CWSP-206 Exam Details

  • Exam Code
    :CWSP-206
  • Exam Name
    :CWSP Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jul 10, 2026

CWNP CWSP-206 Online Questions & Answers

  • Question 41:

    In an IEEE 802.11-compliant WLAN, when is the 802.1X Controlled Port placed into the unblocked state?

    A. After EAP authentication is successful
    B. After Open System authentication
    C. After the 4-Way Handshake
    D. After any Group Handshake

  • Question 42:

    What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA or WPA2 is in use?

    A. Group Cipher Suite
    B. Pairwise Cipher Suite List
    C. AKM Suite List
    D. RSN Capabilities

  • Question 43:

    Which of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

    A. It does not support a RADIUS server.
    B. It is not a valid EAP type.
    C. It does not support mutual authentication.
    D. It does not support the outer identity.

  • Question 44:

    The Marketing department's WLAN users need to reach their file and email server as well as the Internet, but should not have access to any other network resources. What single WLAN security feature should be implemented to comply with these requirements?

    A. RADIUS policy accounting
    B. Group authentication
    C. Role-based access control
    D. Captive portal
    E. Mutual authentication

  • Question 45:

    In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce?

    A. They are added together and used as the GMK, from which the GTK is derived.
    B. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.
    C. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).
    D. They are input values used in the derivation of the Pairwise Transient Key.

  • Question 46:

    Many corporations configure guest VLANs on their WLAN controllers that allow visitors to have Internet access only. The guest traffic is tunneled to the DMZ to prevent some security risks. In this deployment, what risk is still associated with implementing the guest VLAN without any advanced traffic monitoring or filtering feature enabled?

    A. Intruders can send spam to the Internet through the guest VLAN.
    B. Peer-to-peer attacks can still be conducted between guest users unless application-layer monitoring and filtering are implemented.
    C. Guest users can reconfigure AP radios servicing the guest VLAN unless unsecure network management protocols (e.g. Telnet, HTTP) are blocked.
    D. Once guest users are associated to the WLAN, they can capture 802.11 frames from the corporate VLANs.

  • Question 47:

    The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?

    A. 802.1X/ EAP authentication
    B. Group Key Handshake
    C. DHCP Discovery
    D. RADIUS shared secret lookup
    E. 4-Way Handshake
    F. Passphrase-to-PSK mapping

  • Question 48:

    What WLAN client device behavior is exploited by an attacker during a hijacking attack?

    A. After the initial association and 4-way handshake, client stations and access points do not need to perform another 4-way handshake, even if connectivity is lost.
    B. Client drivers scan for and connect to access point in the 2.4 GHz band before scanning the 5 GHz band.
    C. When the RF signal between a client and an access point is disrupted for more than a few seconds, the client device will attempt to associate to an access point with better signal quality.
    D. When the RF signal between a client and an access point is lost, the client will not seek to reassociate with another access point until the 120 second hold down timer has expired.
    E. As specified by the Wi-Fi Alliance, clients using Open System authentication must allow direct client-to-client connections, even in an infrastructure BSS.

  • Question 49:

    What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hotspots?

    A. Require Port Address Translation (PAT) on each laptop.
    B. Require secure applications such as POP, HTTP, and SSH.
    C. Require VPN software for connectivity to the corporate network.
    D. Require WPA2-Enterprise as the minimal WLAN security solution.

  • Question 50:

    In order to acquire credentials of a valid user on a public hotspot network, what attacks may be conducted? Choose the single completely correct answer.

    A. MAC denial of service and/or physical theft
    B. Social engineering and/or eavesdropping
    C. Authentication cracking and/or RF DoS
    D. Code injection and/or XSS
    E. RF DoS and/or physical theft

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-206 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.