CWSP-206 Exam Details

  • Exam Code
    :CWSP-206
  • Exam Name
    :CWSP Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jul 10, 2026

CWNP CWSP-206 Online Questions & Answers

  • Question 1:

    You manage a wireless network that services 200 wireless users. Your facility requires 20 access points, and you have installed an IEEE 802.11-compliant implementation of 802.1X/LEAP with AES-CCMP as an authentication and encryption solution. In this configuration, the wireless network is initially susceptible to what type of attack?

    A. Offline dictionary attacks
    B. Application eavesdropping
    C. Session hijacking
    D. Layer 3 peer-to-peer
    E. Encryption cracking

  • Question 2:

    Fred works primarily from home and public wireless hotspots rather than commuting to office. He frequently accesses the office network remotely from his Mac laptop using the local 802.11 WLAN. In this remote scenario, what single wireless security practice will provide the greatest security for Fred?

    A. Use enterprise WIPS on the corporate office network.
    B. Use 802.1X/PEAPv0 to connect to the corporate office network from public hotspots.
    C. Use secure protocols, such as FTP, for remote file transfers.
    D. Use an IPSec VPN for connectivity to the office network.
    E. Use only HTTPS when agreeing to acceptable use terms on public networks.
    F. Use WIPS sensor software on the laptop to monitor for risks and attacks.

  • Question 3:

    In XYZ's small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal. What statement about the WLAN security of this company is true?

    A. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.
    B. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.
    C. A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.
    D. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.
    E. An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user's 4-Way Handshake.

  • Question 4:

    Joe's new laptop is experiencing difficulty connecting to ABC Company's 802.11 WLAN using 802.1X/EAP PEAPv0. The company's wireless network administrator assured Joe that his laptop was authorized in the WIPS management console for connectivity to ABC's network before it was given to him. The WIPS termination policy includes alarms for rogue stations, rogue APs, DoS attacks and unauthorized roaming. What is a likely reason that Joe cannot connect to the network?

    A. An ASLEAP attack has been detected on APs to which Joe's laptop was trying to associate. The WIPS responded by disabling the APs.
    B. Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.
    C. Joe's integrated 802.11 radio is sending multiple Probe Request frames on each channel.
    D. Joe disabled his laptop's integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.

  • Question 5:

    ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection. What security characteristic and/or component plays a role in preventing data decryption?

    A. 4-Way Handshake
    B. PLCP Cyclic Redundancy Check (CRC)
    C. Multi-factor authentication
    D. Encrypted Passphrase Protocol (EPP)
    E. Integrity Check Value (ICV)

  • Question 6:

    ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hotspot include:

    Cannot access corporate network resources Network permissions are limited to Internet access All stations must be authenticated

    What security controls would you suggest? (Choose the single best answer.)

    A. Configure access control lists (ACLs) on the guest WLAN to control data types and destinations.
    B. Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
    C. Implement separate controllers for the corporate and guest WLANs.
    D. Use a WIPS to deauthenticate guest users when their station tries to associate with the corporate WLAN.
    E. Force all guest users to use a common VPN protocol to connect.

  • Question 7:

    As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy, what password-related items should be addressed?

    A. Certificates should always be recommended instead of passwords for 802.11 client authentication.
    B. Password complexity should be maximized so that weak WEP IV attacks are prevented.
    C. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.
    D. EAP-TLS must be implemented in such scenarios.
    E. MS-CHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

  • Question 8:

    You are installing 6 APs on the outside of your facility. They will be mounted at a height of 6 feet. What must you do to implement these APs in a secure manner beyond the normal indoor AP implementations? (Choose the single best answer.)

    A. Ensure proper physical and environmental security using outdoor ruggedized APs or enclosures.
    B. Use internal antennas.
    C. Use external antennas.
    D. Power the APs using PoE.

  • Question 9:

    A network security auditor is preparing to perform a comprehensive assessment of an 802.11ac network's security. What task should be performed at the beginning of the audit to maximize the auditor's ability to expose network vulnerabilities?

    A. Identify the IP subnet information for each network segment.
    B. Identify the manufacturer of the wireless infrastructure hardware.
    C. Identify the skill level of the wireless network security administrator(s).
    D. Identify the manufacturer of the wireless intrusion prevention system.
    E. Identify the wireless security solution(s) currently in use.

  • Question 10:

    During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text. From a security perspective, why is this significant?

    A. The username can be looked up in a dictionary file that lists common username/password combinations.
    B. The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.
    C. 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.
    D. The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-206 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.