Exam Code: CWSP-205 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Certified Wireless Security Professional
Certification Provider: CWNA
Free Today! Guaranteed Training- Pass CWSP-205 Exam.
2017 Jan CWSP-205 exam
Q1. Given: Mary has just finished troubleshooting an 802.11g network performance problem using a laptop-based WLAN protocol analyzer. The wireless network implements 802.1X/PEAP and the client devices are authenticating properly. When Mary disables the WLAN protocol analyzer, configures her laptop for PEAP authentication, and then tries to connect to the wireless network, she is unsuccessful. Before using the WLAN protocol analyzer, Mary's laptop connected to the network without any problems. What statement indicates why Mary cannot access the network from her laptop computer?
A. The nearby WIPS sensor categorized Mary's protocol analyzer adapter as a threat and is performing a deauthentication flood against her computer.
B. The PEAP client's certificate was voided when the protocol analysis software assumed control of the wireless adapter.
C. The protocol analyzer's network interface card (NIC) drivers are still loaded and do not support the version of PEAP being used.
D. Mary's supplicant software is using PEAPv0/EAP-MSCHAPv2, and the access point is using PEAPv1/EAP- GTC.
Q2. Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website. The bank's website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain John's bank account user ID and password and exploit this information. What likely scenario could have allowed the hacker to obtain John's bank account user ID and password?
A. John's bank is using an expired X.509 certificate on their web server. The certificate is on John's Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted.
B. John uses the same username and password for banking that he does for email. John used a POP3 email client at the wireless hot-spot to check his email, and the user ID and password were not encrypted.
C. John accessed his corporate network with his IPSec VPN software at the wireless hot-spot. An IPSec VPN only encrypts data, so the user ID and password were sent in clear text. John uses the same username and password for banking that he does for his IPSec VPN software.
D. The bank's web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.
E. Before connecting to the bank's website, John's association to the AP was hijacked. The attacker intercepted the HTTPS public encryption key from the bank's web server and has decrypted John's login credentials in near real-time.
Q3. ABC Company has deployed a Single Channel Architecture (SCA) solution to help overcome some of the common problems with client roaming. In such a network, all APs are configured with the same channel and BSSID. PEAPv0/EAP-MSCHAPv2 is the only supported authentication mechanism. As the Voice over Wi-Fi (STA-1) client moves throughout this network, what events are occurring?
A. STA-1 initiates open authentication and 802.11 association with each AP prior to roaming.
B. The WLAN controller is querying the RADIUS server for authentication before the association of STA-1 is moved from one AP to the next.
C. STA-1 controls when and where to roam by using signal and performance metrics in accordance with the chipset drivers and 802.11k.
D. The WLAN controller controls the AP to which STA-1 is associated and transparently moves this association in accordance with the physical location of STA-1.
Q4. The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?
A. Phase Shift Key (PSK)
B. Group Master Key (GMK) C. Pairwise Master Key (PMK)
D. Group Temporal Key (GTK) E. PeerKey (PK)
F. Key Confirmation Key (KCK)
Q5. Which one of the following describes the correct hierarchy of 802.1X authentication key derivation?
A. The MSK is generated from the 802.1X/EAP authentication. The PMK is derived from the MSK. The PTK is derived from the PMK, and the keys used for actual data encryption are a part of the PTK.
B. If passphrase-based client authentication is used by the EAP type, the PMK is mapped directly from the user's passphrase. The PMK is then used during the 4-way handshake to create data encryption keys.
C. After successful EAP authentication, the RADIUS server generates a PMK. A separate key, the MSK, is derived from the AAA key and is hashed with the PMK to create the PTK and GTK.
D. The PMK is generated from a successful mutual EAP authentication. When mutual authentication is not used, an MSK is created. Either of these two keys may be used to derive the temporal data encryption keys during the 4-way handshake.
Most recent CWSP-205 exam topics:
Q6. A WLAN is implemented using WPA-Personal and MAC filtering. To what common wireless network attacks is this network potentially vulnerable? (Choose 3)
A. Offline dictionary attacks
B. MAC Spoofing
Answer: A, B, D
Q7. In an effort to optimize WLAN performance, ABC Company has upgraded their WLAN infrastructure from 802.11a/g to 802.11n. 802.11a/g clients are still supported and are used throughout ABC's facility. ABC has always been highly security conscious, but due to budget limitations, they have not yet updated their overlay WIPS solution to 802.11n or 802.11ac. Given ABC's deployment strategy, what security risks would not be detected by the 802.11a/g WIPS?
A. Hijacking attack performed by using a rogue 802.11n AP against an 802.11a client
B. Rogue AP operating in Greenfield 40 MHz-only mode
C. 802.11a STA performing a deauthentication attack against 802.11n APs
D. 802.11n client spoofing the MAC address of an authorized 802.11n client
Q8. Role-Based Access Control (RBAC) allows a WLAN administrator to perform what network function?
A. Minimize traffic load on an AP by requiring mandatory admission control for use of the Voice access category.
B. Allow access to specific files and applications based on the user's WMM access category.
C. Provide two or more user groups connected to the same SSID with different levels of network privileges.
D. Allow simultaneous support for multiple EAP types on a single access point.
Q9. In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce? (Choose 2) A. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.
B. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).
C. They are added together and used as the GMK, from which the GTK is derived.
D. They are input values used in the derivation of the Pairwise Transient Key.
E. They allow the participating STAs to create dynamic keys while avoiding sending unicast encryption keys across the wireless medium.
Answer: D, E
Q10. When using the 802.1X/EAP framework for authentication in 802.11 WLANs, why is the 802.1X Controlled Port still blocked after the 802.1X/EAP framework has completed successfully?
A. The 802.1X Controlled Port is always blocked, but the Uncontrolled Port opens after the EAP authentication process completes.
B. The 802.1X Controlled Port remains blocked until an IP address is requested and accepted by the Supplicant.
C. The 4-Way Handshake must be performed before the 802.1X Controlled Port changes to the unblocked state.
D. The 802.1X Controlled Port is blocked until Vender Specific Attributes (VSAs) are exchanged inside a RADIUS packet between the Authenticator and Authentication Server.
see more CWSP-205 dumps