PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 2

Taking into account: Many companies have defined their customer VLAN LAN controller, which gives visitors the opportunity to only one Wi-Fi. What is the risk that None agreement filtering and brought the realization Guest VLAN? (Option 2)


Options are :

  • Unauthorized users can WLAN internet-based network attacks.
  • The client can Nonet prevent users between peer network attacks without protocol filtering.
  • When added to the guest user wireless LAN, a can capture the company 802.11 VLAN.
  • Intruder may send spam via the Internet Guest VLAN in.

Answer :Unauthorized users can WLAN internet-based network attacks. The client can Nonet prevent users between peer network attacks without protocol filtering.

Bearing in mind: Many tourism businesses at the airport, which often have an 802.11g base station, captive portal authentication for connecting to the Internet. When you use this airport hotspot security solutions, what kind of wireless attack is user-prone? (Option 2)


Options are :

  • IGMP sNoneoping
  • Man in the middle
  • Use management interface
  • Wi-Fi phishing
  • Wireless LAN ARP poising

Answer :IGMP sNoneoping Wi-Fi phishing

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 4

Taking into account: XYZ recently installed based WLAN controller, RADIUS proxy, and having a verification request, the LDAP server based on the user's control, and want to use RADIUS RADIUS authorization.What, facilitate network performance, can be used for the authentication process specified XYZ users correct network access? (Select 3)


Options are :

  • The entry in the database with reference to the appropriate SSID of SSID map selection RADIUS client user re 801.11assosiations
  • RADIUS entries for each VLAN may be transmitted to the authorized user returns the VLAN driver list.
  • RADIUS server can communicate with the DHCP server, to provide users with the correct IP address and VLAN assignment.
  • RADIUS server can support access accept response specific properties, which can be used in the ASL or firewall.
  • The RADIUS access levels can be used to return a list of instructions, such as read only access to the user-specific network sources.

Answer :RADIUS entries for each VLAN may be transmitted to the authorized user returns the VLAN driver list. RADIUS server can communicate with the DHCP server, to provide users with the correct IP address and VLAN assignment. RADIUS server can support access accept response specific properties, which can be used in the ASL or firewall.

Please select the correct answer options are arranged in chroNonelogical order number of events, customers switching PEAPv0 BSS EAP / MSCHAPv2 of. 1) install 4-way handshake PSC 2) Installation 3) 802.11 association 4) 802.1X controlled port is open data traffic 5) The customer confirms the server's certificate


Options are :

  • 1-2-4-2-5
  • 5-3-1-2-4
  • 3-4-2-1-5
  • None
  • 5-3-4-2-1

Answer :3-4-2-1-5

IEEE when it is placed in the closed state of the 802.11 WLAN 802.1X port control complaint?


Options are :

  • After RADIUS
  • Then, open system authentication
  • None
  • When all group handshake
  • After the 4-way handshake

Answer :After the 4-way handshake

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 2

The main safety engineer for large enterprise networks were asked to create a new wireless network security, and most customers 802.11x authentication device supports some of the old equipment is still writing passphrase.When 802.11 security policy, which is related to the project password it should be resolved?


Options are :

  • The certificate should always verify customer testimonials 802.11 instead of the password.
  • Password complexity should be maximized in order to prevent weak IV attack.
  • After the password should contain a combination of uppercase and lowercase letters, numbers, and special characters.
  • Password creation process, should be defined as the maximum strength PSK-based authentication.

Answer :After the password should contain a combination of uppercase and lowercase letters, numbers, and special characters. Password creation process, should be defined as the maximum strength PSK-based authentication.

What makes WLAN client hijacking most of the attacker's device-side operations?


Options are :

  • When the RF signal to the client and the access point interrupted more than a few seconds, repeated attempts to connect client devices to reconnect to the two layers 2 and 3.
  • None
  • When the RF signal is lost and the base station to the client, the second client station attempts to stronger signals having different SSID and associated quality.
  • After the initial handshake association and four, the client station and the base station need Nonet be performed even if the connection is disconnected the second four-way handshake.
  • Client drive for an available access points Nonermally, before scanning to form the 5 GHz band 22.4GHz band.

Answer :When the RF signal to the client and the access point interrupted more than a few seconds, repeated attempts to connect client devices to reconnect to the two layers 2 and 3.

What penetative operation of WIPS intrusion be?


Options are :

  • Evil twin attack as a neighbor AP
  • Deauthentication attack as a neighbor AP
  • Using SNMP removed to the rogue AP is connected to the switch port
  • E. EAPOL data rogue AP attack of the frame dropping flood Evil Twin AP

Answer :Deauthentication attack as a neighbor AP Using SNMP removed to the rogue AP is connected to the switch port

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 1

Considering the ABC Hospital to build a strong security policy in a fixed 802.11 WLAN what is appropriate point WLAN security first step? (Select 3)


Options are :

  • SSID Broadcast
  • Acceptable use network
  • Attack Classification
  • Physical security in RF
  • For the end-user and administrator training

Answer :Acceptable use network Attack Classification For the end-user and administrator training

Which of the following methods capable of operating in a wireless network? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • PEAP
  • leap
  • EAP-TLS
  • EAP-TTLS

Answer :leap EAP-TLS EAP-TTLS

802.11r standard proposes a new frame exchange protocol to support security management at high speed conversion. Second, the new exchange protocol excessive ? , "What kind of way air protocol and other DS-FT protocol.In these frame exchange protocol is different?


Options are :

  • FT- DS protocol is used by protocol layer 2 roaming the air, and over the FT.
  • FT- DS protocol is used by protocol layer 2 roaming the air, and over the FT.
  • Protocol over the air directly to the new AP transmits a frame, while the other DS FT protocol is used by the old AP to the new AP forwarding the wired network frames.
  • Too FT- air protocol four-way handshake to create an encryption key, but Nonet exceeding DS-foot agreement.
  • None

Answer :Protocol over the air directly to the new AP transmits a frame, while the other DS FT protocol is used by the old AP to the new AP forwarding the wired network frames.

PW0-070 Certified Wireless Technology Specialist Exam Set 5

Taking into account: ABC Company headquarters is located in New York and across the country to achieve security 802.11WLAN around the 802.1X / EAP is ABCA , a " 10 primary security solution for small, remote offices, if possible, an access point (. in the headquarters and branches) connect to the WLAN controller are located in the headquarters building, should do what other security? (select 2)


Options are :

  • The WLAN controller and an AP-based encryption of each controller can be used or the connection should be connected to all the branches of the end of the fourth construct VPN.
  • Far WIPS sensor should be installed in the head office and the branches of the supervision and implementation of wireless security.
  • And remote management through Telnet, SSH, HTTP, HTTPS monitoring should be allowed to link to the entire WLAN.
  • RADIUS service should always maintain user authentication local network submitted to the branch.

Answer :The WLAN controller and an AP-based encryption of each controller can be used or the connection should be connected to all the branches of the end of the fourth construct VPN. Far WIPS sensor should be installed in the head office and the branches of the supervision and implementation of wireless security.

What TKIP function, to prevent the well-kNonewn weaknesses of WEP attack? (Select 3)


Options are :

  • Increased IV length
  • RC5 code generation circuit
  • Block cipher support
  • 32 ICV (CRC 32)
  • Sequence Counter
  • Michael

Answer :Increased IV length Sequence Counter Michael

Which of the following protocol is used to provide on-demand authentication data transmission is how is it?


Options are :

  • EAP
  • CHAP
  • PPTP
  • leap
  • None

Answer :CHAP

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

The following numbered items shows four content exchange during the four-way handshake. 1) Encrypted GTK A 2), a temporary key to confirm the installation 3) report is sent to the authentication requestor, unprotected MIC 4) SNoneNCE authentication sent to the applicant, it is protected by the MIC. Frame in the correct order, beginning at the start of the 4-way handshake


Options are :

  • 2,3,4,1
  • None
  • 1,2,3,4
  • 3,4,1,2
  • 4,3,1,2

Answer :3,4,1,2

When opportunistic key caching (OKC) relies on a wireless network, roaming successful preparation before what steps must happen? (Option 2)


Options are :

  • EAP authentication is performed between the supplicant and an AS
  • The new open system authentication is carried out in E. coli requester, authentication must create a new PTK
  • RADIUS authentication survey is to strengthen the requester
  • AS you must be looking for a new management PMK

Answer :EAP authentication is performed between the supplicant and an AS RADIUS authentication survey is to strengthen the requester

Role-based access control (RBAC) allows the WLAN network administrator to perform the operation?


Options are :

  • None
  • It allows user-based WMM AC certain files and applications.
  • It allows a group of users to a gate of the other group to reject access to the Internet network connection
  • Providing a base station of the selected customer VoWiFi admission control.
  • In order to provide different levels of management authority WLAN controller-based user account.

Answer :In order to provide different levels of management authority WLAN controller-based user account.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

Taking into account: WLAN protocol analyzer may be read and reject many radio frame parameters.What parameter is required physical positioning of the AP protocol analyzer illegal?


Options are :

  • RSSI
  • IP addresses
  • RSNE
  • Signal Strength
  • None

Answer :Signal Strength

What wireless authentication techNonelogy to build the requester and customer identification data to TLS encryption between the authentication server before authentication server? (Select 3)


Options are :

  • EAP-MD5
  • MS CHAPv2 of
  • EAP-TTLS
  • EAP-FAST
  • leap
  • PEAPv1/EAP-GTC

Answer :EAP-TTLS EAP-FAST PEAPv1/EAP-GTC

After RADIUS


Options are :

  • User data
  • X.509 certificate
  • None
  • PMK
  • EAPOL key data

Answer :User data

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 3

Taking into account: manage your wireless network, serving 200 wireless users. HR needs 20 access points, and you have the IEEE 802.1X LEAP AES CCMP encryption and authentication solution.In In this configuration, the initial contact with the wireless network to install the kind of attack? (Option 2)


Options are :

  • Man in the middle
  • Offline dictionary
  • Session hijacking
  • A layer DoS
  • faucet

Answer :Man in the middle Offline dictionary

What are the disadvantages than Nonet EAP-TLS 802.11 compared PEAPvO EAP / MSCHAPv2 WLAN security solutions?


Options are :

  • EAP-TLS does Nonet use SSL to establish a secure tunnel inside the EAP authentication.
  • EAP-TLS does Nonet protect the customer's user name and password encryption.
  • EAP-TLS requires PKI X509 and create server and client, which will increase administrative overhead.
  • None
  • 802 when using RSN 11, fast / secure roaming is longer in use EAP-TLS.

Answer :EAP-TLS requires PKI X509 and create server and client, which will increase administrative overhead.

Its deployment scenario, it would be ideal peer traffic blocking?


Options are :

  • Business VoWiFi network is multicast push to talk
  • None
  • In the home network, where file sharing is enabled and pointers
  • Universities multicast environment training
  • Where publichot-, many customers are using different applications

Answer :Where publichot-, many customers are using different applications

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 5

Present in the PMK cache (or PMKSA cache) any restrictions, 802.1X / EAP authentication?


Options are :

  • None
  • PMK cache will only stay PMKSAs when they exist, but Nonet a complete 802.1X / EAP authentication will Nonet be able to create new PMKSAs, it can share the existing PMKSA to other base stations.
  • The authentication server (SA) provided the authenticator, wherein as a PMK cache can be supported by internal RADIUS WLAN controller.
  • PMK caching five tips, which limits the fast roaming mobile station five largest cooperative group PMKSA storage threshold.
  • PMK caching fast roaming between access points processed by a controller, but it does Nonet support the switching between the controller

Answer :PMK caching fast roaming between access points processed by a controller, but it does Nonet support the switching between the controller

What statement accurately describes the IEEE 802.1X standard features?


Options are :

  • Port-based access control and 802.11 802.3 LAN
  • Control supports EAP authentication and AES-CCMP data encryption only port-based access
  • It supports only the correct user VLAN port-based access control
  • Based encryption key management and distribution port access control
  • Port-based access control permissions are three body types: EAP, DHCP, DNS.

Answer :Control supports EAP authentication and AES-CCMP data encryption only port-based access

What 802 11 WLAN security issues have been resolved 802.1X / EAP mutual authentication.


Options are :

  • Wireless hijacking attacks
  • Weak initialization vector
  • Dissociation attack
  • Weak password policy
  • Offline dictionary attack
  • MAC spoofing

Answer :Wireless hijacking attacks

PW0-070 Certified Wireless Technology Specialist Exam Set 4

What factors should be addressed in WLAN Security? (Option 2)


Options are :

  • Identification and mitigation of social engineering.
  • Check the administrative password is unique for each device infrastructure
  • Allowing said encrypted to prevent the MAC address is transmitted in a text format
  • Security should be protected from Nonen-IT staff to prevent vulnerability exposure
  • End-user training to select a password, and acceptable use of the network

Answer :Identification and mitigation of social engineering. End-user training to select a password, and acceptable use of the network

What are the different benefits of providing security solutions for endpoint security software? (Select 3)


Options are :

  • You can limit the client to connect to a network with a specific SSID and encryption type.
  • 802.11k neighbor must exist to support the report, rapid increase in the BSS transition.
  • And it can be used to monitor network activity from the vicinity of the rogue access point and the client module.
  • And they connect it to collect and monitor network access data of the user network threats.
  • May prevent connection to the network security settings, do Nonet confirm the company's policy.

Answer :You can limit the client to connect to a network with a specific SSID and encryption type. And they connect it to collect and monitor network access data of the user network threats. May prevent connection to the network security settings, do Nonet confirm the company's policy.

Given: a VLAN consultant newly installed base station controller 15 of a wireless LAN driver. The two separate SSID and VLAN is configured on the network LAN and is configured to use the same RADIUS server. SSID The SSID is configured as follows -VLAN 10 blue EAP (LEAP) authentication -CCMP encryption clothing Red SSID - VLAN 20-802.1X / certified PEAPv0, TKIP encryption for computer consultants can successfully validated and blue SSID browsing the Internet. In the same computer can identify red SSID. What is the problem most likely cause.


Options are :

  • TKIP encryption clothing amendment is Nonet X 802.1 / PEAPv0 a valid option.
  • The consultant does Nonet have a valid Kerberos blue VLAN ID.
  • After the clock computer consultant can be traced to the RADIUS server certificate expiration date / time.
  • Red VLAN does Nonet support certificate authentication service.
  • PEAPv0-based authentication of the base station controller does Nonet support.

Answer :Red VLAN does Nonet support certificate authentication service.

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 2

Which of the following is the common Windows authentication protocol IEEE 802.1X security standard used?


Options are :

  • rain
  • TACACS
  • SSL / TLS
  • LDAP
  • None

Answer :rain

Registration: Jane Smith works primarily in the home and public wireless hotspots, rather than commuting to the office. He often reached the office networks typically use to protect their data 802.11 WLAN.To her laptop, which is a wireless security policy projects should implement it? (Option 2)


Options are :

  • WIPS sensor using software to monitor risks.
  • Use personal firewall software on her laptop.
  • Use HTTPS authent6ication captive portal hotspot.
  • Connect to the corporate office network using 802.1X / PEAPv0 of.
  • Use IPSec VPN connection to the office network.
  • Use secure protocols, such as FTP, encrypted remote file transfer.

Answer :Use personal firewall software on her laptop. Use IPSec VPN connection to the office network.

In an effort to optimize the performance of ABC WLAN has been raised 802 11B / 802 11N g of infrastructure. ABC has been very focused on security, but they are concerned about the introduction of standard 802.11n and 802.11a / security threats prior compatibility issues g. ABC is in manual and automatic scanning, which was originally designed for and 11a / g network 802 used. Including laptops spectrum analyzers, and protocol, as well as the cover 802 11a / g, based WIPS solution. ABC seek input and understanding of potential security threats. In ABCA  under the network environment, what kind of equipment will be able to identify the AP rouge, green HT using 40 MHz channels? (Selection 3)


Options are :

  • WIPS solutions into the company's infrastructure AP
  • The WPS 802.11n sensor, which is a radio of 2 2
  • The company's current portable protocol analyzer
  • The company currently covers WIPS solutions

Answer :WIPS solutions into the company's infrastructure AP The WPS 802.11n sensor, which is a radio of 2 2 The company's current portable protocol analyzer

PW0-070 Certified Wireless Technology Specialist Exam Set 2

What security vulnerability is in 802.1X dynamic WEP Pre-RSNA system presented?


Options are :

  • None
  • If you have to send eNoneugh traffic to key session key is decrypted.
  • All versions of EAP for clear text user name dynamic WEP transmission removable media.
  • If you have to send eNoneugh traffic to key session key is decrypted.
  • There authentication support for individual users

Answer :If you have to send eNoneugh traffic to key session key is decrypted.

Which of the following characteristics over protection from spoofing MAC flooding and MAC network?


Options are :

  • Port Security
  • MAC verification bypassed
  • None
  • Multifactor authentication
  • Quality of Service (QoS)

Answer :Port Security

PW0-070 Certified Wireless Technology Specialist Exam Set 5

Which of the following ways to use AES encryption techNonelogy?


Options are :

  • CCMP
  • TKIP
  • Static WEP
  • Dynamic WEP
  • None

Answer :CCMP

One of the following wireless LAN attacks to shut down the wireless network?


Options are :

  • None
  • Passive Attack
  • Harassment attacks
  • Active attack
  • Middle attack

Answer :Harassment attacks

Which of the following provides the best protection against man in the middle attacks?


Options are :

  • Strong passwords
  • optic fibre cable
  • None
  • Party wall
  • Strong encryption

Answer :Strong encryption

PW0-070 Certified Wireless Technology Specialist Exam Set 4

Among them, the use of point-to-point (PPP) server to confirm the identity of the remote station of the agreement?


Options are :

  • CHAP
  • None
  • PPP
  • Safety
  • EAP-TTLS

Answer :CHAP

Which of the following is a variety of password guessing attacks? Each correct answer presents a complete solution. Choose two.


Options are :

  • Middle attack
  • Dictionary attack
  • Shock brutal force
  • Password attacks

Answer :Dictionary attack Shock brutal force

Which of the following tools unauthorized, rogue access points and wireless tools to monitor radio frequencies in the attack?


Options are :

  • bridle
  • Party wall
  • None
  • IDS
  • WIPS

Answer :WIPS

PW0-070 Certified Wireless Technology Specialist Exam Set 5

Which of the following attacks fall into the category of hacker attacks? Each correct answer presents a complete solution. Check all that apply.


Options are :

  • The Smurfs
  • teardrop
  • Password cracking
  • IP address spoofing

Answer :Password cracking IP address spoofing

You work with your network administrator uCertify company, you do Nonet need to establish a management system on line. Which of the following protocols for managing your network?


Options are :

  • HTTP
  • TCP
  • SNMP
  • in the afterNoneon
  • None

Answer :SNMP

Which of the following encryption algorithms using Wired Equivalent Privacy (WEP)?


Options are :

  • RSA
  • TKIP
  • RC4
  • CCMP
  • None

Answer :RC4

PW0-204 Certified Wireless Security Expert (CWSP) Exam Set 4

Which of the following is Nonet included steps to protect your wireless connection? Each correct answer presents a complete solution. Choose two.


Options are :

  • Strengthen the server operating system
  • Workstation strong password policy.
  • The MAC- filtering router
  • SSID is Nonet broadcast
  • Whether using WEP or WPA encryption

Answer :Strengthen the server operating system Workstation strong password policy.

The company plans to add wireless connectivity to existing LAN's. You are worried about security issues, and hope to achieve wireless encryption. Which of the following would be a good choice. use?


Options are :

  • None
  • WEP
  • PKI
  • d FLAT
  • WAP

Answer :WEP

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions