we provide 100% Guarantee CWNA CWSP-205 download which are the best for clearing CWSP-205 test, and to get certified by CWNA Certified Wireless Security Professional. The CWSP-205 Questions & Answers covers all the knowledge points of the real CWSP-205 exam. Crack your CWNA CWSP-205 Exam with latest dumps, guaranteed!
Q52. You are implementing an 802.11ac WLAN and a WIPS at the same time. You must choose between integrated and overlay WIPS solutions. Which of the following statements is true regarding integrated WIPS solutions?
A. Integrated WIPS always perform better from a client throughput perspective because the same radio that performs the threat scanning also services the clients.
B. Integrated WIPS use special sensors installed alongside the APs to scan for threats.
C. Many integrated WIPS solutions that detect Voice over Wi-Fi traffic will cease scanning altogether to accommodate the latency sensitive client traffic.
D. Integrated WIPS is always more expensive than overlay WIPS.
Answer: C
Q53. What type of WLAN attack is prevented with the use of a per-MPDU TKIP sequence counter (TSC)?
A. Weak-IV
B. Forgery
C. Replay
D. Bit-flipping
E. Session hijacking
Answer: C
Q54. After completing the installation of a new overlay WIPS for the purpose of rogue detection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify security threats?
A. Authorized PEAP usernames must be added to the WIPS server's user database.
B. WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.
C. Separate security profiles must be defined for network operation in different regulatory domains D. Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements are being met.
Answer: B
Q55. Given: You have implemented strong authentication and encryption mechanisms for your enterprise 802.11 WLAN using 802.1X/EAP with AES-CCMP. For users connecting within the headquarters office, what other security solution will provide continuous monitoring of both clients and APs with 802.11-specific tracking?
A. IPSec VPN client and server software
B. Internet firewall software
C. Wireless intrusion prevention system
D. WLAN endpoint agent software
E. RADIUS proxy server
Answer: C
Q56. As a part of a large organization's security policy, how should a wireless security professional address the problem of rogue access points?
A. Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.
B. Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.
C. Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.
D. A trained employee should install and configure a WIPS for rogue detection and response measures.
E. Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.
Answer: D
Q57. You must support a TSN as you have older wireless equipment that will not support the required processing of AES encryption. Which one of the following technologies will you use on the network so that a TSN can be implemented that would not be required in a network compliant with 802.11-2012 non-deprecated technologies?
A. WEP
B. RC4
C. CCMP
D. WPA2
Answer: B
Q58. What WLAN client device behavior is exploited by an attacker during a hijacking attack?
A. When the RF signal between a client and an access point is disrupted for more than a few seconds, the client device will attempt to associate to an access point with better signal quality.
B. When the RF signal between a client and an access point is lost, the client will not seek to reassociate with another access point until the 120 second hold down timer has expired.
C. After the initial association and 4-way handshake, client stations and access points do not need to perform another 4-way handshake, even if connectivity is lost.
D. As specified by the Wi-Fi Alliance, clients using Open System authentication must allow direct client-to- client connections, even in an infrastructure BSS.
E. Client drivers scan for and connect to access points in the 2.4 GHz band before scanning the 5 GHz band.
Answer: A
Q59. Given: An 802.1X/EAP implementation includes an Active Directory domain controller running Windows Server 2012 and an AP from a major vendor. A Linux server is running RADIUS and it queries the domain controller for user credentials. A Windows client is accessing the network. What device functions as the EAP Supplicant?
A. Linux server
B. Windows client
C. Access point
D. Windows server
E. An unlisted switch
F. An unlisted WLAN controller
Answer: B
Q60. What security benefits are provided by endpoint security solution software? (Choose 3)
A. Can prevent connections to networks with security settings that do not conform to company policy
B. Can collect statistics about a user's network use and monitor network threats while they are connected
C. Can restrict client connections to networks with specific SSIDs and encryption types
D. Can be used to monitor for and prevent network attacks by nearby rogue clients or APs
Answer: A, B, C
Q61. What security vulnerabilities may result from a lack of staging, change management, and installation procedures for WLAN infrastructure equipment? (Choose 2)
A. The WLAN system may be open to RF Denial-of-Service attacks
B. WIPS may not classify authorized, rogue, and neighbor APs accurately
C. Authentication cracking of 64-bit Hex WPA-Personal PSK
D. Management interface exploits due to the use of default usernames and passwords for AP management
E. AES-CCMP encryption keys may be decrypted
Answer: B, D
Q62. Given: Your organization is using EAP as an authentication framework with a specific type that meets the requirements of your corporate policies. Which one of the following statements is true related to this implementation?
A. The client will be the authenticator in this scenario.
B. The client STAs must use a different, but complementary, EAP type than the AP STAs.
C. The client STAs may communicate over the uncontrolled port in order to authenticate as soon as Open System authentication completes.
D. The client STAs may communicate over the controlled port in order to authenticate as soon as the Open System authentication completes.
Answer: C
Q63. A WLAN is implemented using WPA-Personal and MAC filtering. To what common wireless network attacks is this network potentially vulnerable? (Choose 3)
A. Offline dictionary attacks
B. MAC Spoofing
C. ASLEAP
D. DoS
Answer: A, B, D
Q64. You have an AP implemented that functions only using 802.11-2012 standard methods for the WLAN communications on the RF side and implementing multiple SSIDs and profiles on the management side configured as follows:
1. SSID: Guest VLAN 90 Security: Open with captive portal authentication 2 current clients
2. SSID: ABCData VLAN 10 Security: PEAPv0/EAP-MSCHAPv2 with AES-CCMP 5 current clients
3. SSID: ABCVoice VLAN 60 Security: WPA2-Personal 2 current clients Two client STAs are connected to ABCData and can access a media server that requires authentication at the Application Layer and is used to stream multicast video streams to the clients. What client stations possess the keys that are necessary to decrypt the multicast data packets carrying these videos?
A. Only the members of the executive team that are part of the multicast group configured on the media server
B. All clients that are associated to the AP using the ABCData SSID
C. All clients that are associated to the AP using any SSID
D. All clients that are associated to the AP with a shared GTK, which includes ABCData and ABCVoice.
Answer: B
Q65. Given: You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data. What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?
A. All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.
B. Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.
C. Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.
D. Only Wireshark can be used to capture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.
E. The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.
Answer: B
Q66. An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or data.
What kind of attack is described?
A. Man-in-the-middle
B. Hijacking
C. ASLEAP
D. DoS
Answer: D
Q67. Given: Many corporations configure guest VLANs on their WLAN controllers that allow visitors to have Internet access only. The guest traffic is tunneled to the DMZ to prevent some security risks. In this deployment, what risks are still associated with implementing the guest VLAN without any advanced traffic monitoring or filtering features enabled? (Choose 2)
A. Intruders can send spam to the Internet through the guest VLAN.
B. Peer-to-peer attacks can still be conducted between guest users unless application-layer monitoring and filtering are implemented.
C. Unauthorized users can perform Internet-based network attacks through the WLAN.
D. Guest users can reconfigure AP radios servicing the guest VLAN unless unsecure network management protocols (e.g. Telnet, HTTP) are blocked.
E. Once guest users are associated to the WLAN, they can capture 802.11 frames from the corporate VLANs.
Answer: AC
Q68. You are using a protocol analyzer for random checks of activity on the WLAN. In the process, you notice two different EAP authentication processes. One process (STA1) used seven EAP frames (excluding ACK frames) before the 4-way handshake and the other (STA2) used 11 EAP frames (excluding ACK frames) before the 4- way handshake. Which statement explains why the frame exchange from one STA required more frames than the frame exchange from another STA when both authentications were successful? (Choose the single most probable answer given a stable WLAN.)
A. STA1 and STA2 are using different cipher suites.
B. STA2 has retransmissions of EAP frames.
C. STA1 is a reassociation and STA2 is an initial association.
D. STA1 is a TSN, and STA2 is an RSN.
E. STA1 and STA2 are using different EAP types.
Answer: E