CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CWNP
  5. CWSP-207

Free CWSP-207 Exam Braindumps (page: 8)

Page 7 of 31
PDF with 119 Questions

What elements should be addressed by a WLAN security policy? (Choose 2)

  1. Enabling encryption to prevent MAC addresses from being sent in clear text
  2. How to prevent non-IT employees from learning about and reading the user security policy
  3. End-user training for password selection and acceptable network use
  4. The exact passwords to be used for administration interfaces on infrastructure devices
  5. Social engineering recognition and mitigation techniques

Answer(s): C,E



As a part of a large organization's security policy, how should a wireless security professional address the problem of rogue access points?

  1. Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.
  2. Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.
  3. Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.
  4. A trained employee should install and configure a WIPS for rogue detection and response measures.
  5. Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

Answer(s): D



In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?

  1. In home networks in which file and printer sharing is enabled
  2. At public hot-spots in which many clients use diverse applications
  3. In corporate Voice over Wi-Fi networks with push-to-talk multicast capabilities
  4. In university environments using multicast video training sourced from professor's laptops

Answer(s): B



As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network.
While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.

When writing the 802.11 security policy, what password-related items should be addressed?

  1. MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.
  2. Password complexity should be maximized so that weak WEP IV attacks are prevented.
  3. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK- based authentication.
  4. Certificates should always be recommended instead of passwords for 802.11 client authentication.
  5. EAP-TLS must be implemented in such scenarios.

Answer(s): C






Post your Comments and Discuss CWNP CWSP-207 exam with other Community members:

CWSP-207 Exam Discussions & Posts