CWSP-207 Exam Details

  • Exam Code
    :CWSP-207
  • Exam Name
    :Certified Wireless Security Professional
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :139 Q&As
  • Last Updated
    :Jul 14, 2026

CWNP CWSP-207 Online Questions & Answers

  • Question 81:

    What type of WLAN attack is prevented with the use of a per-MPDU TKIP sequence counter (TSC)?

    A. Weak-IV
    B. Forgery
    C. Replay
    D. Bit-flipping
    E. Session hijacking

  • Question 82:

    Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation’s wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to

    hijack the authorized user’s connections. XYZ’s legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices.

    With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

    A. All WLAN clients will reassociate to the consultant’s software AP if the consultant’s software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.
    B. A higher SSID priority value configured in the Beacon frames of the consultant’s software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.
    C. When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant’s software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.
    D. If the consultant’s software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ’s current 802.11b data rates, all WLAN clients will reassociate to the faster AP.

  • Question 83:

    Given: You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data. What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?

    A. All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.
    B. Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.
    C. Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.
    D. Only Wireshark can be used to capture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.
    E. The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.

  • Question 84:

    Given: ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hot-spot include: Cannot access corporate network resources Network permissions are limited to Internet access All stations must be authenticated What security controls would you suggest? (Choose the single best answer.)

    A. Implement separate controllers for the corporate and guest WLANs.
    B. Use a WIPS to deauthenticate guest users when their station tries to associate with the corporate WLAN.
    C. Configure access control lists (ACLs) on the guest WLAN to control data types and destinations.
    D. Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
    E. Force all guest users to use a common VPN protocol to connect.

  • Question 85:

    Given: You are using a Wireless Aggregator utility to combine multiple packet captures. One capture exists for each of channels 1, 6 and 11. What kind of troubleshooting are you likely performing with such a tool?

    A. Wireless adapter failure analysis.
    B. Interference source location.
    C. Fast secure roaming problems.
    D. Narrowband DoS attack detection.

  • Question 86:

    What statements are true about 802.11-2012 Protected Management Frames? (Choose 2)

    A. 802.11w frame protection protects against some Layer 2 denial-of-service (DoS) attacks, but it cannot prevent all types of Layer 2 DoS attacks.
    B. When frame protection is in use, the PHY preamble and header as well as the MAC header are encrypted with 256- or 512-bit AES.
    C. Authentication, association, and acknowledgment frames are protected if management frame protection is enabled, but deauthentication and disassociation frames are not.
    D. Management frame protection protects disassociation and deauthentication frames.

  • Question 87:

    What TKIP feature was introduced to counter the weak integrity check algorithm used in WEP?

    A. 32-bit ICV (CRC-32)
    B. Sequence counters
    C. RC5 stream cipher
    D. Michael
    E. Block cipher support

  • Question 88:

    What is a primary advantage of WPA3-Enterprise over WPA2-Enterprise?

    A. Uses longer passphrases
    B. Requires Protected Management Frames
    C. Uses 192-bit minimum cryptographic strength
    D. Eliminates need for RADIUS

  • Question 89:

    Given: You must implement 7 APs for a branch office location in your organization. All APs will be autonomous and provide the same two SSIDs (CORP1879 and Guest).

    Because each AP is managed directly through a web-based interface, what must be changed on every AP before enabling the WLANs to ensure proper staging procedures are followed?

    A. Fragmentation threshold
    B. Administrative password
    C. Output power
    D. Cell radius

  • Question 90:

    A company using 802.1X/EAP-TLS requires client-side certificates. What infrastructure component is mandatory?

    A. LDAP directory
    B. Public Key Infrastructure (PKI)
    C. Kerberos Key Distribution Center
    D. TACACS+ server

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-207 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.