CWSP-207 Exam Details

  • Exam Code
    :CWSP-207
  • Exam Name
    :Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :139 Q&As
  • Last Updated
    :Jul 14, 2026

CWNP CWSP-207 Online Questions & Answers

  • Question 101:

    The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?

    A. Phase Shift Key (PSK)
    B. Group Master Key (GMK)
    C. Pairwise Master Key (PMK)
    D. Group Temporal Key (GTK)
    E. PeerKey (PK)
    F. Key Confirmation Key (KCK)

  • Question 102:

    What security benefits are provided by endpoint security solution software? (Choose 3)

    A. Can prevent connections to networks with security settings that do not conform to company policy
    B. Can collect statistics about a user’s network use and monitor network threats while they are connected
    C. Can restrict client connections to networks with specific SSIDs and encryption types
    D. Can be used to monitor for and prevent network attacks by nearby rogue clients or APs

  • Question 103:

    You have an AP implemented that functions only using 802.11-2012 standard methods for the WLAN communications on the RF side and implementing multiple SSIDs and profiles on the management side configured as follows:

    1.SSID: Guest - VLAN 90 - Security: Open with captive portal authentication - 2 current clients

    2.SSID: ABCData - VLAN 10 - Security: PEAPv0/EAP-MSCHAPv2 with AES-CCMP - 5 current clients

    3.SSID: ABCVoice - VLAN 60 - Security: WPA2-Personal - 2 current clients

    Two client STAs are connected to ABCData and can access a media server that requires authentication at the Application Layer and is used to stream multicast video streams to the clients.

    What client stations possess the keys that are necessary to decrypt the multicast data packets carrying these videos?

    A. Only the members of the executive team that are part of the multicast group configured on the media server
    B. All clients that are associated to the AP using the ABCData SSID
    C. All clients that are associated to the AP using any SSID
    D. All clients that are associated to the AP with a shared GTK, which includes ABCData and ABCVoice.

  • Question 104:

    A rogue AP is broadcasting the same SSID as the corporate network but uses open authentication. Which attack type is being performed?

    A. Evil twin attack
    B. Replay attack
    C. MAC spoofing
    D. Jamming

  • Question 105:

    The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the 802.11 association procedure?

    A. Group Key Handshake
    B. 802.1X/EAP authentication
    C. DHCP Discovery
    D. 4-Way Handshake
    E. Passphrase-to-PSK mapping
    F. RADIUS shared secret lookup

  • Question 106:

    Which WIPS function helps identify an attacker using MAC address spoofing?

    A. RF fingerprinting
    B. Deauthentication protection
    C. Probe request filtering
    D. VLAN segmentation

  • Question 107:

    What protocols allow a network administrator to securely manage the configuration of WLAN controllers and access points? (Choose 2)

    A. SNMPv1
    B. HTTPS
    C. Telnet
    D. TFTP
    E. FTP
    F. SSHv2

  • Question 108:

    What function does the Group Temporal Key (GTK) perform in a WPA2 network?

    A. Encrypts unicast traffic between client and AP
    B. Encrypts broadcast and multicast frames
    C. Generates the Pairwise Master Key
    D. Authenticates RADIUS communication

  • Question 109:

    What disadvantage does EAP-TLS have when compared with PEAPv0 EAP/MSCHAPv2 as an 802.11 WLAN security solution?

    A. Fast/secure roaming in an 802.11 RSN is significantly longer when EAP-TLS is in use.
    B. EAP-TLS does not protect the client's username and password inside an encrypted tunnel.
    C. EAP-TLS cannot establish a secure tunnel for internal EAP authentication.
    D. EAP-TLS is supported only by Cisco wireless infrastructure and client devices.
    E. EAP-TLS requires extensive PKI use to create X.509 certificates for both the server and all clients, which increases administrative overhead.

  • Question 110:

    What elements should be addressed by a WLAN security policy? (Choose 2)

    A. Enabling encryption to prevent MAC addresses from being sent in clear text
    B. How to prevent non-IT employees from learning about and reading the user security policy
    C. End-user training for password selection and acceptable network use
    D. The exact passwords to be used for administration interfaces on infrastructure devices
    E. Social engineering recognition and mitigation techniques

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-207 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.