CWNP CWSP-207 Exam Practice Test Instant Access

Question 1

The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?

AGroup Key Handshake

B802.1X/EAP authentication

CDHCP Discovery

D4-Way Handshake

EPassphrase-to-PSK mapping

FRADIUS shared secret lookup

Answer : B

Question 2

In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce? (Choose 2)

AThey are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.

BThe IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).

CThey are added together and used as the GMK, from which the GTK is derived.

DThey are input values used in the derivation of the Pairwise Transient Key.

EThey allow the participating STAs to create dynamic keys while avoiding sending unicast encryption keys across the wireless medium.

Answer : D, E

Question 3

The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?

APhase Shift Key (PSK)

BGroup Master Key (GMK)

CPairwise Master Key (PMK)

DGroup Temporal Key (GTK)

EPeerKey (PK)

FKey Confirmation Key (KCK)

Answer : C

Question 4

Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection.

What security characteristics and/or components play a role in preventing data decryption? (Choose 2)

AMulti-factor authentication

B4-Way Handshake

CPLCP Cyclic Redundancy Check (CRC)

DEncrypted Passphrase Protocol (EPP)

EIntegrity Check Value (ICV)

FGroup Temporal Keys

Answer : B, F

Question 5

Given: ABC Company has recently installed a WLAN controller and configured it to support WPA2-Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering).

How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

AThe WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

BThe RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.

CThe RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.

DThe RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.

Answer : B

Question 6

When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?

AX.509 certificates

BUser credentials

CServer credentials

DRADIUS shared secret

Answer : B

Question 7

Given: Your network implements an 802.1X/EAP-based wireless security solution. A WLAN controller is installed and manages seven APs. FreeRADIUS is used for the RADIUS server and is installed on a dedicated server named SRV21. One example client is a MacBook Pro with 8 GB RAM.

What device functions as the 802.1X/EAP Authenticator?

ASRV21

BWLAN Controller/AP

CMacBook Pro

DRADIUS server

Answer : B

CWNP CWSP-207 Certified Wireless Security Professional Exam Practice Test