Free Certified Wireless Security Professional Exam CWSP-207 Exam Practice Test

Given: You view a protocol analyzer capture decode with the following protocol frames listed in the following order (excluding the ACK frames):

• 802.11 Probe Request and 802.11 Probe Response
• 802.11 Auth and another 802.11 Auth
• 2) 802.11 Assoc Req and 802.11 Assoc Rsp
• EAPOL-Start
• EAP Request and EAP Response
• EAP Request and EAP Response
• EAP Request and EAP Response
• EAP Request and EAP Response
• EAP Request and EAP Response
• EAP Success
• 19) EAPOL-Key (4 frames in a row)
• What are you seeing in the capture file? (Choose 4)
• WPA2-Enterprise authentication
• WPA2-Personal authentication
• 802.11 Open System authentication
• 802.1X with Dynamic WEP
• Wi-Fi Protected Setup with PIN
• Active Scanning
• 4-Way Handshake

Given: You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data.What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?

• All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.
• Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.
• Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.
• Only Wireshark can be used to capture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.
• The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.

When monitoring APs within a LAN using a Wireless Network Management System (WNMS), what secure protocol may be used by the WNMS to issue configuration changes to APs?

• IPSec/ESP
• TFTP
• 802.1X/EAP
• SNMPv3
• PPTP

Given: XYZ Hospital plans to improve the security and performance of their Voice over Wi-Fi implementation and will be upgrading to 802.11n phones with 802.1X/EAP authentication. XYZ would like to support fast secure roaming for the phones and will require the ability to troubleshoot reassociations that are delayed or dropped during inter-channel roaming.What portable solution would be recommended for XYZ to troubleshoot roaming problems?

• WIPS sensor software installed on a laptop computer
• Spectrum analyzer software installed on a laptop computer
• An autonomous AP mounted on a mobile cart and configured to operate in monitor mode
• Laptop-based protocol analyzer with multiple 802.11n adapters

An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or data. What kind of attack is described?

• Man-in-the-middle
• Hijacking
• ASLEAP
• DoS

When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?

• X.509 certificates
• User credentials
• Server credentials
• RADIUS shared secret

Given: XYZ Company has recently installed a controller-based WLAN and is using a RADIUS server to query authentication requests to an LDAP server. XYZ maintains user-based access policies and would like to use the RADIUS server to facilitate network authorization.What RADIUS features could be used by XYZ to assign the proper network permissions to users during authentication? (Choose 2)

• The RADIUS server can communicate with the DHCP server to issue the appropriate IP address and VLAN assignment to users.
• The RADIUS server can support vendor-specific attributes in the ACCESS-ACCEPT response, which can be used for user policy assignment.
• RADIUS can reassign a client’s 802.11 association to a new SSID by referencing a username-to-SSID mapping table in the LDAP user database.
• RADIUS can send a DO-NOT-AUTHORIZE demand to the authenticator to prevent the STA from gaining access to specific files, but may only employ this in relation to Linux servers.
• RADIUS attributes can be used to assign permission levels, such as read-only permission, to users of a particular network resource.

You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?

• 802.1X/EAP-TTLS
• Open 802.11 authentication with IPSec
• 802.1X/PEAPv0/MS-CHAPv2
• WPA2-Personal with AES-CCMP
• EAP-MD5

Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.From a security perspective, why is this significant?

• The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.
• The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.
• 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.
• The username can be looked up in a dictionary file that lists common username/password combinations.

Given: ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hot-spot include: Cannot access corporate network resourcesNetwork permissions are limited to Internet access All stations must be authenticatedWhat security controls would you suggest? (Choose the single best answer.)

• Implement separate controllers for the corporate and guest WLANs.
• Use a WIPS to deauthenticate guest users when their station tries to associate with the corporate WLAN.
• Configure access control lists (ACLs) on the guest WLAN to control data types and destinations.
• Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
• Force all guest users to use a common VPN protocol to connect.