Free Certified Wireless Security Professional Exam CWSP-207 Exam Practice Test

Given: ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hot-spot include: Cannot access corporate network resourcesNetwork permissions are limited to Internet access All stations must be authenticatedWhat security controls would you suggest? (Choose the single best answer.)

• Implement separate controllers for the corporate and guest WLANs.
• Use a WIPS to deauthenticate guest users when their station tries to associate with the corporate WLAN.
• Configure access control lists (ACLs) on the guest WLAN to control data types and destinations.
• Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
• Force all guest users to use a common VPN protocol to connect.

The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?

• Group Key Handshake
• 802.1X/EAP authentication
• DHCP Discovery
• 4-Way Handshake
• Passphrase-to-PSK mapping
• RADIUS shared secret lookup

In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce? (Choose 2)

• They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.
• The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).
• They are added together and used as the GMK, from which the GTK is derived.
• They are input values used in the derivation of the Pairwise Transient Key.
• They allow the participating STAs to create dynamic keys while avoiding sending unicast encryption keys across the wireless medium.

The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?

• Phase Shift Key (PSK)
• Group Master Key (GMK)
• Pairwise Master Key (PMK)
• Group Temporal Key (GTK)
• PeerKey (PK)
• Key Confirmation Key (KCK)

Given: Many corporations configure guest VLANs on their WLAN controllers that allow visitors to have Internet access only. The guest traffic is tunneled to the DMZ to prevent some security risks.In this deployment, what risks are still associated with implementing the guest VLAN without any advanced traffic monitoring or filtering features enabled? (Choose 2)

• Intruders can send spam to the Internet through the guest VLAN.
• Peer-to-peer attacks can still be conducted between guest users unless application-layer monitoring and filtering are implemented.
• Unauthorized users can perform Internet-based network attacks through the WLAN.
• Guest users can reconfigure AP radios servicing the guest VLAN unless unsecure network management protocols (e.g. Telnet, HTTP) are blocked.
• Once guest users are associated to the WLAN, they can capture 802.11 frames from the corporate VLANs.

Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection.What security characteristics and/or components play a role in preventing data decryption? (Choose 2)

• Multi-factor authentication
• 4-Way Handshake
• PLCP Cyclic Redundancy Check (CRC)
• Encrypted Passphrase Protocol (EPP)
• Integrity Check Value (ICV)
• Group Temporal Keys

Given: Your company has just completed installation of an IEEE 802.11 WLAN controller with 20 controller-based APs. The CSO has specified PEAPv0/EAP-MSCHAPv2 as the only authorized WLAN authentication mechanism. Since an LDAP-compliant user database was already in use, a RADIUS server was installed and is querying authentication requests to the LDAP server.Where must the X.509 server certificate and private key be installed in this network?

• Supplicant devices
• LDAP server
• Controller-based APs
• WLAN controller
• RADIUS server

Role-Based Access Control (RBAC) allows a WLAN administrator to perform what network function?

• Minimize traffic load on an AP by requiring mandatory admission control for use of the Voice access category.
• Allow access to specific files and applications based on the user's WMM access category.
• Provide two or more user groups connected to the same SSID with different levels of network privileges.
• Allow simultaneous support for multiple EAP types on a single access point.

When used as part of a WLAN authentication solution, what is the role of LDAP?

• A data retrieval protocol used by an authentication service such as RADIUS
• An IEEE X.500 standard compliant database that participates in the 802.1X port-based access control process
• A SQL compliant authentication service capable of dynamic key generation and distribution
• A role-based access control protocol for filtering data to/from authenticated stations.
• An Authentication Server (AS) that communicates directly with, and provides authentication for, the Supplicant.

Given: In XYZ’s small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.What statement about the WLAN security of this company is true?

• Intruders may obtain the passphrase with an ofline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.
• A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.
• An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.
• An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user’s 4-Way Handshake.
• Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.