CWSP-208試験無料問題集（122題）「CWNP Certified Wireless Security Professional (CWSP) 認定」

出題：1

Given: Many corporations configure guest VLANs on their WLAN controllers that allow visitors to have Internet access only. The guest traffic is tunneled to the DMZ to prevent some security risks.
In this deployment, what risks are still associated with implementing the guest VLAN without any advanced traffic monitoring or filtering features enabled? (Choose 2)

A. Peer-to-peer attacks can still be conducted between guest users unless application-layer monitoring and filtering are implemented.

B. Intruders can send spam to the Internet through the guest VLAN.

C. Guest users can reconfigure AP radios servicing the guest VLAN unless unsecure network management protocols (e.g. Telnet, HTTP) are blocked.

D. Unauthorized users can perform Internet-based network attacks through the WLAN.

E. Once guest users are associated to the WLAN, they can capture 802.11 frames from the corporate VLANs.

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

ABC Company has deployed a Single Channel Architecture (SCA) solution to help overcome some of the common problems with client roaming. In such a network, all APs are configured with the same channel and BSSID. PEAPv0/EAP-MSCHAPv2 is the only supported authentication mechanism.
As the Voice over Wi-Fi (STA-1) client moves throughout this network, what events are occurring?

A. STA-1 controls when and where to roam by using signal and performance metrics in accordance with the chipset drivers and 802.11k.

B. The WLAN controller is querying the RADIUS server for authentication before the association of STA-
1 is moved from one AP to the next.

C. The WLAN controller controls the AP to which STA-1 is associated and transparently moves this association in accordance with the physical location of STA-1.

D. STA-1 initiates open authentication and 802.11 association with each AP prior to roaming.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?

A. RADIUS shared secret lookup

B. Group Key Handshake

C. DHCP Discovery

D. 4-Way Handshake

E. 802.1X/EAP authentication

F. Passphrase-to-PSK mapping

正解：E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Which one of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

A. It does not support a RADIUS server.

B. It does not support mutual authentication.

C. It is not a valid EAP type.

D. It does not support the outer identity.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

For a WIPS system to identify the location of a rogue WLAN device using location patterning (RF fingerprinting), what must be done as part of the WIPS installation?

A. At least six antennas must be installed in each sensor.

B. All WIPS sensors must be installed as dual-purpose (AP/sensor) devices.

C. The RF environment must be sampled during an RF calibration process.

D. A location chipset (GPS) must be installed with it.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

What protocols allow a network administrator to securely manage the configuration of WLAN controllers and access points? (Choose 2)

A. SNMPv1

B. SSHv2

C. Telnet

D. TFTP

E. HTTPS

F. FTP

正解：B,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

In order to acquire credentials of a valid user on a public hot-spot network, what attacks may be conducted?
Choose the single completely correct answer.

A. MAC denial of service and/or physical theft

B. Code injection and/or XSS

C. Social engineering and/or eavesdropping

D. Authentication cracking and/or RF DoS

E. RF DoS and/or physical theft

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Given: Fred works primarily from home and public wireless hot-spots rather than commuting to the office. He frequently accesses the office network remotely from his Mac laptop using the local 802.11 WLAN.
In this remote scenario, what single wireless security practice will provide the greatest security for Fred?

A. Use WIPS sensor software on the laptop to monitor for risks and attacks

B. Use only HTTPS when agreeing to acceptable use terms on public networks

C. Use enterprise WIPS on the corporate office network

D. Use secure protocols, such as FTP, for remote file transfers.

E. Use 802.1X/PEAPv0 to connect to the corporate office network from public hot-spots

F. Use an IPSec VPN for connectivity to the office network

正解：F 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?

A. WPA2-Personal with AES-CCMP

B. Open 802.11 authentication with IPSec

C. 802.1X/PEAPv0/MS-CHAPv2

D. 802.1X/EAP-TTLS

E. EAP-MD5

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

A WLAN is implemented using WPA-Personal and MAC filtering.
To what common wireless network attacks is this network potentially vulnerable? (Choose 3)

A. Offline dictionary attacks

B. MAC Spoofing

C. DoS

D. ASLEAP

正解：A,B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

CWSP-208試験無料問題集「CWNP Certified Wireless Security Professional (CWSP) 認定」