All About Practical CWSP-205 exam

CWSP-205 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

Get it now →

Product Description:
Exam Number/Code: CWSP-205
Exam name: Certified Wireless Security Professional
n questions with full explanations
Certification: CWNA Certification
Last updated on Global synchronizing

Free Certification Real IT CWSP-205 Exam pdf Collection

Master the CWSP-205 Certified Wireless Security Professional content and be ready for exam day success quickly with this Examcollection CWSP-205 exam guide. We guarantee it!We make it a reality and give you real CWSP-205 questions in our CWNA CWSP-205 braindumps.Latest 100% VALID CWNA CWSP-205 Exam Questions Dumps at below page. You can use our CWNA CWSP-205 braindumps and pass your exam.

Q51. Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website. The bank's website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain John's bank account user ID and password and exploit this information. What likely scenario could have allowed the hacker to obtain John's bank account user ID and password? 

A. John's bank is using an expired X.509 certificate on their web server. The certificate is on John's Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted. 

B. John uses the same username and password for banking that he does for email. John used a POP3 email client at the wireless hot-spot to check his email, and the user ID and password were not encrypted. 

C. John accessed his corporate network with his IPSec VPN software at the wireless hot-spot. An IPSec VPN only encrypts data, so the user ID and password were sent in clear text. John uses the same username and password for banking that he does for his IPSec VPN software. 

D. The bank's web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted. 

E. Before connecting to the bank's website, John's association to the AP was hijacked. The attacker intercepted the HTTPS public encryption key from the bank's web server and has decrypted John's login credentials in near real-time. 

Answer:


Q52. What elements should be addressed by a WLAN security policy? (Choose 2) 

A. Enabling encryption to prevent MAC addresses from being sent in clear text 

B. How to prevent non-IT employees from learning about and reading the user security policy 

C. End-user training for password selection and acceptable network use 

D. The exact passwords to be used for administration interfaces on infrastructure devices 

E. Social engineering recognition and mitigation techniques 

Answer: C, E 


Q53. Given: You must implement 7 APs for a branch office location in your organization. All APs will be autonomous and provide the same two SSIDs (CORP1879 and Guest). Because each AP is managed directly through a web-based interface, what must be changed on every AP before enabling the WLANs to ensure proper staging procedures are followed? 

A. Fragmentation threshold 

B. Administrative password 

C. Output power 

D. Cell radius 

Answer:


Q54. Given: The ABC Corporation currently utilizes an enterprise Public Key Infrastructure (PKI) to allow employees to securely access network resources with smart cards. The new wireless network will use WPA2-Enterprise as its primary authentication solution. You have been asked to recommend a Wi-Fi Alliance-tested EAP method. What solutions will require the least change in how users are currently authenticated and still integrate with their existing PKI? 

A. EAP-FAST 

B. EAP-TLS 

C. PEAPv0/EAP-MSCHAPv2 

D. LEAP 

E. PEAPv0/EAP-TLS 

F. EAP-TTLS/MSCHAPv2 

Answer:


Q55. When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium? 

A. X.509 certificates 

B. User credentials 

C. Server credentials 

D. RADIUS shared secret 

Answer:


Q56. What preventative measures are performed by a WIPS against intrusions? 

A. EAPoL Reject frame flood against a rogue AP 

B. Evil twin attack against a rogue AP 

C. Deauthentication attack against a classified neighbor AP 

D. ASLEAP attack against a rogue AP 

E. Uses SNMP to disable the switch port to which rogue APs connect 

Answer:


Q57. While performing a manual scan of your environment using a spectrum analyzer on a laptop computer, you notice a signal in the real time FFT view. The signal is characterized by having peak power centered on channel 11 with an approximate width of 20 MHz at its peak. The signal widens to approximately 40 MHz after it has weakened by about 30 dB. What kind of signal is displayed in the spectrum analyzer? 

A. A frequency hopping device is being used as a signal jammer in 5 GHz 

B. A low-power wideband RF attack is in progress in 2.4 GHz, causing significant 802.11 interference 

C. An 802.11g AP operating normally in 2.4 GHz 

D. An 802.11a AP operating normally in 5 GHz 

Answer:


Q58. Given: Mary has just finished troubleshooting an 802.11g network performance problem using a laptop-based WLAN protocol analyzer. The wireless network implements 802.1X/PEAP and the client devices are authenticating properly. When Mary disables the WLAN protocol analyzer, configures her laptop for PEAP authentication, and then tries to connect to the wireless network, she is unsuccessful. Before using the WLAN protocol analyzer, Mary's laptop connected to the network without any problems. What statement indicates why Mary cannot access the network from her laptop computer? 

A. The nearby WIPS sensor categorized Mary's protocol analyzer adapter as a threat and is performing a deauthentication flood against her computer. 

B. The PEAP client's certificate was voided when the protocol analysis software assumed control of the wireless adapter. 

C. The protocol analyzer's network interface card (NIC) drivers are still loaded and do not support the version of PEAP being used. 

D. Mary's supplicant software is using PEAPv0/EAP-MSCHAPv2, and the access point is using PEAPv1/EAP- GTC. 

Answer:


Q59. An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or data. 

What kind of attack is described? 

A. Man-in-the-middle 

B. Hijacking 

C. ASLEAP 

D. DoS 

Answer:


Q60. Role-Based Access Control (RBAC) allows a WLAN administrator to perform what network function? 

A. Minimize traffic load on an AP by requiring mandatory admission control for use of the Voice access category. 

B. Allow access to specific files and applications based on the user's WMM access category. 

C. Provide two or more user groups connected to the same SSID with different levels of network privileges. 

D. Allow simultaneous support for multiple EAP types on a single access point. 

Answer: