CWSP-207 Exam Details

  • Exam Code
    :CWSP-207
  • Exam Name
    :Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :139 Q&As
  • Last Updated
    :Jul 14, 2026

CWNP CWSP-207 Online Questions & Answers

  • Question 41:

    Given: You have implemented strong authentication and encryption mechanisms for your enterprise 802.11 WLAN using 802.1X/EAP with AES-CCMP.

    For users connecting within the headquarters office, what other security solution will provide continuous monitoring of both clients and APs with 802.11-specific tracking?

    A. IPSec VPN client and server software
    B. Internet firewall software
    C. Wireless intrusion prevention system
    D. WLAN endpoint agent software
    E. RADIUS proxy server

  • Question 42:

    Given: Many computer users connect to the Internet at airports, which often have 802.11n access points with a captive portal for authentication. While using an airport hot-spot with this security solution, to what type of wireless attack is a user susceptible? (Choose 2)

    A. Man-in-the-Middle
    B. Wi-Fi phishing
    C. Management interface exploits
    D. UDP port redirection
    E. IGMP snooping

  • Question 43:

    Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames

    traversing a wireless connection.

    What security characteristics and/or components play a role in preventing data decryption? (Choose 2)

    A. Multi-factor authentication
    B. 4-Way Handshake
    C. PLCP Cyclic Redundancy Check (CRC)
    D. Encrypted Passphrase Protocol (EPP)
    E. Integrity Check Value (ICV)
    F. Group Temporal Keys

  • Question 44:

    When used as part of a WLAN authentication solution, what is the role of LDAP?

    A. A data retrieval protocol used by an authentication service such as RADIUS
    B. An IEEE X.500 standard compliant database that participates in the 802.1X port-based access control process
    C. A SQL compliant authentication service capable of dynamic key generation and distribution
    D. A role-based access control protocol for filtering data to/from authenticated stations.
    E. An Authentication Server (AS) that communicates directly with, and provides authentication for, the Supplicant.

  • Question 45:

    Which one of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

    A. It does not support the outer identity.
    B. It is not a valid EAP type.
    C. It does not support mutual authentication.
    D. It does not support a RADIUS server.

  • Question 46:

    Which command or configuration ensures that a WLAN controller enforces role-based access policies dynamically from RADIUS?

    A. Enable VLAN pooling
    B. Apply RADIUS return-list attributes
    C. Configure static SSID-to-VLAN mapping
    D. Enable WPA3 Transition Mode

  • Question 47:

    Given: You support a coffee shop and have recently installed a free 802.11ac wireless hot-spot for the benefit of your customers. You want to minimize legal risk in the event that the hot-spot is used for illegal Internet activity. What option specifies the best approach to minimize legal risk at this public hot-spot while maintaining an open venue for customer Internet access?

    A. Configure WPA2-Enterprise security on the access point
    B. Block TCP port 25 and 80 outbound on the Internet router
    C. Require client STAs to have updated firewall and antivirus software
    D. Allow only trusted patrons to use the WLAN
    E. Use a WIPS to monitor all traffic and deauthenticate malicious stations
    F. Implement a captive portal with an acceptable use disclaimer

  • Question 48:

    In order to acquire credentials of a valid user on a public hot-spot network, what attacks may be conducted? Choose the single completely correct answer.

    A. Social engineering and/or eavesdropping
    B. RF DoS and/or physical theft
    C. MAC denial of service and/or physical theft
    D. Authentication cracking and/or RF DoS
    E. Code injection and/or XSS

  • Question 49:

    Given: You view a protocol analyzer capture decode with the following protocol frames listed in the following order (excluding the ACK frames):

    1) 802.11 Probe Request and 802.11 Probe Response 2) 802.11 Auth and another 802.11 Auth 3) 802.11 Assoc Req and 802.11 Assoc Rsp 4) EAPOL-Start 5) EAP Request and EAP Response 6) EAP Request and EAP Response 7) EAP Request and EAP Response 8) EAP Request and EAP Response 9) EAP Request and EAP Response 10) EAP Success 19) EAPOL-Key (4 frames in a row)

    What are you seeing in the capture file? (Choose 4)

    A. WPA2-Enterprise authentication
    B. WPA2-Personal authentication
    C. 802.11 Open System authentication
    D. 802.1X with Dynamic WEP
    E. Wi-Fi Protected Setup with PIN
    F. Active Scanning
    G. 4-Way Handshake

  • Question 50:

    Given: The Marketing department’s WLAN users need to reach their file and email server as well as the Internet, but should not have access to any other network resources. What single WLAN security feature should be implemented to comply with these requirements?

    A. Mutual authentication
    B. Captive portal
    C. Role-based access control
    D. Group authentication
    E. RADIUS policy accounting

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-207 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.