CWNP CWSP-207 Exam Practice Test Instant Access

Question 1

Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

AThe username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

BThe username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

C4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

DThe username can be looked up in a dictionary file that lists common username/password combinations.

Answer : B

Question 2

Which one of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

AIt does not support the outer identity.

BIt is not a valid EAP type.

CIt does not support mutual authentication.

DIt does not support a RADIUS server.

Answer : C

Question 3

Given: You must implement 7 APs for a branch office location in your organization. All APs will be autonomous and provide the same two SSIDs (CORP1879 and Guest).

Because each AP is managed directly through a web-based interface, what must be changed on every AP before enabling the WLANs to ensure proper staging procedures are followed?

AFragmentation threshold

BAdministrative password

COutput power

DCell radius

Answer : B

Question 4

Given: The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions.

What are three uses for such a tool? (Choose 3)

ATransmitting a deauthentication frame to disconnect a user from the AP.

BAuditing the configuration and functionality of a WIPS by simulating common attack sequences

CProbing the RADIUS server and authenticator to expose the RADIUS shared secret

DCracking the authentication or encryption processes implemented poorly in some WLANs

Answer : A, B, D

Question 5

What is the purpose of the Pairwise Transient Key (PTK) in IEEE 802.11 Authentication and Key Management?

AThe PTK is a type of master key used as an input to the GMK, which is used for encrypting multicast data frames.

BThe PTK contains keys that are used to encrypt unicast data frames that traverse the wireless medium.

CThe PTK is XOR'd with the PSK on the Authentication Server to create the AAA key.

DThe PTK is used to encrypt the Pairwise Master Key (PMK) for distribution to the 802.1X Authenticator prior to the 4-Way Handshake.

Answer : B

Question 6

What is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism in an 802.11 WLAN?

AEAP-TTLS sends encrypted supplicant credentials to the authentication server, but EAP-TLS uses unencrypted user credentials.

BEAP-TTLS supports client certificates, but EAP-TLS does not.

CEAP-TTLS does not require an authentication server, but EAP-TLS does.

DEAP-TTLS does not require the use of a certificate for each STA as authentication credentials, but EAP-TLS does.

Answer : D

Question 7

When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?

AX.509 certificates

BUser credentials

CServer credentials

DRADIUS shared secret

Answer : B

CWNP CWSP-207 Certified Wireless Security Professional Exam Practice Test