Free CWNP CWSP-208 Exam Questions

Question 1

What preventative measures are performed by a WIPS against intrusions?

A : EAPoL Reject frame flood against a rogue AP

B : Evil twin attack against a rogue AP

C : Deauthentication attack against a classified neighbor AP

D : ASLEAP attack against a rogue AP

E : Uses SNMP to disable the switch port to which rogue APs connect

Answer: E

Question 2

You are using a protocol analyzer for random checks of activity on the WLAN. In the process, you notice two different EAP authentication processes. One process (STA1) used seven EAP frames (excluding ACK frames) before the 4-way handshake and the other (STA2) used 11 EAP frames (excluding ACK frames) before the 4-way handshake. Which statement explains why the frame exchange from one STA required more frames than the frame exchange from another STA when both authentications were successful? (Choose the single most probable answer given a stable WLAN.)

A : STA1 and STA2 are using different cipher suites.

B : STA2 has retransmissions of EAP frames.

C : STA1 is a reassociation and STA2 is an initial association.

D : STA1 is a TSN, and STA2 is an RSN.

E : STA1 and STA2 are using different EAP types.

Answer: E

Question 3

You are using a protocol analyzer for random checks of activity on the WLAN. In the process, you notice two different EAP authentication processes. One process (STA1) used seven EAP frames (excluding ACK frames) before the 4-way handshake and the other (STA2) used 11 EAP frames (excluding ACK frames) before the 4-way handshake. Which statement explains why the frame exchange from one STA required more frames than the frame exchange from another STA when both authentications were successful? (Choose the single most probable answer given a stable WLAN.)

A : STA1 and STA2 are using different cipher suites.

B : STA2 has retransmissions of EAP frames.

C : STA1 is a reassociation and STA2 is an initial association.

D : STA1 is a TSN, and STA2 is an RSN.

E : STA1 and STA2 are using different EAP types.

Answer: E

Question 4

Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation’s wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user’s connections. XYZ’s legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices. With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

A : All WLAN clients will reassociate to the consultant’s software AP if the consultant’s software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.

B : A higher SSID priority value configured in the Beacon frames of the consultant’s software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.

C : When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant’s software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.

D : If the consultant’s software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ’s current 802.11b data rates, all WLAN clients will reassociate to the faster AP.

Answer: C

Question 5

What EAP type supports using MS-CHAPv2, EAP-GTC or EAP-TLS for wireless client authentication?

A : H-REAP

B : EAP-GTC

C : EAP-TTLS

D : PEAP

E : LEAP

Answer: D