CWSP-207 CWNP Certified Wireless Security Professional (CWSP) exact Exam Questions

Certified Wireless Security Professional (CWSP)

Last Update 2 hours ago Total Questions : 119

The Certified Wireless Security Professional (CWSP) content is now fully updated, with all current exam questions added 2 hours ago. Deciding to include CWSP-207 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CWSP-207 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CWSP-207 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Certified Wireless Security Professional (CWSP) practice test comfortably within the allotted time.

Question # 4

Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation’s wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user’s connections. XYZ’s legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices.

With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

All WLAN clients will reassociate to the consultant’s software AP if the consultant’s software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.

A higher SSID priority value configured in the Beacon frames of the consultant’s software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.

When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant’s software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.

If the consultant’s software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ’s current 802.11b data rates, all WLAN clients will reassociate to the faster AP.

Question # 5

A WLAN is implemented using WPA-Personal and MAC filtering.

To what common wireless network attacks is this network potentially vulnerable? (Choose 3)

Offline dictionary attacks

MAC Spoofing

ASLEAP

DoS

Question # 6

Given: During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text.

From a security perspective, why is this significant?

The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

The username can be looked up in a dictionary file that lists common username/password combinations.

Question # 7

What 802.11 WLAN security problem is directly addressed by mutual authentication?

Wireless hijacking attacks

Weak password policies

MAC spoofing

Disassociation attacks

Offline dictionary attacks

Weak Initialization Vectors

Question # 8

Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website. The bank’s website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain John’s bank account user ID and password and exploit this information.

What likely scenario could have allowed the hacker to obtain John’s bank account user ID and password?

John's bank is using an expired X.509 certificate on their web server. The certificate is on John's Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted.

John uses the same username and password for banking that he does for email. John used a POP3 email client at the wireless hot-spot to check his email, and the user ID and password were not encrypted.

John accessed his corporate network with his IPSec VPN software at the wireless hot-spot. An IPSec VPN only encrypts data, so the user ID and password were sent in clear text. John uses the same username and password for banking that he does for his IPSec VPN software.

The bank’s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

Before connecting to the bank’s website, John’s association to the AP was hijacked. The attacker intercepted the HTTPS public encryption key from the bank’s web server and has decrypted John’s login credentials in near real-time.

Question # 9

ABC Company uses the wireless network for highly sensitive network traffic. For that reason, they intend to protect their network in all possible ways. They are continually researching new network threats and new preventative measures. They are interested in the security benefits of 802.11w, but would like to know its limitations.

What types of wireless attacks are protected by 802.11w? (Choose 2)

RF DoS attacks

Layer 2 Disassociation attacks

Robust management frame replay attacks

Social engineering attacks