CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CWNP
  5. CWSP-207

Free CWSP-207 Exam Braindumps (page: 7)

Page 6 of 31
PDF with 119 Questions

Given: You manage a wireless network that services 200 wireless users. Your facility requires 20 access points, and you have installed an IEEE 802.11-compliant implementation of 802.1X/LEAP with AES-CCMP as an authentication and encryption solution.

In this configuration, the wireless network is initially susceptible to what type of attacks? (Choose 2)

  1. Encryption cracking
  2. Offline dictionary attacks
  3. Layer 3 peer-to-peer
  4. Application eavesdropping
  5. Session hijacking
  6. Layer 1 DoS

Answer(s): B,F



Given: ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems.
While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations.

As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication? (Choose 2)

  1. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.
  2. MS-CHAPv2 is subject to offline dictionary attacks.
  3. LEAP's use of MS-CHAPv2 is only secure when combined with WEP.
  4. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
  5. MS-CHAPv2 uses AES authentication, and is therefore secure.
  6. When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.

Answer(s): B,D



You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux.
When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets.
What security solution is represented?

  1. 802.1X/EAP-TTLS
  2. Open 802.11 authentication with IPSec
  3. 802.1X/PEAPv0/MS-CHAPv2
  4. WPA2-Personal with AES-CCMP
  5. EAP-MD5

Answer(s): B



Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation's wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user's connections. XYZ's legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices.

With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

  1. All WLAN clients will reassociate to the consultant's software AP if the consultant's software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.
  2. A higher SSID priority value configured in the Beacon frames of the consultant's software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.
  3. When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant's software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.
  4. If the consultant's software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ's current 802.11b data rates, all WLAN clients will reassociate to the faster AP.

Answer(s): C






Post your Comments and Discuss CWNP CWSP-207 exam with other Community members:

CWSP-207 Exam Discussions & Posts