• ホーム
  • ブログ
  • [2023年07月最新リリース] 合格できるCWSP-206試験にはリアル問題とアンサー [Q45-Q70]

[2023年07月最新リリース] 合格できるCWSP-206試験にはリアル問題とアンサー [Q45-Q70]

Share

[2023年07月最新リリース] 合格できるCWSP-206試験にはリアル問題とアンサー

合格できるCWSP-206レビューガイド、頼もしいCWSP-206テストエンジン


CWSP-206試験は、ワイヤレスネットワークアーキテクチャ、セキュリティプロトコル、暗号化方式、脅威緩和技術など、幅広いトピックをカバーしています。候補者は、これらのトピックについて深い理解を示し、実際のシナリオでこの知識を適用できる必要があります。


CWSP認定は、組織内の無線ネットワークのセキュリティに責任を持つ無線ネットワークの専門家に最適です。これには、無線ネットワークエンジニア、セキュリティアナリスト、ネットワーク管理者、ITプロフェッショナルが含まれます。認定は、安全な無線ネットワークを実装し、セキュリティの脅威を軽減し、セキュリティ関連の問題をトラブルシューティングするために必要なスキルを個人に提供します。また、無線業界でキャリアを発展させたい専門家にとっても貴重な資格です。全体的に、CWNP CWSP-206試験は包括的で難しい認定であり、個人の無線セキュリティの専門知識を検証します。

 

質問 # 45
Which of the following are the layers of physical security? Each correct answer represents a complete solution. Choose all that apply.

  • A. Environmental design
  • B. Procedural access control
  • C. Video monitor
  • D. Intrusion detection system

正解:A、B、D


質問 # 46
Which of the following actions will you perform to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

  • A. Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.
  • B. Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.
  • C. Implement the open system authentication for the wireless network.
  • D. Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.
  • E. Implement the IEEE 802.1X authentication for the wireless network.

正解:A、B、E


質問 # 47
Which of the following is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for computers to connect and use a network service?

  • A. SSL
  • B. HTTP
  • C. IPSec
  • D. RADIUS

正解:D


質問 # 48
You support a coffee shop and have recently installed a free 802.11ac wireless hotspot for the benefit of your customers. You want to minimize legal risk in the event that the hotspot is used for illegal Internet activity. What option specifies the best approach to minimize legal risk at this public hotspot while maintaining an open venue for customer Internet access?

  • A. Implement a captive portal with an acceptable use disclaimer.
  • B. Require client STAs to have updated firewall and antivirus software.
  • C. Block TCP port 25 and 80 outbound on the Internet router.
  • D. Configure WPA2-Enterprise security on the access point.
  • E. Use a WIPS to monitor all traffic and deauthenticate malicious stations.
  • F. Allow only trusted patrons to use the WLAN.

正解:A


質問 # 49
ABCHospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN. Before creating the WLAN security policy, what should you ensure you possess?

  • A. Management support for the process.
  • B. Awareness of the exact vendor devices being installed.
  • C. End-user training manuals for the policies to be created.
  • D. Security policy generation software.

正解:A


質問 # 50
In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce?

  • A. They are added together and used as the GMK, fromwhich the GTK is derived.
  • B. They are input values used in the derivation of the Pairwise Transient Key.
  • C. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).
  • D. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.

正解:B


質問 # 51
You work as a Network Administrator for NetTech Inc.
The company has a Windows 2003 domain-based network.
The company has a main office and several branch offices.
You want to centralize the administration.
Therefore, you implement a Remote Authentication Dial-In Service (RADIUS) server. Each branch office supports its own Routing and Remote Access Server. You remove the default remote access policy, as you want to secure communications and implement a single policy that requires all dial-up communications to use a 40-bit encryption.
What will you do to accomplish this?
Each correct answer represents a part of the solution. Choose two.

  • A. Create a remote access policy on the RADIUS server.
  • B. Set the level of encryption to No Encryption in the remote access policy.
  • C. Create a remote access policy on the Routing and Remote Access Server of each branch office.
  • D. Set the level of encryption to Basic in the remote access policy.

正解:A、D


質問 # 52
During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text. From a security perspective, why is this significant?

  • A. The username can be looked up in a dictionary file that lists common username/password combinations.
  • B. The username is an input to the LEAPchallenge/response hash that is exploited, so the username must be known to conduct authentication cracking.
  • C. 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.
  • D. The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

正解:B


質問 # 53
What preventative measures are performed by a WIPS against intrusions?

  • A. EAPoL Reject frame flood against a rogue AP.
  • B. Evil twin attack against a rogue AP.
  • C. Deauthentication attack against a classified neighbor AP.
  • D. Uses SNMP to disable the switch port to which rogue APs connect.
  • E. ASLEAP attack against a rogue AP.

正解:D


質問 # 54
Which of the following provides security by implementing authentication and encryption on Wireless LAN (WLAN)?

  • A. WEP
  • B. IPSec
  • C. L2TP
  • D. WAP

正解:A


質問 # 55
The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the
802.11 association procedure?

  • A. Passphrase-to-PSK mapping
  • B. DHCP Discovery
  • C. Group Key Handshake
  • D. 4-Way Handshake
  • E. RADIUS shared secret lookup
  • F. 802.1X/ EAP authentication

正解:F


質問 # 56
In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation's wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running asoftware AP in an attempt to hijack the authorized user's connections. XYZ's legacy network is using 802.11n APs with
802.11b, 11g, and 11n client devices. With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

  • A. A higher SSID priority value configured in the Beacon frames of the consultant's software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.
  • B. All WLAN clients will reassociate to the consultant's software AP if the consultant's software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.
  • C. If the consultant's software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ's current 802.11b data rates, all WLAN clients will reassociate to the faster AP.
  • D. When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant's software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.

正解:D


質問 # 57
Which of the following types of attacks come under the category of hacker attacks? Each correct answer represents a complete solution. Choose all that apply.

  • A. IP address spoofing
  • B. Smurf
  • C. Password cracking
  • D. Teardrop

正解:A、C


質問 # 58
Which of the following components are normally required to secure wireless 802.11 networks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Accessibility
  • B. Authentication
  • C. Strong encryption
  • D. Segmentation

正解:B、C、D


質問 # 59
Joe's new laptop is experiencing difficulty connecting to ABC Company's 802.11 WLAN using 802.1X/EAP PEAPv0. The company's wireless network administrator assured Joe that his laptop was authorized in the WIPS management console for connectivity to ABC's network before it was given to him. The WIPS termination policy includes alarms for rogue stations, rogue APs, DoS attacks and unauthorized roaming. What is a likely reason that Joe cannot connect to the network?

  • A. Joe's integrated 802.11 radio is sending multiple Probe Request frames on each channel.
  • B. Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.
  • C. An ASLEAP attack has been detected on APs to which Joe's laptop was trying to associate. The WIPS responded by disabling the APs.
  • D. Joe disabled his laptop's integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.

正解:D

解説:
Explanation


質問 # 60
Fred works primarily from home and public wireless hotspots rather than commuting to office. He frequently accesses the office network remotely from his Mac laptop using the local 802.11 WLAN. In this remote scenario, what single wirelesssecurity practice will provide the greatest security for Fred?

  • A. Use an IPSec VPN for connectivity to the office network.
  • B. Use 802.1X/PEAPv0 to connect to the corporate office network from public hotspots.
  • C. Use WIPS sensor software on the laptop to monitor for risks and attacks.
  • D. Use enterprise WIPS on the corporate office network.
  • E. Use secure protocols, such as FTP, for remote file transfers.
  • F. Use only HTTPS when agreeing to acceptable use terms on public networks.

正解:A


質問 # 61
Which of the following is a wireless device that is created to allow a cracker to conduct a man-in- the-middle attack?

  • A. Rogue access point
  • B. Lightweight Access Point
  • C. WLAN controller
  • D. Protocol analyzer

正解:A


質問 # 62
After completing the installation of a new overlay WIPS for the purpose of roguedetection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify the security threats?

  • A. WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.
  • B. Separate security profiles must be defined for network operation in different regulatory domains.
  • C. Authorized PEAP usernames must be added to the WIPS server's user database.
  • D. Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements arebeing met.

正解:A


質問 # 63
Which of the following types of attacks is performed by Adam?

  • A. DDoS attack that involves flooding a network or system
  • B. Man-in-the-middle attack
  • C. DoS attack that involves crashing a network or system
  • D. Reverse social engineering attack

正解:C


質問 # 64
Which of the following is a passive device that cannot be detected by a wireless intrusion detection system (WIDS)?

  • A. Rogue access point
  • B. MAC spoofing
  • C. Spectrum analyzer
  • D. Protocol analyzer

正解:D


質問 # 65
As the primary security engineer for a large corporate network, you have been asked to author a new securitypolicy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy, what password-related items should be addressed?

  • A. MS-CHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.
  • B. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.
  • C. EAP-TLS must be implemented in such scenarios.
  • D. Password complexity should be maximized so that weak WEP IV attacks are prevented.
  • E. Certificates should always be recommended instead of passwords for 802.11 client authentication.

正解:B


質問 # 66
Which of the following encryption methods uses AES technology?

  • A. TKIP
  • B. CCMP
  • C. Static WEP
  • D. Dynamic WEP

正解:B


質問 # 67
Which of the following monitors program activities and modifies malicious activities on a system?

  • A. HIDS
  • B. Back door
  • C. NIDS
  • D. RADIUS

正解:A


質問 # 68
Which of the following is an infrastructure system that allows the secure exchange of data over an unsecured network?

  • A. PKI
  • B. GTK
  • C. PMK
  • D. PTK

正解:A


質問 # 69
You are setting up small offices for a major insurance carrier. The company policy states that all wireless configurations must fully implement the 802.11i standard. Based on this requirement, which encryption algorithm should you implement?

  • A. PKI
  • B. WPA
  • C. WEP
  • D. WPA2

正解:D


質問 # 70
......

100%無料CWSP-206日常練習試験138問題:https://www.goshiken.com/CWNP/CWSP-206-mondaishu.html

関するブログ

もっと
CWSP-206無料問題集