CWSP-207 Exam Details

  • Exam Code
    :CWSP-207
  • Exam Name
    :Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :139 Q&As
  • Last Updated
    :Jul 14, 2026

CWNP CWSP-207 Online Questions & Answers

  • Question 91:

    You have been recently hired as the wireless network administrator for an organization spread across seven locations. They have deployed more than 100 APs, but they have not been managedin either an automated or manual process for more than 18 months. Given this length of time, what is one of the first things you should evaluate from a security perspective?

    A. The channel widths configured
    B. The channels in use
    C. The VLANs in use
    D. The firmware revision

  • Question 92:

    You are implementing a wireless LAN that will be used by point-of-sale (PoS) systems in a retail environment. Thirteen PoS computers will be installed. To what industry requirement should you ensure you adhere?

    A. ISA99
    B. HIPAA
    C. PCI-DSS
    D. Directive 8500.01

  • Question 93:

    Which of the following security attacks cannot be detected by a WIPS solution of any kind? (Choose 2)

    A. Rogue APs
    B. DoS
    C. Eavesdropping
    D. Social engineering

  • Question 94:

    An attack is under way on the network. The attack is preventing users from accessing resources required for business operations, but the attacker has not gained access to any files or data. What kind of attack is described?

    A. Man-in-the-middle
    B. Hijacking
    C. ASLEAP
    D. DoS

  • Question 95:

    ABC Company uses the wireless network for highly sensitive network traffic. For that reason, they intend to protect their network in all possible ways. They are continually researching new network threats and new preventative measures.

    They are interested in the security benefits of 802.11w, but would like to know its limitations.

    What types of wireless attacks are protected by 802.11w? (Choose 2)

    A. RF DoS attacks
    B. Layer 2 Disassociation attacks
    C. Robust management frame replay attacks
    D. Social engineering attacks

  • Question 96:

    You are using a protocol analyzer for random checks of activity on the WLAN. In the process, you notice two different EAP authentication processes. One process (STA1) used seven EAP frames (excluding ACK frames) before the 4-way handshake and the other (STA2) used 11 EAP frames (excluding ACK frames) before the 4-way handshake.

    Which statement explains why the frame exchange from one STA required more frames than the frame exchange from another STA when both authentications were successful? (Choose the single most probable answer given a stable WLAN.)

    A. STA1 and STA2 are using different cipher suites.
    B. STA2 has retransmissions of EAP frames.
    C. STA1 is a reassociation and STA2 is an initial association.
    D. STA1 is a TSN, and STA2 is an RSN.
    E. STA1 and STA2 are using different EAP types.

  • Question 97:

    Given: In XYZ’s small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal. What statement about the WLAN security of this company is true?

    A. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.
    B. A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.
    C. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.
    D. An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user’s 4-Way Handshake.
    E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

  • Question 98:

    What attack cannot be detected by a Wireless Intrusion Prevention System (WIPS)?

    A. MAC Spoofing
    B. Eavesdropping
    C. Hot-spotter
    D. Soft AP
    E. Deauthentication flood
    F. EAP flood

  • Question 99:

    Given: Many corporations configure guest VLANs on their WLAN controllers that allow visitors to have Internet access only. The guest traffic is tunneled to the DMZ to prevent some security risks. In this deployment, what risks are still associated with implementing the guest VLAN without any advanced traffic monitoring or filtering features enabled? (Choose 2)

    A. Intruders can send spam to the Internet through the guest VLAN.
    B. Peer-to-peer attacks can still be conducted between guest users unless application-layer monitoring and filtering are implemented.
    C. Unauthorized users can perform Internet-based network attacks through the WLAN.
    D. Guest users can reconfigure AP radios servicing the guest VLAN unless unsecure network management protocols (e.g. Telnet, HTTP) are blocked.
    E. Once guest users are associated to the WLAN, they can capture 802.11 frames from the corporate VLANs.

  • Question 100:

    Joe’s new laptop is experiencing difficulty connecting to ABC Company’s 802.11 WLAN using 802.1X/EAP PEAPv0. The company’s wireless network administrator assured Joe that his laptop was authorized in the WIPS management

    console for connectivity to ABC’s network before it was given to him. The WIPS termination policy includes alarms for rogue stations, roque APs, DoS attacks and unauthorized roaming.

    What is a likely reason that Joe cannot connect to the network?

    A. Joe disabled his laptop’s integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.
    B. Joe’s integrated 802.11 radio is sending multiple Probe Request frames on each channel.
    C. An ASLEAP attack has been detected on APs to which Joe’s laptop was trying to associate. The WIPS responded by disabling the APs.
    D. Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-207 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.