PW0-270 Certified Wireless Analysis Professional (CWAP) Exam Set 2

802.1X/EAP-TLS supports what client authentication credential type?


Options are :

  • x.509 Certificates
  • Digital Security Token
  • MD5 Hash Exchange
  • Passwords

Answer : x.509 Certificates

CWNA-106 Certified Wireless Network Administrator Exam Set 5

Which of the following is a network security device that monitors network activities for malicious or unwanted behavior?


Options are :

  • IDS
  • ASA
  • IPS
  • WEP

Answer : IPS

ABC Corporation has implemented an IPSec security solution to protect their new 802.11g WLAN. You are hired to audit the WLAN security and find that data is traversing the wireless segment in clear text. You notify the network manager, but he argues that IPSec is supposed to protect data using strong encryption. You explain that they have implemented IPSec improperly, causing data to be sent in clear text.Which IPSec protocol has ABC Corp implemented to cause traffic to traverse the wireless medium in clear text?


Options are :

  • 802.1X/EAP-TLS
  • AH-MD5-HMAC
  • PPTP/MPPE-128
  • SSH2/BLOWFISH-CBC
  • ESP-SHA1-HMAC

Answer : AH-MD5-HMAC

Given: The phases of security policy development include: 1) Communication 2) Response and enforcement 3) Define and document 4) Monitoring and auditing 5) Management buy in 6) Revise and fine tune Choose the correct order of steps for security policy development phases, from first to last.


Options are :

  • 3, 5, 1, 4, 2, 6
  • 5, 2, 3, 6, 4, 1
  • 3, 4, 2, 1, 5, 6
  • 1, 2, 4, 5, 6, 3

Answer : 3, 5, 1, 4, 2, 6

PW0-104 Wireless LAN Administration Certified Practice Exam Set 2

Which of the following attacks saturates network resources and disrupts services to a specific computer?


Options are :

  • Polymorphic shell code attack
  • Teardrop attack
  • Denial-of-Service (DoS) attack
  • Replay attack

Answer : Denial-of-Service (DoS) attack

Why do PEAPv0/EAP-TLS and PPTP/EAP-TLS offer stronger authentication than PEAPv0/EAP-MSCHAPv2 and PPTP/MS-CHAPv2?


Options are :

  • MS-CHAPv2 supports only protected access credentials (PACs), but EAP-TLS supports smart cards andsecure tokens for client authentication.
  • EAP-TLS supports hashing passwords before they are transmitted across the medium by clients, but MSCHAPv2supports only clear text passwords.
  • Use of MS-CHAPv2 allows only RADIUS to be used as an authentication server, but EAPTLS allows bothRADIUS and TACACS+.
  • EAP-TLS uses x.509 certificates for client and server authentication while MS-CHAPv2 uses passwordauthentication.

Answer : EAP-TLS uses x.509 certificates for client and server authentication while MS-CHAPv2 uses passwordauthentication.

Which WLAN attacks does personal firewall software prevent?


Options are :

  • Computer viruses from peer WLAN devices
  • 802.11 deauthentication attacks
  • RF jamming attacks from nearby intruders
  • Wi-Fi phishing attacks athot-spots

Answer : Computer viruses from peer WLAN devices

PW0-105 Certified Wireless Network Administrator Exam Set 3

Which statement is true regarding networks protected with port-based access control compliant with the 802.1X-2004 standard?


Options are :

  • The 802.1X standard addresses authentication framework and data privacy. Encryption is optional based onthe EAP type used.
  • The 802.1X standard addresses access control, authentication framework, and data privacy. Encryption ismandatory.
  • The 802.1X standard addresses authentication framework, access control, and data privacy. EAP isoptional. Encryption is mandatory.
  • The 802.1X standard addresses only access control and authentication framework, not data privacy

Answer : The 802.1X standard addresses only access control and authentication framework, not data privacy

A government agency requires the utmost in WLAN security and is currently creating an updated WLAN security policy to outline the security procedures to be implemented on all wireless networks within the agency.Documentation procedures for any security event in the agency require a detailed paper trail including specifics on the time/date, physical location, and type of attack. What tasks must be required by the new security policy to ensure adherence to the documentation requirements? (Choose three)


Options are :

  • Configuration of WIPS to send all WLAN security events to RADIUS
  • Frequent customized WIPS security event reports
  • Failed EAP-TLS client authentication attempts due to inaccurate passwords
  • Implementation of a wireless intrusion prevention system B. In depth review of WIPS security event reports

Answer : Configuration of WIPS to send all WLAN security events to RADIUS Frequent customized WIPS security event reports Implementation of a wireless intrusion prevention system B. In depth review of WIPS security event reports

You are a consultant, hired by ABC Corporation to perform a risk assessment and impact analysis for intrusions on their new 802.11g WLAN. Which areas would you weigh most heavily while performing these tasks for ABC Corp? (Choose two)


Options are :

  • The legal implications of an intruder stealing sensitive data
  • The layer 2 and layer 3 roaming mechanisms currently in place
  • The types of operating systems in use by WLAN end users
  • The sensitivity of information sent over the wireless network

Answer : The legal implications of an intruder stealing sensitive data The sensitivity of information sent over the wireless network

PW0-105 Certified Wireless Network Administrator CWNA Exam Set 1

Given: WLAN protocol analyzers can read and reject many wireless frame parameters.What parameter is needed to physically locate rogue APs with a protocol analyzer?


Options are :

  • RSSI
  • IP address
  • signal strength
  • RSNE

Answer : signal strength

CWNA-106 Certified Wireless Network Administrator Exam Set 2

As a primary security engineer for a large corporate network you have been asked to author a new security policy for the wireless network while most clients devices support 802.11X authentication some legacy devices still passphrase.When writing the 802.11 security policy, what password related items should be addressed?


Options are :

  • Password creation process should be defined to maximize the strength of PSK based authentication.
  • Certificate should always by recommended instead of passwords for 802.11 client authentication.
  • Password complexity should be maximized so that the weak IV attacks are prevented.
  • Password should include a combination of upper and lower case latter, numbers, and special characters.

Answer : Password creation process should be defined to maximize the strength of PSK based authentication. Password should include a combination of upper and lower case latter, numbers, and special characters.

Given: John smith uses a coffee shopís internet hot spot to transfer funds between his checking and saving accounts at his bankís website. The bankís website uses HTTPS protocol to protect sensitive account information. A hacker was able to obtain johnís bank account user ID and password and transfers johnís money to another account. How did the hacker obtain johnís bank Account user ID and password?


Options are :

  • Before connecting to the banks website, johns association to the AP was hijacked. The Attacker interrupted the HTTPS public encryption key from the bankís web server and has decrypted johnís login credentials in real time.
  • Johnís bank is using an expiredX509 certificate on there web server. The certificate is on johnís certificate Revocation list (CRL), causing the user ID and password to be sent unencrypted.
  • The bankís web server is using anX509 certificate that is no signed by a root CA, causing the user ID and password to be sent unencrypted
  • John uses same username and password for banking that he does for email. John used a pop3 email client at the wirelesshot-spotto check the email and the user ID and password were not encrypted.

Answer : Before connecting to the banks website, johns association to the AP was hijacked. The Attacker interrupted the HTTPS public encryption key from the bankís web server and has decrypted johnís login credentials in real time.

What elements should be addressed by a WLAN security policy? (Choose 2)


Options are :

  • End user training for password selection and acceptable network use
  • Enabling encryption to prevent MAC addresses from being sent in clear text
  • Verification that administrative passwords are unique to each infrastructure device
  • Social engineering recognition and mitigation technique.
  • Security policy details should be safeguarded from non IT employees to prevent vulnerability exposure

Answer : End user training for password selection and acceptable network use Social engineering recognition and mitigation technique.

PW0-270 Certified Wireless Analysis Professional (CWAP) Exam Set 4

What impact may 802.11w have on the efforts of rogue device containment with an overlay WIPS?


Options are :

  • 802.11 introduces a mechanism to Encrypt MAC headers in management and control frames, which have traditionally have been used by WIPS to detect network threats such as hijacking attacks and MAC spoofing
  • 802.11w inadvertently exposes new methods for attacks to exploit TKIP countermeasure using spoofed management frames of legitimate stations. WIPS solutions are in capable of preventing this type of attack
  • 802.11w introduces data integrity protection for some management and action frames, which may limits the methods used by WIPS to disconnect, and mitigate the impact of, rogue AP or client communications
  • 802.11w introduces new mechanisms by which unassociated clients can refuse Deauthentication frames that can not be rejected by APs. This introduces new security concerns for WIPS containing Deauthentication attacks

Answer : 802.11w introduces new mechanisms by which unassociated clients can refuse Deauthentication frames that can not be rejected by APs. This introduces new security concerns for WIPS containing Deauthentication attacks

Given: A VLAN consultant has just finished installing a WLAN controller with 15 controller based APs. Two SSIDs with separate VLANs are configured for this network and LANs are configured to use the same RADIUS server. The SSIDs are configured as follows SSID Blue -VLAN 10-lightweight EAP (LEAP) authentication-CCMP cipher suit SSID Red - VLAN 20-802.1X/PEAPv0 authentication-TKIP cipher suit The consultants computer can successfully authenticate and browse the internet when using the Blue SSID. The same computer can authenticate when using the Red SSID. What is most likely cause of problem.


Options are :

  • PEAPv0 authentication is not supported over controller based access points.
  • The TKIP cipher suit is not a valid option for 802.1 X/PEAPv0 authentications.
  • The red VLAN does not support certificate based authentication traffic.
  • The consultant does not have a valid Kerberos ID on the Blue VLAN.
  • The clock on the consultantís computer post dates the RADIUS serverís certificate expiration date/time.

Answer : The red VLAN does not support certificate based authentication traffic.

What wireless authentication technologies build a TLS-encrypted tunnel between the supplicant and the authentication server before passing client authentication credentials to the authentication server? (Choose 3)


Options are :

  • PEAPv1/EAP-GTC
  • EAP-TTLS
  • MS-CHAPv2
  • LEAP
  • EAP-MD5
  • EAP-FAST

Answer : PEAPv1/EAP-GTC EAP-TTLS EAP-FAST

PW0-270 Certified Wireless Analysis Professional (CWAP) Exam Set 1

What TKIP features prevent attacks against the known weaknesses of WEP? (Choose 3)


Options are :

  • 32 bit ICV (CRC 32)
  • Block cipher support
  • Michael
  • Sequence counters
  • RC5 stream cipher
  • Increased IV length

Answer : Michael Sequence counters Increased IV length

What different security benefits are provided by endpoint security solution software? (Choose 3)


Options are :

  • Must be present for support of 802.11k neighbor reports, which improves fast BSS transitions.
  • Can prevent connections to networks with security settings that do not confirm to company policy.
  • Can collect statistics about a userís network use and monitor network threats while they are connected.
  • Can restrict client connections to network with specific SSIDs and encryption types.
  • Can be use to monitor and prevent network activity from nearby rogue clients or APs.

Answer : Can prevent connections to networks with security settings that do not confirm to company policy. Can collect statistics about a userís network use and monitor network threats while they are connected. Can restrict client connections to network with specific SSIDs and encryption types.

In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?


Options are :

  • In university environment with multicast training
  • In home networks in which file and pointer sharing is enabled
  • In corporate VoWiFi is networks with push to talk multicast capabilities
  • At publichot-spots in which many clients use diverse application

Answer : At publichot-spots in which many clients use diverse application

CWNA-106 Certified Wireless Network Administrator Exam Set 5

In An IEEE 802.11-complaint WLAN, when is 802.1X controlled port placed into the unblocked state?


Options are :

  • After open system authentication
  • After the 4-way handshake
  • After any group handshake
  • After RADIUS authentication

Answer : After the 4-way handshake

What disadvantage does EAP-TLS have when compared with PEAPvO EAP/MSCHAPv2 as an 802. 11 WLAN security solution?


Options are :

  • EAP-TLS does not protect the clientís username and password in side an encrypted tunnel.
  • Fast/secure roaming in an 802 11 RSN is significantly longer when EAP-TLS is use.
  • EAP-TLS does not use SSL to establish a secure tunnel for internal EAP authentication.
  • EAP-TLS requires a PKI to create X509 certificates for both the server and client, which increases administrative overhead.

Answer : EAP-TLS requires a PKI to create X509 certificates for both the server and client, which increases administrative overhead.

What penetative measures are performed by a WIPS against intrusions?


Options are :

  • Uses SNMP to disable the switch port to which rogue APs connect
  • Evil twin attack against a rogue AP E. EAPoL reject frame flood against AP
  • Evil twin attack against a classified neighbor AP
  • Deauthentication attack against a classified neighbor AP

Answer : Uses SNMP to disable the switch port to which rogue APs connect Deauthentication attack against a classified neighbor AP

CWNA-106 Certified Wireless Network Administrator Exam Set 2

The IEEE 802.11 pairwise transient key (PTK) is derived from what cryptographic element?


Options are :

  • Peerkey (PK)
  • Pairwise master key (PMK)
  • Phase shift key (PSK
  • Group master key (GMK)
  • Group temporal key (GTK)

Answer : Pairwise master key (PMK)

Companyís 500 employees use ABCís dual band HT 802.11 WLAN extensively general data traffic, VoWiFi, and guest access internet-only data. Size and network applications, what solution effects common and recommended security practices for this type of network?


Options are :

  • WPA2 enterprise for all types of network access. For added configuration simplicity, authenticate all users from a single VLAN but apply filtering with IP ACLs by giving each user to group using RADIUS group attributes. Configure the IPACLs so that each group can only access the necessary resources.
  • His high security requirements, support EAT-TLS for corporate data and VoWiFi, require WPA or WPA2-personal as well as MAC address filtering for all guest solutions. Segment each data type using a separate data type SSID, frequently band, and VLAN.
  • PEAPvO/EAP-MSCHAPv2 for corporate data end VoWiFi, use open authentication with captive portal on the guest network. If the VoWiFi phones can not support, use WPA2- personal with a string passphrase. Segment the three types of traffic by using separate SSIDs and VLANs.
  • WPA2-Personal for corporate data and VoWiFi application with a long passphrase. For guest access, implementation open authentication. Configure two and VLAN-one for corporate access and one for guest access-and support WMM on the corporate network. For ease-of-use and net work discovery hide the corporate broad cast to the guest SSID

Answer : His high security requirements, support EAT-TLS for corporate data and VoWiFi, require WPA or WPA2-personal as well as MAC address filtering for all guest solutions. Segment each data type using a separate data type SSID, frequently band, and VLAN.

Given: ABC Company has recently installed a WLAN controller and configured it to support WPA2-Enterprise security. The administrator has confirmed a security profile on the WLAN controller for each group within the company (manufacturing, sales, and engineering)How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?


Options are :

  • The RADIUS server sends the list of authenticated users and groups to the WLAN controller as a part of a 4-way handshake prior to user authentication.
  • The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.
  • The RADIUS server forwards a request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.
  • The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

Answer : The RADIUS server forwards a request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.

PW0-105 Certified Wireless Network Administrator Exam Set 3

You own a coffee shop and have recently installed a 802.11g wireless hot spot for the benefit of your customers. For legal reasons you want to minimize your network and avoid liability related to the operations of hot spots.What option specifies the best approach to achieve this goal at your public hot-spot?


Options are :

  • Disable the WLAN during non business hours
  • Allow only trusted patrons to use the WLAN
  • Use the captive portal to force users to agree to an acceptable use disclaimer
  • Use a WIPS to deauthenticate the malicious stations
  • Require clients STAs to have updated firewall and antivirus software

Answer : Use the captive portal to force users to agree to an acceptable use disclaimer

What software and hardware tools are used together to hijack a wireless station from the authorized wireless network in to an unauthorized wireless networks? (Choose 2)


Options are :

  • Narrow band RF jamming devices and wireless radio card
  • DHCP server software and access point software
  • A low-gain patch antenna and terminal emulation software
  • A wireless work group bridge and protocol analyzer

Answer : Narrow band RF jamming devices and wireless radio card DHCP server software and access point software

Given: Many travelling business users connect to internet at airports, which often have 802.11g access points with a captive portal for authentication. While using an airport hot spot with this security solution, to what type of wireless attack is user susceptible? (Choose 2)


Options are :

  • IGMP-snooping
  • Management interface exploits
  • Wi-Fi phishing
  • Wi-Fi ARP poising
  • Man-in-middle

Answer : IGMP-snooping Wi-Fi phishing

PW0-104 Wireless LAN Administration Practice Exam Set 1

What limitations are present with PMK caching (or PMKSA caching) when 802.1X/EAP authentication is in use?


Options are :

  • PMK caching has a maximum PMKSA storage threshold of five keys, which limits the fast roaming capability to a mobility group of five APs.
  • PMK caching allows to fast roaming between APs when they are managed by a single controller, but it does not support inter-controller handoffs
  • PMK caching can only retain PMKSAs once they are present, but it can not create new PMKSAs without a full 802.1X/EAP authentication nor can it distribute an existing PMKSA to other APs.
  • PMK caching may only be supported when the authentication server (SA) is collocated with the authenticator, as with WLAN controllers using an internal RADIUS server.

Answer : PMK caching allows to fast roaming between APs when they are managed by a single controller, but it does not support inter-controller handoffs

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions