CWSP-206 Free Practice Test

What software and hardware tools are used in the process performed to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network?

1. A. A low-gain patch antenna and terminal emulation software
2. B. MAC spoofing software and MAC DoS software
3. C. RF jamming device and a wireless radio card
4. D. A wireless workgroup bridge and a protocol analyzer

Correct Answer: C

A WLAN consultant has just finished installing a WLAN controller with 15 controller-based APs. Two SSIDs with separate VLANs are configured for this network, and both VLANs are configured to use the same RADIUS server. The SSIDs are configured as follows:
* 1. SSID Blue – VLAN 10 – Lightweight EAP (LEAP) authentication – CCMP cipher suite
* 2. SSID Red – VLAN 20 – PEAPv0/EAP-TLS authentication – TKIP cipher suite
The consultant’s computer can successfully authenticate and browse the Internet when using the Blue SSID. The same computer cannot authenticate when using the Red SSID. What is a possible cause of the problem?

1. A. The consultant does not have a valid Kerberos ID on the Blue VLAN.
2. B. The client does not have a proper certificate installed for the tunneled authentication within the established TLS tunnel.
3. C. The TKIP cipher suite is not a valid option for PEAPv0 authentication.
4. D. The Red VLAN does not use server certificate, but the client requires one.

Correct Answer: B

What TKIP feature was introduced to counter the weak integrity check algorithm used in WEP?

1. A. RC5 stream cipher
2. B. Block cipher support
3. C. Sequence counters
4. D. 32-bit ICV (CRC-32)
5. E. Michael

Correct Answer: E

For a WIPS system to identify the location of a rogue WLAN device using location pattering (RF fingerprinting), what must be done as part of the WIPS installation?

1. A. A location chipset (GPS) must be installed with it.
2. B. At least six antennas must be installed in each sector.
3. C. The RF environment must be sampled during an RF calibration process.
4. D. All WIPS sensors must be installed as dual-purpose (AP/sensor) devices.

Correct Answer: C

Many corporations configure guest VLANs on their WLAN controllers that allow visitors to have Internet access only. The guest traffic is tunneled to the DMZ to prevent some security risks. In this deployment, what risk is still associated with implementing the guest VLAN without any advanced traffic monitoring or filtering feature enabled?

1. A. Intruders can send spam to the Internet through the guest VLAN.
2. B. Peer-to-peer attacks can still be conducted between guest users unless application-layer monitoring and filtering are implemented.
3. C. Guest users can reconfigure AP radios servicing the guest VLAN unless unsecure network management protocols (e.
4. D. Telnet, HTTP) are blocked.
5. E. Once guest users are associated to the WLAN, they can capture 802.11 frames from the corporate VLANs.

Correct Answer: A