ExamGecko
Search Search Login
Home Home / CWNP / CWAP-404
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Finish the statement: It is possible to distinguish between_______22 MHz transmissions and________20 MHz transmissions when looking at an FFT plot.
You have installed a new 802.1 lac WLAN configured with 80 MHz channels. Users in one area are complaining about poor performance. This area is currently served by a single AP. You take a spectrum analysis capture in the poor performing are a. While examining the waterfall plot you notice the airtime utilization is higher on the first 20 MHz of the 80 MHz channel when compared to the rest of the channel. What do you conclude?
When performing protocol analysis, you capture an 802.1 lac data frame on channel 52, transmitted at MCS 8. At what data rate was the PHY Preamble transmitted?
What is the difference between a Data frame and a QoS-Data frame?
You are troubleshooting a client that is experiencing slow WLAN performance. As part of the troubleshooting activity, you start a packet capture on your laptop close to the client device. While analyzing the packets, you suspect that you have not captured all packets transmitted by the client. By analyzing the trace file, how can you confirm if you have missing packets?
After examining a Beacon frame decode you see the SSID Element has a length of 0. What do you conclude about this frame?
You're the WLAN administrator for a large retailer based at the HQ in New York. The London-based office has been complaining about WLAN disconnections around lunch time each day. You suspect this might be interference from the staff microwave, how might you test your theory from the New York office?
In what scenario is Open Authentication without encryption not allowed based on the 802.11 standard?
Why would a STA that supports 802.11k Radio Measurement send a Neighbor Request to an AP?
How many frames make up the Group Key Handshake excluding any Ack frames that may be required?

Question 5 - CWAP-404 discussion

Report
Export

As a wireless network consultant you have been called in to troubleshoot a high-priority issue for one of your customers. The customer's office is based on two floors within a multi-tenant office block. On one of these floors (floor 5) users cannot connect to the wireless network. During their own testing the customer has discovered that users can connect on floor 6 but not when they move to the floor 5. This issue is affecting all users on floor 5 and having a negative effect on productivity.

To troubleshoot this issue, you perform both Spectrum and Protocol Analysis. The Spectrum Analysis shows the presence of Bluetooth signals which you have identified as coming from wireless mice. In the protocol analyzer you see the top frame on the network is Deauthentication frames. On closer investigation you see that the Deauthentication frames' source addresses match the BSSIDs of your customers APs and the destination address is FF:FF:FF:FF:FF:FF:FF.

What do you conclude from this troubleshooting exercise?

A.
The customer should replace all their Bluetooth wireless mice as they are stopping the users on floor 5 from connecting to the wireless network
Answers
A.
The customer should replace all their Bluetooth wireless mice as they are stopping the users on floor 5 from connecting to the wireless network
B.
The users on floor 5 are being subjected to a denial of service attack, as this is happening across the entire floor it is likely to be a misconfigured WIPS solution belonging to the tenants on the floor below
Answers
B.
The users on floor 5 are being subjected to a denial of service attack, as this is happening across the entire floor it is likely to be a misconfigured WIPS solution belonging to the tenants on the floor below
C.
The customers APs are misbehaving and a technical support case should be open with the vendor
Answers
C.
The customers APs are misbehaving and a technical support case should be open with the vendor
D.
The CCI from the APs on the floor 4 is the problem and you need to ask the tenant below to turn down their APs Tx power
Answers
D.
The CCI from the APs on the floor 4 is the problem and you need to ask the tenant below to turn down their APs Tx power
Suggested answer: B

Explanation:

The users on floor 5 are being subjected to a denial of service attack, as this is happening across the entire floor it is likely to be a misconfigured WIPS solution belonging to the tenants on the floor below. This is because the Deauthentication frames have a source address that matches the BSSIDs of the customer's APs and a destination address that is a broadcast address (FF:FF:FF:FF:FF:FF). This indicates that someone is sending spoofed Deauthentication frames to all STAs associated with the customer's APs, causing them to disconnect from the wireless network.This is a common type of DoS attack on wireless networks, and it could be caused by a rogue device or a WIPS solution that is configured to protect the wireless network of another tenant on the floor below12.

Reference: CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 13: Troubleshooting Common Wi-Fi Issues, page 4961; CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 14: Troubleshooting Tools, page 5272.

Show Answer
asked 16/09/2024
Andrea Chichiarelli
37 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms