CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CWNP
  5. CWSP-207

Free CWSP-207 Exam Braindumps (page: 6)

Page 5 of 31
PDF with 119 Questions

Given: Many computer users connect to the Internet at airports, which often have 802.11n access points with a captive portal for authentication.

While using an airport hot-spot with this security solution, to what type of wireless attack is a user susceptible? (Choose 2)

  1. Man-in-the-Middle
  2. Wi-Fi phishing
  3. Management interface exploits
  4. UDP port redirection
  5. IGMP snooping

Answer(s): A,B



Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

  1. The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.
  2. The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.
  3. 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.
  4. The username can be looked up in a dictionary file that lists common username/password combinations.

Answer(s): B



Given: In XYZ's small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.

What statement about the WLAN security of this company is true?

  1. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.
  2. A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.
  3. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.
  4. An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user's 4-Way Handshake.
  5. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

Answer(s): B



Given: The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions.

What are three uses for such a tool? (Choose 3)

  1. Transmitting a deauthentication frame to disconnect a user from the AP.
  2. Auditing the configuration and functionality of a WIPS by simulating common attack sequences
  3. Probing the RADIUS server and authenticator to expose the RADIUS shared secret
  4. Cracking the authentication or encryption processes implemented poorly in some WLANs

Answer(s): A,B,D






Post your Comments and Discuss CWNP CWSP-207 exam with other Community members:

CWSP-207 Exam Discussions & Posts