ExamGecko
Home / CWNP / CWAP-404 / List of questions
Ask Question

CWNP CWAP-404 Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Report Export Collapse

After examining a Beacon frame decode you see the SSID Element has a length of 0. What do you conclude about this frame?

The frame is corrupted
The frame is corrupted
SSID elements always have a length of 0
SSID elements always have a length of 0
This is a common attack on WISP backend SQL databases
This is a common attack on WISP backend SQL databases
The beacon is from a BSS configured to hide the SSID
The beacon is from a BSS configured to hide the SSID
Suggested answer: D
Explanation:

If the SSID element has a length of 0 in a Beacon frame decode, it means that the beacon is from a BSS configured to hide the SSID. The SSID element is a part of the Beacon frame that contains the name or identifier of the BSS. The SSID element has two fields: length and value. The length field indicates how many bytes are used for the value field, which contains the actual SSID string. If the length field is 0, it means that there is no value field or SSID string in the element. This is a common technique used by some APs to hide their SSID from passive scanning clients or potential attackers. However, this technique does not provide much security, as there are other ways to discover or reveal the hidden SSID, such as active scanning or capturing probe response or association frames.Reference:[Wireless Analysis Professional Study Guide CWAP-404], Chapter 5: 802.11 MAC Sublayer, page 122-123

asked 16/09/2024
Oscar Ballabriga
37 questions

Question 32

Report Export Collapse

A client is operating in an unstable RF environment. Out of five data frames transmitted to the client it only receives four. The client sends a Block Ack to acknowledge the receipt of these four frames but due to frame corruption the Block Ack is not received by the AP. Which frames will be retransmitted'

All data frames
All data frames
Both the corrupted data and Block Ack
Both the corrupted data and Block Ack
Only the data frame which was corrupted
Only the data frame which was corrupted
Only the Block Ack
Only the Block Ack
Suggested answer: A
Explanation:

All data frames will be retransmitted in this scenario. This is because the AP uses a Block Ack (BA) mechanism to acknowledge the receipt of multiple data frames from a client in a single frame. The BA contains a bitmap that indicates which data frames were received correctly and which were not. If the BA is not received by the AP due to frame corruption, the AP will assume that none of the data frames were received by the client and will retransmit all of them. The other options are not correct, as they do not account for the loss of the BA or the use of the bitmap.Reference:[Wireless Analysis Professional Study Guide CWAP-404], Chapter 6: 802.11 Frame Exchanges, page 167-168

asked 16/09/2024
garima sharma
55 questions

Question 33

Report Export Collapse

In which element of a Beacon frame would you look to identity the current HT protection mode in which an AP is operating?

HT Protection Element
HT Protection Element
HT Operations Element
HT Operations Element
ERP Information Element
ERP Information Element
HT Capabilities Element
HT Capabilities Element
Suggested answer: B
Explanation:

The HT protection mode in which an AP is operating can be identified by looking at the HT Operations element in a Beacon frame. The HT Operations element is a part of the Beacon frame that contains information about the High Throughput (HT) capabilities and operation of an 802.11n BSS. The HT Operations element has a field called HT Protection, which indicates how the BSS protects its HT transmissions from interference or collisions with non-HT devices or BSSs. The HT Protection field can have four values: No Protection, Nonmember Protection, 20 MHz Protection, or Non-HT Mixed Mode. The other options are not correct, as they do not contain information about the HT protection mode. The HT Protection element does not exist, the ERP Information element is used for Extended Rate PHY (ERP) protection mode for 802.11g devices, and the HT Capabilities element is used for indicating the supported HT features of an individual device.Reference:[Wireless Analysis Professional Study Guide CWAP-404], Chapter 5: 802.11 MAC Sublayer, page 125-126

asked 16/09/2024
Francesco Facco
34 questions

Question 34

Report Export Collapse

When a data frame is encrypted with WPA2, to which portion of the frame is the encryption applied?

Frame body and MAC Header
Frame body and MAC Header
Frame body excluding the LLCPD U
Frame body excluding the LLCPD U
Frame body including the LLCPDU
Frame body including the LLCPDU
The whole MPDU
The whole MPDU
Suggested answer: C
Explanation:

When a data frame is encrypted with WPA2, the encryption is applied to the frame body including the LLCPDU. The LLCPDU (Logical Link Control Protocol Data Unit) is a part of the frame body that contains information such as protocol type, source and destination service access points (SAPs), and control fields. The LLCPDU is added by the LLC (Logical Link Control) sublayer to provide multiplexing and flow control functions for different upper layer protocols. When a data frame is encrypted with WPA2, which uses AES-CCMP as its encryption algorithm, both the payload and the LLCPDU are encrypted as a single unit. The MAC header and FCS are not encrypted, as they are needed for addressing and error detection purposes.Reference:[Wireless Analysis Professional Study Guide CWAP-404], Chapter 5: 802.11 MAC Sublayer, page 115-116

asked 16/09/2024
Alex Tzibosnik
42 questions

Question 35

Report Export Collapse

In the 2.4 GHZ band, what data rate are Probe Requests usually sent at from an unassociated STA?

1 Mbps
1 Mbps
The minimum basic rate
The minimum basic rate
MCS 0
MCS 0
6 Mbps
6 Mbps
Suggested answer: B
Explanation:

In the 2.4 GHz band, probe requests are usually sent at the minimum basic rate from an unassociated STA. A probe request is a type of management frame that is transmitted by a STA to discover available BSSs in its vicinity. A probe request can be sent on one or more channels in either passive or active scanning mode. In passive scanning mode, a STA listens for beacon frames from APs on each channel. In active scanning mode, a STA sends probe requests on each channel and waits for probe responses from APs. A probe request is usually sent at the minimum basic rate, which is the lowest data rate among the supported rates that is required for all STAs to join and communicate with a BSS. The minimum basic rate can vary depending on the configuration of each BSS, but it is typically one of these values: 1 Mbps, 2 Mbps, 5.5 Mbps, or 11 Mbps in the 2.4 GHz band. The other options are not correct, as they do not reflect how probe requests are usually sent in the 2.4 GHz band. MCS 0 is a modulation and coding scheme used by 802.11n/ac devices in either band, but it is not a data rate per se. 6 Mbps is a data rate used by OFDM devices in either band, but it is not usually configured as a minimum basic rate in the 2.4 GHz band.Reference:[Wireless Analysis Professional Study Guide CWAP-404], Chapter 5: 802.11 MAC Sublayer, page 123-124

asked 16/09/2024
Lee, Eduardo
56 questions

Question 36

Report Export Collapse

You are troubleshooting a client that is experiencing slow WLAN performance. As part of the troubleshooting activity, you start a packet capture on your laptop close to the client device. While analyzing the packets, you suspect that you have not captured all packets transmitted by the client. By analyzing the trace file, how can you confirm if you have missing packets?

Become a Premium Member for full access
  Unlock Premium Member

Question 37

Report Export Collapse

The PHY layer provides framing by adding a header to create what type of data unit?

Become a Premium Member for full access
  Unlock Premium Member

Question 38

Report Export Collapse

What is the function of 802.11 Management frames?

Become a Premium Member for full access
  Unlock Premium Member

Question 39

Report Export Collapse

What should the To DS and From DS flags be to set to in an Association Response frame?

Become a Premium Member for full access
  Unlock Premium Member

Question 40

Report Export Collapse

An RTS frame should be acknowledged by which frame?

Become a Premium Member for full access
  Unlock Premium Member
Total 60 questions
Go to page: of 6

Related questions