Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection.
What security characteristics and/or components play a role in preventing data decryption? (Choose 2)
A. Multi-factor authentication
B. 4-Way Handshake
C. PLCP Cyclic Redundancy Check (CRC)
D. Encrypted Passphrase Protocol (EPP)
E. Integrity Check Value (ICV)
F. Group Temporal Keys
Given: ABC Company has recently installed a WLAN controller and configured it to support WPA2Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering).
How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?
A. The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.
B. The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.
C. The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.
D. The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.
Given: ABC Company is an Internet Service Provider with thousands of customers. ABC's customers are given login credentials for network access when they become a customer. ABC uses an LDAP server as the central user credential database. ABC is extending their service to existing customers in some public access areas and would like to use their existing database for authentication.
How can ABC Company use their existing user database for wireless user authentication as they implement a large-scale WPA2-Enterprise WLAN security solution?
A. Import all users from the LDAP server into a RADIUS server with an LDAP-to-RADIUS conversion tool.
B. Implement an X.509 compliant Certificate Authority and enable SSL queries on the LDAP server.
C. Mirror the LDAP server to a RADIUS database within a WLAN controller and perform daily backups to synchronize the user databases.
D. Implement a RADIUS server and query user authentication requests through the LDAP server.
Given: ABC Company is implementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources.
What security best practices should be followed in this deployment scenario?
A. An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.
B. APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID for user accounting purposes.
C. RADIUS services should be provided at branch offices so that authentication server and supplicant credentials are not sent over the Internet.
D. Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.
Given: A large enterprise is designing a secure, scalable, and manageable 802.11n WLAN that will support thousands of users. The enterprise will support both 802.1X/EAP-TTLS and PEAPv0/MSCHAPv2. Currently, the company is upgrading network servers as well and will replace their existing Microsoft IAS implementation with Microsoft NPS, querying Active Directory for user authentication.
For this organization, as they update their WLAN infrastructure, what WLAN controller feature will likely be least valuable?
A. WPA2-Enterprise authentication/encryption
B. Internal RADIUS server
C. WIPS support and integration
D. 802.1Q VLAN trunking
E. SNMPv3 support
Role-Based Access Control (RBAC) allows a WLAN administrator to perform what network function?
A. Minimize traffic load on an AP by requiring mandatory admission control for use of the Voice access category.
B. Allow access to specific files and applications based on the user's WMM access category.
C. Provide two or more user groups connected to the same SSID with different levels of network privileges.
D. Allow simultaneous support for multiple EAP types on a single access point.
What protocols allow a network administrator to securely manage the configuration of WLAN controllers and access points? (Choose 2)
A. SNMPv1
B. HTTPS
C. Telnet
D. TFTP
E. FTP
F. SSHv2
Given: XYZ Company has recently installed a controller-based WLAN and is using a RADIUS server to query authentication requests to an LDAP server. XYZ maintains user-based access policies and would like to use the RADIUS server to facilitate network authorization.
What RADIUS features could be used by XYZ to assign the proper network permissions to users during authentication? (Choose 2)
A. The RADIUS server can communicate with the DHCP server to issue the appropriate IP address and VLAN assignment to users.
B. The RADIUS server can support vendor-specific attributes in the ACCESS-ACCEPT response, which can be used for user policy assignment.
C. RADIUS can reassign a client's 802.11 association to a new SSID by referencing a username- to-SSID mapping table in the LDAP user database.
D. RADIUS can send a DO-NOT-AUTHORIZE demand to the authenticator to prevent the STA from gaining access to specific files, but may only employ this in relation to Linux servers.
E. RADIUS attributes can be used to assign permission levels, such as read-only permission, to users of a particular network resource.
When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?
A. X.509 certificates
B. User credentials
C. Server credentials
D. RADIUS shared secret
Given: Your network implements an 802.1X/EAP-based wireless security solution. A WLAN controller is installed and manages seven APs. FreeRADIUS is used for the RADIUS server and is installed on a dedicated server named SRV21. One example client is a MacBook Pro with 8 GB RAM.
What device functions as the 802.1X/EAP Authenticator?
A. SRV21
B. WLAN Controller/AP
C. MacBook Pro
D. RADIUS server
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-205 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.