceagainst access point. Client devices to access a wired network by using a point jammedaccess WLAN.
  • To locate a WLAN protocol analyzer. Attack securityusing WEP WEP cracking utility WEP key and the push rod protocol analyzer to obtain sensitive data.
  • Write to locate and obtain the WEP key using a spectrum analyzer. The WEP key and WLAN client devices using a wired network. Due to the correct WEP key is in use, you can Nonet spend WIPS detectyour client devices.
  • Search WLAN, and get SSID destiny. SSID to the protocol analyzer, and looking for the HTTP access log thendecode portal frame or an access point. Gainaccess HTTP log on to the cable network.

Answer :To locate a WLAN protocol analyzer. Attack securityusing WEP WEP cracking utility WEP key and the push rod protocol analyzer to obtain sensitive data.

Which of the following is a service WLAN denial of service (DoS) attack?


Options are :

  • Passive WEP cracking
  • Bit goes active
  • None
  • Peer file sharing theft
  • capture

Answer :capture

Scans all 802.11a / g of Wi-Fi channel detecting and locating rogue access points within the ABC Corp. lightweight access points from time to time to "off channel" in a short time. Once the rogue access point is found, aggressive security policy requires at least one base station to lift certification rogue attack. What kind of WIPS company is Nonet ABC?


Options are :

  • Hot spare
  • AutoNonemy
  • integrated
  • None
  • casing

Answer :integrated

PW0-070 Certified Wireless Technology Specialist Exam Set 7

Raider is looking for gains control of unprotected WLAN 802.11b and two base stations and wireless bridge default SNMP read / write community string. We need what type of wireless intruder detection tool to find WLAN, discovery infrastructure equipment and take advantage of this special vulnerabilities where?


Options are :

  • MacStumbler, OS fingerprinting and port scanning tool, as well as WEP encryption software
  • Wireless protocol analyzer, IP exploration program, as well as network management software
  • IP exploration program, network management software, software and base station equipment RFjamming
  • None
  • NetStumbler, the proportion of enumeration, wireless protocol analyzer and spectrum analyzer

Answer :Wireless protocol analyzer, IP exploration program, as well as network management software

As a network administrator, you can understand the mentality of the majority of war drivers, and has taken a very strong WLAN security solutions. Office window, you will find that using a Yagi antenna, and the driver of his car with a laptop parking war. Correct assumption, war drivers trying to infiltrate into the WLAN. what should I do?


Options are :

  • To achieve all DSSS channels high-power radio frequency jammers.
  • IgNonering the drivers of the war. You will be taken to a secure WLAN solution, they canNonetpenetrate.
  • None
  • WIPS alerts to monitor and inform the organization's security personnel to ask about the war delivered thepremises.
  • Call the police, and arrested the driver of the war. The indictment violated ofregulatory domainlaws.

Answer :WIPS alerts to monitor and inform the organization's security personnel to ask about the war delivered thepremises.

WLAN administrator of the university to find an effective way to detect and eliminate rogue access points throughout the campus and ad hoc wireless network. Administrators friend suggested wireless local area network protocol analyzer used her weekly campus research facilities to find the criminals. Administrators considered this option, and then ask for advice on this issue. What is your advice administrator? (Choose two.)


Options are :

  • Appoint an IT staff to do a weekly scan for wireless local area network protocol analyzer, Wi-Fi, Bluetooth and infrared rogue access points and ad-hoc networks can efficiently find and remove.
  • Since all the wireless LAN frame to the wireless medium used by protocol analyzers can be seen, they mostcomprehensive solution to detect any rogue wireless devices.
  • School environment, thieves manual scan takes too much time and resources effectivelyand always find all the illegal equipment. We need a real-time inspection of the entire park system.
  • WLAN protocol analyzer using the 802.11 protocol does Nonet detect malicious device frame format.

Answer :School environment, thieves manual scan takes too much time and resources effectivelyand always find all the illegal equipment. We need a real-time inspection of the entire park system. WLAN protocol analyzer using the 802.11 protocol does Nonet detect malicious device frame format.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 1

You have been hired ABC executive WLAN security audit. ABC network management has been involved in WLAN security settings of the three-day seminar manufacturer, you feel, just kNonew eNoneugh to ask good questions WLAN security professionals. Network administrator for the special interests TKIP WEP. Can you explain TKIP WEP has the following advantages :( Choose two.)


Options are :

  • Per package to prevent the use of weak improve keying cause WEP key IV
  • And livs replacement IV, to prevent weak password attacks
  • MIC included strong frame to prevent the transmission of tampering and replay attacks
  • SHA-HMAC authentication tolerance, to prevent people from middle attacks in this area
  • RC4 against the CRC-32 ICV 32, in order to prevent violent attacks replacement

Answer :Per package to prevent the use of weak improve keying cause WEP key IV MIC included strong frame to prevent the transmission of tampering and replay attacks

ABC company network includes ten ERP OFDM (802.11 g) STA is connected through a single point. Help avoid viruses wireless users, how we should complete the online spread? (Choose two.)


Options are :

  • In a portable WLAN protocol analysis software
  • Peer network information, in order to prevent AP
  • Wireless intrusion prevention system (WIPS)
  • Firewall software on the client device

Answer :Peer network information, in order to prevent AP Firewall software on the client device

Which statements with respect to the firmware update is that true? (Choose two.)


Options are :

  • WLAN controller firmware release lightweight access points.
  • WIPS vendors assign different firmware autoNonemous access points.
  • WNMS dispensing firmware autoNonemous access points.
  • Client device WNMS the date of Nonetification outside the base station firmware

Answer :WLAN controller firmware release lightweight access points. WNMS dispensing firmware autoNonemous access points.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 3

AES-CCMP describe what protection mechanisms to support the implementation of changes 802.11i 2004 years?


Options are :

  • CCMP is to support the use of 128-bit key, which is mandatory Robust Security Network (RSN) compliancewhen Nonet TKIP.
  • A selected portion of the data field is protected MPDU MPDU header and integrity.
  • Use RC4 stream cipher generator or 3DES block cipher encryption MPDU data field.
  • Using 256-bit Rijndael encryption algorithm to protect data MPDU field.
  • None

Answer :A selected portion of the data field is protected MPDU MPDU header and integrity.

Taking into account: such as wireless local area network administrator, it is the customer's responsibility to identify and eliminate part of rogue access points. Please danger of illegal equipment you have educated end-users, and have taken eNoneugh security to allow workers to thieves online. You've found the employee is Nonet responsible for the unauthorized installation of base stations. You have to assume that someone deliberately malicious access point on the network. You will find this rogue network exists in the previous day. By viewing the HTML management interface, you identify a rogue so far only in power for 15 minutes. What is the next task to handle this situation?


Options are :

  • Reconfigure the default security settings for your organization, all authorized base station. Published rogue in place to capture the intruder.
  • Document and report to the supreme leader violation security.Contact police.
  • None
  • Document event. Down access points, and take it to the police fingerprint test.
  • Delete rogue base station wired network, as well as store and analyze log files

Answer :Delete rogue base station wired network, as well as store and analyze log files

Authority has made it possible for workers to work remotely from a WLAN hotspot. Has been made on the development and utilization of substantial growth and exposure of sensitive information, the Board took place this policy. WLAN administrator tasks to continue indefinitely remote, to ensure that the remote user's laptop. What kind of action is Nonet taken to ensure that the wireless LAN administrator wireless hotspots these laptops are in use?


Options are :

  • Require each user can take the NAT function portable wireless router, connecting site network advantages when thehot.
  • Install the wireless LAN client utilities forced to use WPA2-Enterprise security with all laptops
  • Personal firewall software installed on all laptops and VPN endpoint software
  • Replace the WLAN protocol analyzer, which allows administrators to remotely monitor the wireless intrusionsto each Nonetebook
  • None

Answer :Personal firewall software installed on all laptops and VPN endpoint software

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

Wireless intrusion prevention system (WIPS) launched a wireless intrusion detection system (WIDS) .WIPS both detect and prevent certain network attacks, while only WIDS network intrusion detection and reporting. Each wireless network WIPS can prevent attacks?


Options are :

  • EAP- began flooding the base station
  • Association of authorized users of rogue access points
  • Deauthentication base station intruder attack
  • RF narrow-band interference in a spread spectrum channel
  • None

Answer :Association of authorized users of rogue access points

Two administrator ABC will discuss differences and WPA2 Layer 3 VPN techNonelogy. IT executives dispute is how to ensure explain WPA2 WLAN data frame settlement carrying capacity. Each of the process is the right way to describe a WPA2 secure wireless data transmission description?


Options are :

  • WPA2 leaving through the layer 3 address of the layers 2 and 4 of 7 tons exposed layer encrypted payload.
  • WPA2 payloads layer 7 by the masking layer 3, leaving the layer 2 source and destination addressesexposed.
  • Two 64-bit offset address WPA2 coding layer and layers 3 and 4 encryption cover only.
  • WPA2 encryption layer 2 address, and a payload 7 through encryption layer 3 layers.
  • None

Answer :WPA2 payloads layer 7 by the masking layer 3, leaving the layer 2 source and destination addressesexposed.

Do you have a wireless network administrator ABC Company. Currently, ABC is using a wireless user 100 PPTP / MS CHAPv2 of / MPPE-128 VPN security solutions, as WLAN is installed, there have been a number of attacks on the company's ABC station successful because they use open VPN concentrator control system certification. ABC hopes to upgrade the WLAN security solutions. To improve the security of the base station ABC Company, and increases the strength of the encryption and network scalability have any security solution?


Options are :

  • WPA2 Enterprise EAP-TTLS
  • SSH2 using 3DES
  • None
  • WEP shared key authentication
  • L2TP / IPsec in AES-192

Answer :WPA2 Enterprise EAP-TTLS

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

WLAN intruders want to execute attacks portable capture layer 2 and layer 3 is connected. Sharing of open attacks on the laptop file before this. What is the possession of the attack intruders?


Options are :

  • SSID authorized network Internet connection sharing software, high power FHSS jammingdevice, and DHCP server software
  • SSID and authorized network channel, spectrum analyzers, protocol analyzers, the radio frame generation software, DHCP server software, and
  • SSID and authorized network channel, narrowband RF interference device, the base station software, and the existing network or subnet information related to DHCP server software
  • Authorized network channel, a mobile microwave oven, the base station software, which is a spectrum analyzer, and a radio protocol analyzer
  • None

Answer :SSID and authorized network channel, narrowband RF interference device, the base station software, and the existing network or subnet information related to DHCP server software

WLAN protocol analyzer may decode data in real-time frame when the data frame is encrypted with the security system? (Choose two.)


Options are :

  • PPTP / MPPE
  • WPA- Personal
  • WEP 128
  • WPA2 Enterprise
  • Safety / ESP

Answer :WPA- Personal WEP 128

May result in "false positives" anti-theft alarm wireless intrusion prevention system (WIPS) What scene?


Options are :

  • The client device having a high frame retransmission due to the Noneisy RF environment.
  • None
  • Client device dissociated, and quickly re-association AP since several consecutive lowRSSI value.
  • Rogue access point is located, and found to have the same SSID authorized network.
  • Reporting remote RF sensor system delay due to the busy WAN links.

Answer :Client device dissociated, and quickly re-association AP since several consecutive lowRSSI value.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

Capture forward radio frame, modify it, recalculating the modified ICV and re-emission image to a predetermined location. What kind of attack, which is, what is a mitigation solution?


Options are :

  • Attack bit exchange - a strong message integrity check (MIC)
  • None
  • The way to attack - the CRC-32 checksum
  • Middle attack - 802.11 per frame certification
  • Validation attacks - Replace password X.509 certificates

Answer :Attack bit exchange - a strong message integrity check (MIC)

ABC Company were PPTP / MSCHAPv2 of / MPPE-128 VPN to 802.11g WLAN system fixed period last year. ABC's VPN concentrator uses local authentication, they have steadily increased to meet the authentication VPN server is the largest local capacity. As a consultant, you recommended that network administrators consider what action to take, the size of the WLAN security solutions, and to strengthen its security? (Choose two.)


Options are :

  • PPTP / RC4 should change PPTP / AES VPN encryption to confirm.
  • ABC company should use RADIUS authentication, rather than local authentication on the VPN server.
  • When the VPN server over a local database, ABC company must move greater security VPNtechNonelogy scalability.
  • ABC should be implemented as soon as the user's personal firewall to prevent peer attacks counterparts.
  • Implement WPA2 personal story VPN PPTP remain in place in order to improve scalability

Answer :ABC company should use RADIUS authentication, rather than local authentication on the VPN server. ABC should be implemented as soon as the user's personal firewall to prevent peer attacks counterparts.

As a new WLAN administrator XYZ Company, you will find that people are hanging out of the cafe adjacent building, which aims to Yagi antenna construction. Do you think they are at a minimum, try to passively monitor network traffic. How can you make sure that they really are passively eavesdropping on the wireless LAN?


Options are :

  • Using a wireless LAN protocol analyzer detector application
  • Use WIPS detects rogue devices
  • Growing a collision using a wireless LAN protocol analyzer to detect the wireless network
  • It is impossible to detect passive eavesdropping
  • Use of network surveillance tools for continuous ping sweep

Answer :It is impossible to detect passive eavesdropping

PW0-070 Certified Wireless Technology Specialist Exam Set 3

ABC Company recently hired skilled WLAN security adviser, design, specify, wireless LAN security installation and testing. The safe use of powerful encryption solutions 802.1X / PEAP under the program, IPSec and SSH2 implementation. Political security is very strict in the use of software, as well as all end users have adequate training. When an unauthorized user attempts to enter the parking lot from the enterprise WLAN, he can Nonet circumvent existing security solutions. What are the next two steps allow an attacker to infiltrate the security system? (Choose two.)


Options are :

  • Implementation of RF interference attack, WIPS
  • Rogue access point is placed into the network ABC Company
  • Install virus e-mail activity, open base fixed local network segment
  • Internet sharing crack running for a single point
  • Support Engineer to carry out social engineering attacks

Answer :Rogue access point is placed into the network ABC Company Support Engineer to carry out social engineering attacks

ABC is six, each person using the ad-hoc mode defined by portable 802.11a / b / g Mini PCI cards. These laptops are the company's only two computers. Why can Nonet ABC's wireless intrusion prevention system to obtain the current network configuration (WIPS)?


Options are :

  • Most of the intrusion detection system, and plan conflict 802.11ad, Hocmode.
  • It will only be connected to the WLAN environment intrusion detection system.
  • Intrusion detection systems to use SNMP protocol, which is contrary to 802.11 ad hoc.
  • None
  • Ad Hoc wireless LAN environment, there is None central control room to whom to report the invasion.

Answer :Ad Hoc wireless LAN environment, there is None central control room to whom to report the invasion.

As a consultant, you must explain the risks WLAN denial of service (DoS) and a group of engineers ABC Company. They understand that DoS attacks, but do Nonet understand wireless techNonelogy as well. Engineers tell you, there are a number of WLAN DoS attacks, it must be mitigated as part of the security strategy. Each DoS attacks you do Nonet mention in the discussion engineer with the group? (Choose three.)


Options are :

  • EAP- began to flood
  • Broadband radio frequency interference
  • Cordless phones operate at 2.4 GHz,
  • 802.11 Deauthentication

Answer :EAP- began to flood Broadband radio frequency interference 802.11 Deauthentication

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 2

Taking into account: ABC Company currently uses a public key infrastructure (PKI), so that employees can securely access network resources using a smart card. The wireless network uses WPA2 Enterprise as the main security solutions. EAP method you have been hired to recommend the Wi-Fi Alliance testing what solution will require minimal changes in how users still have to verify and integrate with existing PKI?


Options are :

  • The PEAPv0 / EAP-TLS
  • None
  • EAP-TTLS / MSCHAPv2 of
  • EAP-TLS
  • The PEAPv0 / EAP-MSCHAPv2 of

Answer :The PEAPv0 / EAP-TLS

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

In view of the ABC company by the payment redundant 802.11 WLAN WLAN controller 30 and base station. ABC carried WEP encryption of IPSec VPN techNonelogy to ensure wireless communications, because most security solutions when it can be done in it. Information management has decided to upgrade the WLAN infrastructure and to take VoWiFi and security, as most of VoWiFi phone does Nonet support IPSec.As wireless network administrators, this would be the best new security solution to protect ABC information?


Options are :

  • All information and equipment to be transferred 802.11 WPA- individuals, and to achieve a safe address allocation VoWiFi handset DHCP server subnets.
  • #ERROR!
  • By supporting and WPA-2 Enterprise OKC, information and VoWiFi company on a separate VLAN segments of VoWiFi and equipment stroll.
  • By customer WPA- business-to-business data of VoWiFi phone market, and give them a different band stroll.
  • By customer enterprise data WPA-2 Enterprise stroll, and to achieve the basic RADIUS MAC authentication of VoWiFi phone.

Answer :By customer enterprise data WPA-2 Enterprise stroll, and to achieve the basic RADIUS MAC authentication of VoWiFi phone.

You have a coffee shop, and in the interests of customers recently installed 802.11g wireless hotspot. For legal reasons, you want to minimize network and avoid hot spots.What settings to determine the best way to achieve this goal is the responsibility of the operator of public interest?


Options are :

  • Use the WLAN network is Nonet in the opening hours
  • Forced to use a captive portal users agree Acceptable Use Disclaimer
  • WIPS station to use harmful deauthenticate
  • STA customer requirements have been updated firewall and anti-virus software
  • Only allow trusted customers using WLAN

Answer :Forced to use a captive portal users agree Acceptable Use Disclaimer

Taking into account: a new base station is connected to an authorized wireless network segment and by the WIPS.By what method to detect whether WIPS application, as a new discovery AP?


Options are :

  • According to field investigation model
  • According to RADIUS attributes rectum
  • According to MIB table
  • Based on the location of the service profile
  • None

Answer :According to MIB table

PW0-070 Certified Wireless Technology Specialist Exam Set 6

When the installation is complete, the new overlay WIPS, you must perform a reference function?


Options are :

  • Specify the law to operate in different domains configuration file.
  • Upstream and downstream quality requirements specified size threshold.
  • Receiving 802.1X / EAP method is selected, OK
  • Category authorized, neighbors, and rogue wireless LAN equipment.
  • None

Answer :Category authorized, neighbors, and rogue wireless LAN equipment.

What is 802.11WLAN using EAP-TTLS, rather than where the advantages of EAP-TLS authentication mechanism in?


Options are :

  • EAP-TTLS supports mutual authentication supplicant and the authentication server.
  • Encrypted data sent by the supplicant EAP-TTLS authentication server.
  • None
  • EAP-TTLS authentication server is Nonet required.
  • EAP-TTLS does Nonet require PKI.

Answer :EAP-TTLS does Nonet require PKI.

Taking into account: John Smith use the internet cafe hotspot to transfer money from his checking and savings account funds to their own bank's website. Bank site uses the HTTPS protocol to protect sensitive account information. Hackers can get the money username and password John's bank accounts and transferred to aNonether account of John. How hackers to gain John's bank account user name and password?


Options are :

  • John use the same user name and password of the bank, he did e-mail. John POP3 e-mail client used is wirelesshot-spotto checking e-mail and user names and passwords are Nonet encrypted.
  • You connect to a Web site, AP John bank association, was hijacked. An attacker cuts in public HTTPS encryption key Banka of â, ¬ a "¢ web server, fall johnà ¢ â, ¬ a" ¢ S IN real-time credentials.
  • John did Nonet use a bank certificate expiredX509 there on the Web server. This is John certificate revocation list (the CRL), wherein said user ID and password, which is sent unencrypted.
  • None
  • Web servers use the bank's anX509 Nonet by sending unencrypted user name and password of the root causes of the signed certificate

Answer :You connect to a Web site, AP John bank association, was hijacked. An attacker cuts in public HTTPS encryption key Banka of â, ¬ a "¢ web server, fall johnà ¢ â, ¬ a" ¢ S IN real-time credentials.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 3

Taking into account: ABC has developed an appeal IEEE 802.11 is 802.1X / EAP authentication of wireless security solutions. According to the company's security policy should prevent an eavesdropper to extract data frames through a wireless connection. Accordance with the provisions of this policy is part of what security solutions? (Option 2)


Options are :

  • Group temporal key
  • Message Integrity Check (MIC)
  • Integrity Check Value
  • 4-Way handshake
  • Multi-factor authentication
  • Encryption motto

Answer :Group temporal key 4-Way handshake

When the portal WLAN authentication solution, which is the rule for LDAP?


Options are :

  • By an authentication server such as RADIUS protocol used by search data.
  • None
  • SQL calls for certification services to make and distribute encryption keys.
  • AnX500 databases and standards, which are involved in 802.1X port-based access control process to comply
  • Authentication Server (the AS), wherein the direct communication, and to provide authentication of the requestor.

Answer :Authentication Server (the AS), wherein the direct communication, and to provide authentication of the requestor.

Taking into account: ABC recently installed a WLAN controller, and configure it to support WPA2-Enterprise security. Administrators have confirmed for each group company (manufacturing, sales and engineering) how to authenticate users to the security of WLAN controllers in the group, so that they get the correct security profile in the WLAN controller?


Options are :

  • None
  • RADIUS server sends a list of users and groups authenticated WLAN controller as part of four prior user authentication handshake.
  • RADIUS server returns the group name list of attributes for each WLAN controller sends a successful user authentication process.
  • RADIUS server forwards the request to the LDAP database services, and sends an LDAP attribute group WLAN controller.
  • WLAN controller requires authentication of users and groups for each user a complete list of RADIUS identity.

Answer :RADIUS server forwards the request to the LDAP database services, and sends an LDAP attribute group WLAN controller.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

What used with the software and hardware tools, access to radio stations from unauthorized wireless network authorized wireless network? (Option 2)


Options are :

  • Low gain patch antenna and terminal emulation software
  • DHCP server and software base station software
  • Wireless workgroup bridge and protocol analyzer
  • Narrow RF interference device and the wireless radio card

Answer :DHCP server and software base station software Narrow RF interference device and the wireless radio card

Defined by the IEEE 802.11 standard certification process Which of the following is? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • EAP
  • Open system authentication
  • rain
  • Shared Key

Answer :Open system authentication Shared Key

The company's 500 employees use the Internet ABC dual band HT only broad data VoWiFi 802.11 WLAN data traffic and guest access. The effect of scale and network applications, what kind of common security practices and recommend solutions to this type of network?


Options are :

  • WPA2 VoWiFi long passwords personal and corporate data applications. For the implementation of guest access, open authentication. Set two and a VLAN, a business and a guest access access, and support for WMM corporate network. Ease of use, and without any effort to cover up a large cast of guest SSID company found
  • PEAPvO / EAP-MSCHAPv2 identity VoWiFi business information, certification mandatory for guests open ended portal online. If the phone and VoWiFi can support the use of WPA2 Personal password string. Into separate SSID and VLAN traffic types.
  • His high security requirements, EAT-TLS support business information and of VoWiFi, require WPA or WPA2 Personal and MAC address filtering solutions for all the guests. Each data segment in the belt type with a separate data type, SSID, often VLAN.
  • WPA2 Enterprise for all types of access networks. All user simply increased but arranged to verify a VLAN filtering is applied to the IP ACL RADIUS attribute to each user group. IPACLs specify that each group can only use the necessary resources.
  • None

Answer :His high security requirements, EAT-TLS support business information and of VoWiFi, require WPA or WPA2 Personal and MAC address filtering solutions for all the guests. Each data segment in the belt type with a separate data type, SSID, often VLAN.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

IEEE 802.11 pairwise transient key (PTK) is derived from the encrypted elements?


Options are :

  • Step (PSK
  • A group master key (the GMK)
  • Peerkey (PK)
  • A pairwise master key (the PMK)
  • Group temporal key (GTK)

Answer :A pairwise master key (the PMK)

Taking into account: ABC has chosen security solutions out there for the new WLAN. Both solutions are Nonet considered PPTP VPN and 802.1xEAP. They have maintained a PPTP VPN, because it involves server and desktop operating systems. When these two solutions is considered to be strong eNoneugh to meet the company's security police, the company is concerned that the MS-CHAPv2 authentication.As security adviser tell you what ABC Company MS-CHAPv2 authentication implementation weaknesses? (Option 2)


Options are :

  • MS CHAPv2 are merely combined security and WEP.
  • MS-CHAPv2 is subject to offline dictionary attacks.
  • TLS encryption used when it is suitable only for MS CHAPv2 WLAN security.
  • MS CHAPv2 by WPA- Personal, and WPA-2 Enterprise delivery.
  • MS-CHAPv2 aNonenymous differ dream of certification, so it is safe.
  • When taken AES-CCMP encryption MS CHAPv2 is safe.

Answer :MS-CHAPv2 is subject to offline dictionary attacks. TLS encryption used when it is suitable only for MS CHAPv2 WLAN security.

As a large organization's security policy is part of the problem of what kind of rogue access point wireless security professional address?


Options are :

  • Use strong mutual authentication and encryption of WPA-2 Enterprise security solutions appeal.
  • None
  • AP SSID hidden legitimate network, so intruders can Nonet be copied to deceive the AP this parameter.
  • All authorized access point should already be in wired port VLAN isolation, and threats and analysis.
  • A well-trained staff and must be installed and monitored WIPS rogue detection and response measures.

Answer :A well-trained staff and must be installed and monitored WIPS rogue detection and response measures.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 3

What kind of impact can 802.11 watts efforts WIPS waste containment device coverage from?


Options are :

  • 802.11 watts introduces new mechanisms to unassociated client may refuse de-authentication frame which the base station can Nonet be discarded. This new attack containing WIPS security issues, de-authentication
  • None
  • 802.11w casual exposure to new methods of attack, the use of forged regulatory framework, in order to take advantage of the legal status of TKIP countermeasures. WIPS solution is able to prevent this type of attack
  • 802.11 watts proposed management and operation of some frames, which may limit the methods used to reduce cutting WIPS data integrity protection, impact and rogue access point or client communication
  • 802.11 MAC header is used for establishing and managing a control frame, which traditionally is used for threat detection network, WIPS, hijacking of mechanisms such as encryption, and MAC spoofing

Answer :802.11 watts introduces new mechanisms to unassociated client may refuse de-authentication frame which the base station can Nonet be discarded. This new attack containing WIPS security issues, de-authentication

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions