Which one of the following is not a role defined in the 802.1X authentication procedures used in 802.11 and 802.3 networks for port-based authentication?
A. AAA Server
B. Authentication Server
C. Supplicant
D. Authenticator
Fred works primarily from home and public wireless hotspots rather than commuting to office. He frequently accesses the office network remotely from his Mac laptop using the local 802.11 WLAN. In this remote scenario, what single wireless security practice will provide the greatest security for Fred?
A. Use enterprise WIPS on the corporate office network.
B. Use 802.1X/PEAPv0 to connect to the corporate office network from public hotspots.
C. Use secure protocols, such as FTP, for remote file transfers.
D. Use an IPSec VPN for connectivity to the office network.
E. Use only HTTPS when agreeing to acceptable use terms on public networks.
F. Use WIPS sensor software on the laptop to monitor for risks and attacks.
You are installing 6 APs on the outside of your facility. They will be mounted at a height of 6 feet. What must you do to implement these APs in a secure manner beyond the normal indoor AP implementations? (Choose the single best answer.)
A. Ensure proper physical and environmental security using outdoor ruggedized APs or enclosures.
B. Use internal antennas.
C. Use external antennas.
D. Power the APs using PoE.
What EAP type supports using MS-CHAPv2, EAP-GTC or EAP-TLS for wireless client authentication?
A. EAP-GTC
B. PEAP
C. EAP-TTLS
D. LEAP
E. H-REAP
You must implement 7 APs for a branch office location in your organizations. All APs will be autonomous and provide the same two SSIDs (CORP1879 and Guest).
Because each AP is managed directly through a web-based interface, what must be changed on every AP before enabling the WLANs to ensure proper staging procedures are followed?
A. Output power
B. Fragmentation threshold
C. Administrative password
D. Cell radius
What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hotspots?
A. Require Port Address Translation (PAT) on each laptop.
B. Require secure applications such as POP, HTTP, and SSH.
C. Require VPN software for connectivity to the corporate network.
D. Require WPA2-Enterprise as the minimal WLAN security solution.
ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN. Before creating the WLAN security policy, what should you ensure you possess?
A. Management support for the process.
B. Security policy generation software.
C. End-user training manuals for the policies to be created.
D. Awareness of the exact vendor devices being installed.
As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy, what password-related items should be addressed?
A. Certificates should always be recommended instead of passwords for 802.11 client authentication.
B. Password complexity should be maximized so that weak WEP IV attacks are prevented.
C. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.
D. EAP-TLS must be implemented in such scenarios.
E. MS-CHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.
In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation's wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user's connections. XYZ's legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices. With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?
A. When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant's software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.
B. If the consultant's software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ's current 802.11b data rates, all WLAN clients will reassociate to the faster AP.
C. A higher SSID priority value configured in the Beacon frames of the consultant's software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.
D. All WLAN clients will reassociate to the consultant's software AP if the consultant's software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.
You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?
A. 802.1X/EAP-TTLS
B. WPA2-Personal with AES-CCMP
C. 802.1X/PEAPv0/MS-CHAPv2
D. EAP-MD5
E. Open 802.11 authentication with IPSec
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-206 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.