CWSP-206 Exam Details

  • Exam Code
    :CWSP-206
  • Exam Name
    :CWSP Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jul 10, 2026

CWNP CWSP-206 Online Questions & Answers

  • Question 51:

    When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?

    A. Server credentials
    B. User credentials
    C. RADIUS shared secret
    D. X.509 certificates

  • Question 52:

    You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?

    A. 802.1X/EAP-TTLS
    B. WPA2-Personal with AES-CCMP
    C. 802.1X/PEAPv0/MS-CHAPv2
    D. EAP-MD5
    E. Open 802.11 authentication with IPSec

  • Question 53:

    What TKIP feature was introduced to counter the weak integrity check algorithm used in WEP?

    A. RC5 stream cipher
    B. Block cipher support
    C. Sequence counters
    D. 32-bit ICV (CRC-32)
    E. Michael

  • Question 54:

    For which one of the following purposes would a WIPS not be a good solution?

    A. Enforcing wireless network security policy.
    B. Detecting and defending against eavesdropping attacks.
    C. Performance monitoring and troubleshooting.
    D. Security monitoring and notification.

  • Question 55:

    Many computer users connect to the Internet at airports, which often have 802.11n access points with a captive portal for authentication. While using an airport hotspot with this security solution, to what type of wireless attack is a user susceptible?

    A. Wi-Fi phishing
    B. Management interface exploits
    C. UDP port redirection
    D. IGMP snooping

  • Question 56:

    Your company has just completed installation of an IEEE 802.11 WLAN controller with 20 controller-based APs. The CSO has specified PEAPv0/EAP-MSCHAPv2 as the only authorized WLAN authentication mechanism. Since an LDAP-compliant user database was already in use, a RADIUS server was installed and is querying authentication requests to the LDAP server. Where must the X.509 server certificate and private key be installed in this network?

    A. Controller-based APs
    B. WLAN controller
    C. RADIUS server
    D. Supplicant devices
    E. LDAP server

  • Question 57:

    What security vulnerability may result from a lack of staging, change management, and installation procedures for WLAN infrastructure equipment?

    A. The WLAN system may be open to RF Denial-of-Service attacks.
    B. Authentication cracking of 64-bit Hex WPA-Personal PSK.
    C. AES-CCMP encryption keys may be decrypted.
    D. WIPS may not classify authorized, rogue, and neighbor APs accurately.

  • Question 58:

    In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation's wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user's connections. XYZ's legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices. With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

    A. When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant's software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.
    B. If the consultant's software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ's current 802.11b data rates, all WLAN clients will reassociate to the faster AP.
    C. A higher SSID priority value configured in the Beacon frames of the consultant's software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.
    D. All WLAN clients will reassociate to the consultant's software AP if the consultant's software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.

  • Question 59:

    WLAN protocol analyzers can read and record many wireless frame parameters. What parameter is needed to physically locate rogue APs with a protocol analyzer?

    A. IP Address
    B. Noise floor
    C. RSN IE
    D. SSID
    E. Signal strength
    F. BSSID

  • Question 60:

    The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?

    A. PeerKey (PK)
    B. Group Master Key (GMK)
    C. Key Confirmation Key (KCK)
    D. Pairwise Master Key (PMK)
    E. Phase Shift Key (PSK)
    F. Group Temporal Key (GTK)

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-206 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.