Latest CWSP-206 exam dumps with real CWNP questions and answers [Q63-Q77]

admin CWSP-206 CWNP January 20, 2024

Rate this post

Latest CWSP-206 exam dumps with real CWNP questions and answers

CWSP-206 Exam in First Attempt Guaranteed

Q63. In order to acquire credentials of a valid user on a public hotspot network, what attacks may be conducted? Choose the single completely correct answer.

MAC denial of service and/or physical theft

Social engineering and/or eavesdropping

Authentication cracking and/or RF DoS

Code injection and/or XSS

RF DoS and/or physical theft

Q64. Which of the following encryption methods use the RC4 technology? Each correct answer represents a complete solution. Choose all that apply.

Dynamic WEP

TKIP

Static WEP

CCMP

Q65. Your company has just completed installation of an IEEE 802.11 WLAN controller with 20 controller-based APs. The CSO has specified PEAPv0/EAP-MSCHAPv2 as the only authorized WLAN authentication mechanism. Since an LDAP-compliant user database was already in use, a RADIUS server was installed and is querying authentication requeststo the LDAP server. Where must the X.509 server certificate and private key be installed in this network?

Controller-based APs

WLAN controller

RADIUS server

Supplicant devices

LDAP server

Q66. A WLAN consultant has just finished installing a WLAN controller with 15 controller-based APs.
Two SSIDs with separate VLANs are configured for this network, and both VLANs are configured to use the same RADIUS server. The SSIDs are configured as follows:
1. SSID Blue – VLAN 10 – Lightweight EAP (LEAP) authentication – CCMP
cipher suite
2. SSID Red – VLAN 20 – PEAPv0/EAP-TLS authentication – TKIP cipher
suite
The consultant’s computer can successfully authenticate and browse the Internet when using the Blue SSID. The same computer cannot authenticate when using the Red SSID. What is a possible cause of the problem?

The consultant does not have a valid Kerberos ID on the Blue VLAN.

The client does not have a proper certificate installed for the tunneled authentication within the established TLS tunnel.

The TKIP cipher suite is not a valid option for PEAPv0 authentication.

The Red VLAN does not use server certificate, but the client requires one.

Q67. You manage a wireless network that services 200 wireless users. Your facility requires 20 access points, and you have installed an IEEE 802.11-compliant implementation of 802.1X/LEAP with AES-CCMPas an authentication and encryption solution. In this configuration, the wireless network is initially susceptible to what type of attack?

Offline dictionary attacks

Application eavesdropping

Session hijacking

Layer 3 peer-to-peer

Encryption cracking

Q68. For a WIPS system to identify the location of a rogue WLAN device using location pattering (RF fingerprinting), what must be done as part of the WIPS installation?

A location chipset (GPS) must be installed with it.

At least six antennas must be installed in each sector.

The RF environment must be sampled during an RF calibration process.

All WIPS sensors must be installed as dual-purpose (AP/sensor) devices.

Q69. What preventative measures are performed by a WIPS against intrusions?

Uses SNMP to disable the switch port to which rogue APs connect.

Evil twin attack against a rogue AP.

EAPoL Reject frame flood against a rogue AP.

Deauthentication attack against a classified neighbor AP.

ASLEAP attack against a rogue AP.

Q70. Which of the following key types are defined in the 802.11i Authentication and Key Management (AKM)?
Each correct answer represents a complete solution. Choose all that apply.

Pairwise Master Key (PMK)

Group Master Key (GMK)

Pairwise Transient Key (PTK)

Group Temporal Key (GTK)

Q71. Which of the following attacks on wireless LAN is performed to shut down the wireless network?

Active attack

Man-in-the-middle attack

Passive attack

Jamming attack

Q72. You work as a Network Administrator for Tech Perfect Inc. The company has a secure wireless network. Since the company’s wireless network is so dynamic, it requires regular auditing to maintain proper security. For this reason, you are configuring NetStumbler as a wireless auditing tool. What services can NetStumbler provide? Each correct answer represents a complete solution. Choose all that apply.

Detection of causes of wireless interference

Verification of network configurations

Detection of unauthorized (“rogue”) access points

Capturing and decoding of packets

Q73. What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA or WPA2 is in use?

Group Cipher Suite

Pairwise Cipher Suite List

AKM Suite List

RSN Capabilities

Explanation/Reference:

Q74. XYZ Company has recently installed a controller-based WLAN and is using a RADIUS server to query authentication requests to an LDAP server. XYZ maintains user-based access policies and would like to use the RADIUS server to facilitate network authorization. What RADIUS feature could be used by XYZ to assign the proper network permissions to users during authentications?

RADIUS can reassign a client’s 802.11 association to a new SSID by referencing a username-to-SSID mapping table in the LDAP user database.

The RADIUS server can support vendor-specific attributes in the ACCESS-ACCEPT response, which can be used for user policy assignment.

The RADIUS server can communicate with the DHCP server to issue the appropriate IP address and VLAN assignment to users.

RADIUS can send a DO-NOT-AUTHORIZE demand to the authenticator to prevent the STA from gaining access to specific files, but may only employ this in relation to Linux servers.

Q75. Your Company is receiving false and abusive e-mails from the e-mail address of your partner company. When you complain, the partner company tells you that they have never sent any such e-mails. Which of the following types of cyber crimes involves this form of network attack?

Man-in-the-middle attack

Spoofing

Cyber squatting

Cyber Stalking

Q76. While seeking the source of interference on channel 11 in your 802.11n WLAN running within 2.4 GHz, you notice a signal in the spectrum analyzer real time FFT display. The signal is characterized with the greatest strength utilizing only 1-2 megahertz of bandwidth and it does not use significantly more bandwidth until it has weakened by roughly 20 dB. At approximately -70 dB, it spreads across as much as 35 megahertz of bandwidth. What kind of signal is described?

A high-power ultra wideband (UWB) Bluetooth transmission.

A 2.4 GHz WLAN transmission using transmit beam forming.

A high-power, narrowband signal.

A deauthentication flood from a WIPS blocking an AP.

An HT-OFDM access point.

A frequency hopping wireless device in discovery mode.

Q77. What protocol, listed here, allows a network manager to securely administer the network?

TFTP

Telnet

HTTPS

SNMPv2

Loading …