CWSP-207 Exam Details

  • Exam Code
    :CWSP-207
  • Exam Name
    :Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :139 Q&As
  • Last Updated
    :Jul 14, 2026

CWNP CWSP-207 Online Questions & Answers

  • Question 61:

    What wireless security protocol provides mutual authentication without using an X.509 certificate?

    A. EAP-FAST
    B. EAP-MD5
    C. EAP-TLS
    D. PEAPv0/EAP-MSCHAPv2
    E. EAP-TTLS
    F. PEAPv1/EAP-GTC

  • Question 62:

    In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?

    A. In home networks in which file and printer sharing is enabled
    B. At public hot-spots in which many clients use diverse applications
    C. In corporate Voice over Wi-Fi networks with push-to-talk multicast capabilities
    D. In university environments using multicast video training sourced from professor’s laptops

  • Question 63:

    Given: A network security auditor is preparing to perform a comprehensive assessment of an 802.11ac network’s security. What task should be performed at the beginning of the audit to maximize the auditor’s ability to expose network vulnerabilities?

    A. Identify the IP subnet information for each network segment.
    B. Identify the manufacturer of the wireless intrusion prevention system.
    C. Identify the skill level of the wireless network security administrator(s).
    D. Identify the manufacturer of the wireless infrastructure hardware.
    E. Identify the wireless security solution(s) currently in use.

  • Question 64:

    When using the 802.1X/EAP framework for authentication in 802.11 WLANs, why is the 802.1X Controlled Port still blocked after the 802.1X/EAP framework has completed successfully?

    A. The 802.1X Controlled Port is always blocked, but the Uncontrolled Port opens after the EAP authentication process completes.
    B. The 802.1X Controlled Port remains blocked until an IP address is requested and accepted by the Supplicant.
    C. The 4-Way Handshake must be performed before the 802.1X Controlled Port changes to the unblocked state.
    D. The 802.1X Controlled Port is blocked until Vender Specific Attributes (VSAs) are exchanged inside a RADIUS packet between the Authenticator and Authentication Server.

  • Question 65:

    Which EAP type allows authentication using a server certificate while protecting user credentials inside a TLS tunnel?

    A. EAP-TLS
    B. EAP-TTLS
    C. PEAPv0/EAP-MSCHAPv2
    D. EAP-FAST

  • Question 66:

    Given: Fred works primarily from home and public wireless hot-spots rather than commuting to the office. He frequently accesses the office network remotely from his Mac laptop using the local 802.11 WLAN. In this remote scenario, what single wireless security practice will provide the greatest security for Fred?

    A. Use an IPSec VPN for connectivity to the office network
    B. Use only HTTPS when agreeing to acceptable use terms on public networks
    C. Use enterprise WIPS on the corporate office network
    D. Use WIPS sensor software on the laptop to monitor for risks and attacks
    E. Use 802.1X/PEAPv0 to connect to the corporate office network from public hot-spots
    F. Use secure protocols, such as FTP, for remote file transfers.

  • Question 67:

    What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA or WPA2 is in use?

    A. AKM Suite List
    B. Group Cipher Suite
    C. RSN Capabilities
    D. Pairwise Cipher Suite List

  • Question 68:

    Given: You are using WEP as an encryption solution. You are using VLANs for network segregation.

    Why can you not establish an RSNA?

    A. RSNA connections require TKIP or CCMP.
    B. RSNA connections require BIP and do not support TKIP, CCMP or WEP.
    C. RSNA connections require CCMP and do not support TKIP or WEP.
    D. RSNA connections do not work in conjunction with VLANs.

  • Question 69:

    You must support a TSN as you have older wireless equipment that will not support the required processing of AES encryption. Which one of the following technologies will you use on the network so that a TSN can be implemented that would not be required in a network compliant with 802.11-2012 non-deprecated technologies?

    A. WEP
    B. RC4
    C. CCMP
    D. WPA2

  • Question 70:

    What wireless authentication technologies may build a TLS tunnel between the supplicant and the authentication server before passing client authentication credentials to the authentication server? (Choose 3)

    A. EAP-MD5
    B. EAP-TLS
    C. LEAP
    D. PEAPv0/MSCHAPv2
    E. EAP-TTLS

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-207 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.