PW0-204 Certified Wireless Security Professional (CWSP) Exam Set 3

You have been hired by ABC Corporation to perform a WLAN security audit. ABC's network manager has attended a one-day manufacturer's seminar on WLAN security and, in your opinion, knows only enough to ask good questions of a WLAN security professional. The network manager asks you about the specific advantages of TKIP over WEP. You explain that TKIP has the following advantages over WEP: (Choose two)


Options are :

  • Inclusion of SHA-HMAC authentication to prevent man-in-the-middle attacks
  • Replacement of CRC-32 with ICV-32 to prevent brute-force attacks against RC4
  • Inclusion of a strong MIC to prevent in-transit frame tampering and replay attacks
  • Improved per-packet keying to prevent weak IVs from being used to derive the WEP key
  • Replacement of IVs with LIVs to prevent attacks against weak passwords

Answer : Inclusion of a strong MIC to prevent in-transit frame tampering and replay attacks Improved per-packet keying to prevent weak IVs from being used to derive the WEP key

As a new WLAN administrator for XYZ Corp, you notice that people are hanging around the coffee shop next door to your building aiming Yagi antennas toward your building. You assume that they are, at a minimum, attempting to passively eavesdrop on your network's traffic. How can you verify that these people are indeed passively eavesdropping on your wireless LAN?


Options are :

  • It is not possible to detect passive eavesdropping
  • By using a WIPS to detect rogue devices
  • By using a network reconnaissance tool to perform continuous PING sweeps
  • By using a WLAN protocol analyzer detector application
  • By using a WLAN protocol analyzer to detect an increase of collisions on the wireless network

Answer : It is not possible to detect passive eavesdropping

PW0-204 Certified Wireless Security Professional (CWSP) Exam Set 4

You are a wireless network administrator for ABC Corporation. Currently ABC Corp has a VPN concentrator that uses a PPTP/MS-CHAPv2/MPPE-128 VPN security solution for its 100 WLAN users. Since the WLAN was installed, there have been multiple successful attacks against ABC Corp's access points since they are using Open System authentication. ABC Corp wants to update their WLAN security solution. Which security solution would improve the security of ABC Corp's access points while increasing encryption strength and network scalability?


Options are :

  • L2TP/IPSec with AES-192
  • SSH2 with 3DES
  • WEP with Shared Key authentication
  • WPA2-Enterprise with EAP-TTLS

Answer : WPA2-Enterprise with EAP-TTLS

ABC Corporation has recently hired a skilled wireless LAN security consultant to design, configure, install, and test a wireless LAN security implementation. The security implementation consists of 802.1X/PEAP, IPSec, and SSH2 solutions using the strongest available encryption. The security policy is very strict about use of the software solutions, and all end users have been sufficiently trained. When an unauthorized user tries to access the corporate WLAN from the parking lot, he cannot circumvent the existing security solutions. What are the next two steps the unauthorized user could take in order to penetrate the system's security? (Choose two)


Options are :

  • Perform a social engineering attack against help desk personnel
  • Perform a distributed Internet crack against a single access point
  • Place a rogue access point on ABC Corporation's network
  • Perform an RF jamming attack against the WIPS
  • Mount an email virus campaign to unlock access points from the wired LAN segment

Answer : Perform a social engineering attack against help desk personnel Place a rogue access point on ABC Corporation's network

ABC Company's network includes ten ERP-OFDM (802.11g) STAs connecting through a single access point. To help avoid the spread of viruses between wireless users, what should be implemented on the network? (Choose two)


Options are :

  • Wireless Intrusion Prevention System (WIPS)
  • Personal firewall software on client devices
  • Peer-to-peer data blocking in the AP
  • WLAN protocol analysis software on one laptop

Answer : Personal firewall software on client devices Peer-to-peer data blocking in the AP

CWNA-106 Certified Wireless Network Administrator Exam Set 2

Wireless Intrusion Prevention Systems (WIPS) started as Wireless Intrusion Detection Systems (WIDS).WIPS can both detect and prevent some network attacks, whereas WIDS can only detect and report network intrusions. Which wireless network attacks can WIPS prevent?


Options are :

  • Association of authorized clients to rogue access points
  • Narrowband RF jamming of a spread spectrum channel
  • EAP-Start flooding against an access point
  • Deauthentication attacks against access points by intruders

Answer : Association of authorized clients to rogue access points

As a wireless security professional, you are tasked by a company to quickly attempt to bypass static WEP security on their 802.11a WLAN. WEP is configured as mandatory on all devices in the network. Which approaches do you take? (Choose two)


Options are :

  • Transmit a high volume of association frames to an access point to force it to fail into an Open System state.You use a WLAN client to associate and bypass WEP security.
  • Enable a wireless protocol analyzer and wait for it to gather a given amount of data traffic from multiplewireless LAN end users. You use AirCrack to look for weak IVs in the packet trace.
  • Associate with an access point using Open System authentication and log in with the default username andpassword. You reconfigure the access point for a new WEP key.
  • Record their SSID, phone number, address, and other data related to their organization and try to fitnumbers and letters into patterns of 5, 10, 13, or 26 characters for use as a test WEP key

Answer : Enable a wireless protocol analyzer and wait for it to gather a given amount of data traffic from multiplewireless LAN end users. You use AirCrack to look for weak IVs in the packet trace. Record their SSID, phone number, address, and other data related to their organization and try to fitnumbers and letters into patterns of 5, 10, 13, or 26 characters for use as a test WEP key

Which of the following is a type of WLAN Denial of Service (DoS) attack?


Options are :

  • Peer file theft
  • Passive WEP cracking
  • Active Bit flipping
  • Hijacking

Answer : Hijacking

CWNA-106 Certified Wireless Network Administrator Exam Set 2

Which of the following are secure device management protocols?Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • SNMPv3
  • HTTP
  • HTTPS
  • SSH

Answer : SNMPv3 HTTPS SSH

PW0-105 Certified Wireless Network Administrator Exam Set 4

Which of the following keys are used by the public key infrastructure (PKI)?Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Group Temporal Key
  • Public Key
  • Private Key
  • Pairwise Transient Key

Answer : Public Key Private Key

Which of the following is a type of malware that is secretly installed on the user's personal computer and collects users' information without their knowledge?


Options are :

  • Virus
  • Worm
  • Spyware
  • Adware

Answer : Spyware

Which of the following is a wireless device that is created to allow a cracker to conduct a man-in-the-middle attack?


Options are :

  • Protocol analyzer
  • WLAN controller
  • Lightweight Access Point
  • Rogue access point

Answer : Rogue access point

PW0-270 Certified Wireless Analysis Professional (CWAP) Exam Set 3

Which of the following are secure infrastructure management protocols used in WLAN?Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Telnet
  • HTTPS
  • SNMPv3
  • SCP

Answer : HTTPS SNMPv3 SCP

Which of the following tools monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools?


Options are :

  • WIPS
  • IDS
  • Snort
  • Firewall

Answer : WIPS

You work as a Network Administrator for Tech Perfect Inc. The company has a secure wireless network. Since the company's wireless network is so dynamic, it requires regular auditing to maintain proper security. For this reason, you are configuring NetStumbler as a wireless auditing tool. What services can NetStumbler provide? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Detection of causes of wireless interference
  • Detection of unauthorized ("rogue") access points
  • Verification of network configurations
  • Capturing and decoding of packets

Answer : Detection of causes of wireless interference Detection of unauthorized ("rogue") access points Verification of network configurations

PW0-104 Wireless LAN Administration Certified Practice Exam Set 3

Which of the following protocols are types of VPN protocols?Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • L2TP
  • PEAP
  • IPSec
  • PPTP

Answer : L2TP IPSec PPTP

Which of the following wireless security features provides the best wireless security mechanism?


Options are :

  • WPA with Pre Shared Key
  • WPA with 802.1X authentication
  • WEP
  • WPA

Answer : WPA with 802.1X authentication

You work as a Network Administrator for NetTech Inc. The company has a Windows 2003 domain-based network. The company has a main office and several branch offices. You want to centralize theadministration. Therefore, you implement a Remote Authentication Dial-In Service (RADIUS) server. Each branch office supports its own Routing and Remote Access Server. You remove the default remote access policy, as you want to secure communications and implement a single policy that requires all dial-up communications to use a 40-bit encryption. What will you do to accomplish this?Each correct answer represents a part of the solution. Choose two.


Options are :

  • Set the level of encryption to Basic in the remote access policy.
  • Set the level of encryption to No Encryption in the remote access policy.
  • Create a remote access policy on the RADIUS server.
  • Create a remote access policy on the Routing and Remote Access Server of each branch office.

Answer : Set the level of encryption to Basic in the remote access policy. Create a remote access policy on the RADIUS server.

PW0-104 Wireless LAN Administration Certified Practice Exam Set 1

Radios on AP are turned off, and the AP listens for ARP messages on a wired network. The controller generates an alarm if an ARP is heard on a wired LAN. In which mode does the AP operate if this task is performed?


Options are :

  • Sniffer mode
  • Local mode
  • Monitor mode
  • Rogue detection mode

Answer : Rogue detection mode

Which of the following are tunneling protocols used in a virtual private network (VPN)?Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • PPTP
  • MD5
  • L2TP
  • SCP

Answer : PPTP L2TP

Which of the following protocols uses separate control and data connections between the client and server applications?


Options are :

  • SMTP
  • SCP
  • FTP
  • HTTP

Answer : FTP

PW0-270 Certified Wireless Analysis Professional (CWAP) Exam Set 3

On which of the following, digital signatures are based?Each correct answer represents a complete solution. Choose two.


Options are :

  • RADIUS
  • Asymmetric encryption
  • Hashing functions
  • Symmetric encryption

Answer : Asymmetric encryption Hashing functions

Which of the following protocols is used for authentication in an 802.1X framework?


Options are :

  • EAP
  • L2TP
  • TKIP
  • IPSec

Answer : EAP

Which of the following components are normally required to secure wireless 802.11 networks?Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Authentication
  • Accessibility
  • Segmentation
  • Strong encryption

Answer : Authentication Segmentation Strong encryption

PW0-104 Wireless LAN Administration Practice Exam Set 2

Which of the following security protocols uses a single, manually configured, static key for data encryption that is shared by the client and the WAP?


Options are :

  • L2TP
  • WEP
  • WPA
  • IPSec

Answer : WEP

Which of the following protocols is used by Point-to-Point (PPP) servers to validate the identity of remote clients?


Options are :

  • IPSec
  • CHAP
  • EAP-TTLS
  • PPP

Answer : CHAP

Which of the following is designed to detect bit-flipping and forgery attacks that are used against WEP?


Options are :

  • Initialization vector (IV)
  • Cyclic redundancy check (CRC)
  • Message integrity code (MIC)
  • Message authentication code (MAC)

Answer : Message integrity code (MIC)

CWNA-106 Certified Wireless Network Administrator Exam Set 3

Which of the following keys is derived from a preshared key and Extensible Authentication Protocol (EAP)?


Options are :

  • Pairwise Transient Key
  • Private Key
  • Pairwise Master Key
  • Group Temporal Key

Answer : Pairwise Master Key

A Cisco Unified Wireless Network has an access point (AP) that provides a single point of management and reduces the security concern of a stolen access point. Which type of access point has this characteristic?


Options are :

  • Lightweight AP
  • Rouge AP
  • Autonomous AP
  • LWAPP

Answer : Lightweight AP

Which of the following are attacks/techniques related to Wired Equivalent Privacy (WEP)?Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Phishing
  • Bit-flipping attack
  • Weak key
  • Baiting

Answer : Bit-flipping attack Weak key

PW0-105 Certified Wireless Network Administrator Exam Set 3

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions