CWSP-208 CWNP Certified Wireless Security Professional (CWSP) exact Exam Questions

Certified Wireless Security Professional (CWSP)

Last Update 6 hours ago Total Questions : 119

The Certified Wireless Security Professional (CWSP) content is now fully updated, with all current exam questions added 6 hours ago. Deciding to include CWSP-208 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CWSP-208 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CWSP-208 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Certified Wireless Security Professional (CWSP) practice test comfortably within the allotted time.

Question # 11

Given: A network security auditor is preparing to perform a comprehensive assessment of an 802.11ac network’s security.

What task should be performed at the beginning of the audit to maximize the auditor’s ability to expose network vulnerabilities?

Identify the IP subnet information for each network segment.

Identify the manufacturer of the wireless intrusion prevention system.

Identify the skill level of the wireless network security administrator(s).

Identify the manufacturer of the wireless infrastructure hardware.

Identify the wireless security solution(s) currently in use.

Question # 12

You are implementing an 802.11ac WLAN and a WIPS at the same time. You must choose between integrated and overlay WIPS solutions. Which of the following statements is true regarding integrated WIPS solutions?

Integrated WIPS always perform better from a client throughput perspective because the same radio that performs the threat scanning also services the clients.

Integrated WIPS use special sensors installed alongside the APs to scan for threats.

Many integrated WIPS solutions that detect Voice over Wi-Fi traffic will cease scanning altogether to accommodate the latency sensitive client traffic.

Integrated WIPS is always more expensive than overlay WIPS.

Question # 13

Wireless Intrusion Prevention Systems (WIPS) are used for what purposes? (Choose 3)

Performance monitoring and troubleshooting

Enforcing wireless network security policy

Detecting and defending against eavesdropping attacks

Security monitoring and notification

Preventing physical carrier sense attacks

Classifying wired client devices

Question # 14

You must locate non-compliant 802.11 devices. Which one of the following tools will you use and why?

A spectrum analyzer, because it can show the energy footprint of a device using WPA differently from a device using WPA2.

A spectrum analyzer, because it can decode the PHY preamble of a non-compliant device.

A protocol analyzer, because it can be used to view the spectrum energy of non-compliant 802.11 devices, which is always different from compliant devices.

A protocol analyzer, because it can be used to report on security settings and regulatory or rule compliance

Question # 15

What attack cannot be detected by a Wireless Intrusion Prevention System (WIPS)?

MAC Spoofing

Eavesdropping

Hot-spotter

Soft AP

Deauthentication flood

EAP flood

Question # 16

Joe’s new laptop is experiencing difficulty connecting to ABC Company’s 802.11 WLAN using 802.1X/EAP PEAPv0. The company’s wireless network administrator assured Joe that his laptop was authorized in the WIPS management console for connectivity to ABC’s network before it was given to him. The WIPS termination policy includes alarms for rogue stations, roque APs, DoS attacks and unauthorized roaming.

What is a likely reason that Joe cannot connect to the network?

Joe disabled his laptop’s integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.

Joe’s integrated 802.11 radio is sending multiple Probe Request frames on each channel.

An ASLEAP attack has been detected on APs to which Joe’s laptop was trying to associate. The WIPS responded by disabling the APs.

Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.

Question # 17

The following numbered items show some of the contents of each of the four frames exchanged during the 4-way handshake:

1. Encrypted GTK sent

2. Confirmation of temporal key installation

3. Anonce sent from authenticator to supplicant

4. Snonce sent from supplicant to authenticator, MIC included

Arrange the frames in the correct sequence beginning with the start of the 4-way handshake.

2, 3, 4, 1

1, 2, 3, 4

4, 3, 1, 2

3, 4, 1, 2

Question # 18

Given: XYZ Hospital plans to improve the security and performance of their Voice over Wi-Fi implementation and will be upgrading to 802.11n phones with 802.1X/EAP authentication. XYZ would like to support fast secure roaming for the phones and will require the ability to troubleshoot reassociations that are delayed or dropped during inter-channel roaming.

What portable solution would be recommended for XYZ to troubleshoot roaming problems?

WIPS sensor software installed on a laptop computer

Spectrum analyzer software installed on a laptop computer

An autonomous AP mounted on a mobile cart and configured to operate in monitor mode

Laptop-based protocol analyzer with multiple 802.11n adapters

Question # 19

Given: You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data.

What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?

All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.

Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.

Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.

Only Wireshark can be used to capture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.

The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.

Question # 20

Given: In XYZ’s small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.

What statement about the WLAN security of this company is true?

Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.

A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.

An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.

An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user’s 4-Way Handshake.

Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.