ExamGecko
Search Search Login
Home Home / CWNP / CWSP-207

CWNP CWSP-207 Practice Test - Questions Answers, Page 4

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When used as part of a WLAN authentication solution, what is the role of LDAP?
A WLAN is implemented using WPA-Personal and MAC filtering. To what common wireless network attacks is this network potentially vulnerable? (Choose 3)
What statements are true about 802.11-2012 Protected Management Frames? (Choose 2)
Given: AAA is an architectural framework used to provide three separate security components in a network. Listed below are three phrases that each describe one aspect of the AAA framework. Option-1 --- This AAA function is performed first and validates user identify prior to determining the network resources to which they will be granted access. Option-2 --- This function is used for monitoring and auditing purposes and includes the collection of data that identifies what a user has done while connected. Option-3 --- This function is used to designate permissions to a particular user. What answer correctly pairs the AAA component with the descriptions provided above?
A single AP is configured with three separate WLAN profiles, as follows: 1. SSID: ABCData -- BSSID: 00:11:22:00:1F:C3 -- VLAN 10 -- Security: PEAPv0/EAP-MSCHAPv2 with AES-CCMP -- 3 current clients 2. SSID: ABCVoice -- BSSID: 00:11:22:00:1F:C4 -- VLAN 60 -- Security: WPA2-Personal with AES-CCMP -- 2 current clients 3. SSID: Guest -- BSSID: 00:11:22:00:1F:C5 -- VLAN 90 -- Security: Open with captive portal authentication -- 3 current clients Three STAs are connected to ABCData. Three STAs are connected to Guest. Two STAs are connected to ABCVoice. How many unique GTKs and PTKs are currently in place in this scenario?
An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or data. What kind of attack is described?
Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection. What security characteristics and/or components play a role in preventing data decryption? (Choose 2)
Given: ABC Company is implementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources. What security best practices should be followed in this deployment scenario?
You are implementing an 802.11ac WLAN and a WIPS at the same time. You must choose between integrated and overlay WIPS solutions. Which of the following statements is true regarding integrated WIPS solutions?
In order to acquire credentials of a valid user on a public hot-spot network, what attacks may be conducted? Choose the single completely correct answer.

Question 31

Report
Export
Collapse

Your organization required compliance reporting and forensics features in relation to the 802.11ac WLAN they have recently installed. These features are not built into the management system provided by the WLAN vendor. The existing WLAN is managed through a centralized management console provided by the AP vendor with distributed APs and multiple WLAN controllers configured through this console.

What kind of system should be installed to provide the required compliance reporting and forensics features?

A.
WNMS
A.
WNMS
Answers
B.
WIPS overlay
B.
WIPS overlay
Answers
C.
WIPS integrated
C.
WIPS integrated
Answers
D.
Cloud management platform
D.
Cloud management platform
Answers
Suggested answer: B

Question 32

Report
Export
Collapse

You are implementing an 802.11ac WLAN and a WIPS at the same time. You must choose between integrated and overlay WIPS solutions. Which of the following statements is true regarding integrated WIPS solutions?

A.
Integrated WIPS always perform better from a client throughput perspective because the same radio that performs the threat scanning also services the clients.
A.
Integrated WIPS always perform better from a client throughput perspective because the same radio that performs the threat scanning also services the clients.
Answers
B.
Integrated WIPS use special sensors installed alongside the APs to scan for threats.
B.
Integrated WIPS use special sensors installed alongside the APs to scan for threats.
Answers
C.
Many integrated WIPS solutions that detect Voice over Wi-Fi traffic will cease scanning altogether to accommodate the latency sensitive client traffic.
C.
Many integrated WIPS solutions that detect Voice over Wi-Fi traffic will cease scanning altogether to accommodate the latency sensitive client traffic.
Answers
D.
Integrated WIPS is always more expensive than overlay WIPS.
D.
Integrated WIPS is always more expensive than overlay WIPS.
Answers
Suggested answer: C

Question 33

Report
Export
Collapse

When used as part of a WLAN authentication solution, what is the role of LDAP?

A.
A data retrieval protocol used by an authentication service such as RADIUS
A.
A data retrieval protocol used by an authentication service such as RADIUS
Answers
B.
An IEEE X.500 standard compliant database that participates in the 802.1X port-based access control process
B.
An IEEE X.500 standard compliant database that participates in the 802.1X port-based access control process
Answers
C.
A SQL compliant authentication service capable of dynamic key generation and distribution
C.
A SQL compliant authentication service capable of dynamic key generation and distribution
Answers
D.
A role-based access control protocol for filtering data to/from authenticated stations.
D.
A role-based access control protocol for filtering data to/from authenticated stations.
Answers
E.
An Authentication Server (AS) that communicates directly with, and provides authentication for, the Supplicant.
E.
An Authentication Server (AS) that communicates directly with, and provides authentication for, the Supplicant.
Answers
Suggested answer: A

Question 34

Report
Export
Collapse

When implementing a WPA2-Enterprise security solution, what protocol must the selected RADIUS server support?

A.
LWAPP, GRE, or CAPWAP
A.
LWAPP, GRE, or CAPWAP
Answers
B.
IPSec/ESP
B.
IPSec/ESP
Answers
C.
EAP
C.
EAP
Answers
D.
CCMP and TKIP
D.
CCMP and TKIP
Answers
E.
LDAP
E.
LDAP
Answers
Suggested answer: C

Question 35

Report
Export
Collapse

Given: ABC Company is implementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources.

What security best practices should be followed in this deployment scenario?

A.
An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.
A.
An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.
Answers
B.
APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID for user accounting purposes.
B.
APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID for user accounting purposes.
Answers
C.
RADIUS services should be provided at branch offices so that authentication server and supplicant credentials are not sent over the Internet.
C.
RADIUS services should be provided at branch offices so that authentication server and supplicant credentials are not sent over the Internet.
Answers
D.
Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.
D.
Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.
Answers
Suggested answer: A
Total 35 questions
Go to page: of 4
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms