CWSP-205 Royal Pack Testengine pdf
100% Actual & Verified — 100% PASS
Unlimited access to the world's largest Dumps library! Try it Free Today!https://www.exambible.com/CWSP-205-exam/
Exam Number/Code: CWSP-205
Exam name: Certified Wireless Security Professional
n questions with full explanations
Certification: CWNA Certification
Last updated on Global synchronizing
We provide real CWSP-205 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CWNA CWSP-205 Exam quickly & easily. The CWSP-205 PDF type is available for reading and printing. You can print more and practice many times. With the help of our CWNA CWSP-205 dumps pdf and vce product and material, you can easily pass the CWSP-205 exam.
Q21. Given: ABC Corporation's 802.11 WLAN is comprised of a redundant WLAN controller pair (N+1) and 30 access points implemented in 2004. ABC implemented WEP encryption with IPSec VPN technology to secure their wireless communication because it was the strongest security solution available at the time it was implemented. IT management has decided to upgrade the WLAN infrastructure and implement Voice over Wi- Fi and is concerned with security because most Voice over Wi-Fi phones do not support IPSec. As the wireless network administrator, what new security solution would be best for protecting ABC's data?
A. Migrate corporate data clients to WPA-Enterprise and segment Voice over Wi-Fi phones by assigning them to a different frequency band.
B. Migrate corporate data and Voice over Wi-Fi devices to WPA2-Enterprise with fast secure roaming support, and segment Voice over Wi-Fi data on a separate VLAN.
C. Migrate to a multi-factor security solution to replace IPSec; use WEP with MAC filtering, SSID hiding, stateful packet inspection, and VLAN segmentation.
D. Migrate all 802.11 data devices to WPA-Personal, and implement a secure DHCP server to allocate addresses from a segmented subnet for the Voice over Wi-Fi phones.
Q22. Given: WLAN attacks are typically conducted by hackers to exploit a specific vulnerability within a network. What statement correctly pairs the type of WLAN attack with the exploited vulnerability? (Choose 3)
A. Management interface exploit attacks are attacks that use social engineering to gain credentials from managers.
B. Zero-day attacks are always authentication or encryption cracking attacks.
C. RF DoS attacks prevent successful wireless communication on a specific frequency or frequency range.
D. Hijacking attacks interrupt a user's legitimate connection and introduce a new connection with an evil twin AP.
E. Social engineering attacks are performed to collect sensitive information from unsuspecting users
F. Association flood attacks are Layer 3 DoS attacks performed against authenticated client stations
Answer: C, D, E
Q23. In an effort to optimize WLAN performance, ABC Company has upgraded their WLAN infrastructure from 802.11a/g to 802.11n. 802.11a/g clients are still supported and are used throughout ABC's facility. ABC has always been highly security conscious, but due to budget limitations, they have not yet updated their overlay WIPS solution to 802.11n or 802.11ac. Given ABC's deployment strategy, what security risks would not be detected by the 802.11a/g WIPS?
A. Hijacking attack performed by using a rogue 802.11n AP against an 802.11a client
B. Rogue AP operating in Greenfield 40 MHz-only mode
C. 802.11a STA performing a deauthentication attack against 802.11n APs
D. 802.11n client spoofing the MAC address of an authorized 802.11n client
Q24. Which of the following security attacks cannot be detected by a WIPS solution of any kind?
A. Rogue APs
D. Social engineering
Answer: C, D
Q25. What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hot-spots?
A. Require Port Address Translation (PAT) on each laptop.
B. Require secure applications such as POP, HTTP, and SSH.
C. Require VPN software for connectivity to the corporate network.
D. Require WPA2-Enterprise as the minimal WLAN security solution.
Q26. A WLAN is implemented using WPA-Personal and MAC filtering. To what common wireless network attacks is this network potentially vulnerable? (Choose 3)
A. Offline dictionary attacks
B. MAC Spoofing
Answer: A, B, D
Q27. What WLAN client device behavior is exploited by an attacker during a hijacking attack?
A. When the RF signal between a client and an access point is disrupted for more than a few seconds, the client device will attempt to associate to an access point with better signal quality.
B. When the RF signal between a client and an access point is lost, the client will not seek to reassociate with another access point until the 120 second hold down timer has expired.
C. After the initial association and 4-way handshake, client stations and access points do not need to perform another 4-way handshake, even if connectivity is lost.
D. As specified by the Wi-Fi Alliance, clients using Open System authentication must allow direct client-to- client connections, even in an infrastructure BSS.
E. Client drivers scan for and connect to access points in the 2.4 GHz band before scanning the 5 GHz band.
Q28. Given: ABC Company secures their network with WPA2-Personal authentication and AES-CCMP encryption. What part of the 802.11 frame is always protected from eavesdroppers by this type of security?
A. All MSDU contents
B. All MPDU contents
C. All PPDU contents
D. All PSDU contents
Q29. Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text. From a security perspective, why is this significant?
A. The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.
B. The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.
C. 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.
D. The username can be looked up in a dictionary file that lists common username/password combinations.
Q30. Given: When the CCMP cipher suite is used for protection of data frames, 16 bytes of overhead are added to the Layer 2 frame. 8 of these bytes comprise the MIC. What purpose does the encrypted MIC play in protecting the data frame?
A. The MIC is used as a first layer of validation to ensure that the wireless receiver does not incorrectly process corrupted signals.
B. The MIC provides for a cryptographic integrity check against the data payload to ensure that it matches the original transmitted data.
C. The MIC is a hash computation performed by the receiver against the MAC header to detect replay attacks prior to processing the encrypted payload.
D. The MIC is a random value generated during the 4-way handshake and is used for key mixing to enhance the strength of the derived PTK.