CWSP-208 Exam Details

  • Exam Code
    :CWSP-208
  • Exam Name
    :Certified Wireless Security Professional (CWSP)
  • Certification
    :CWNP Certifications
  • Vendor
    :CWNP
  • Total Questions
    :152 Q&As
  • Last Updated
    :Jul 11, 2026

CWNP CWSP-208 Online Questions & Answers

  • Question 41:

    Given: ABC Company has 20 employees and only needs one access point to cover their entire facility. Ten of ABC Company's employees have laptops with radio cards capable of only WPA security. The other ten employees have laptops with radio cards capable of WPA2 security. The network administrator wishes to secure all wireless communications (broadcast and unicast) for each laptop with its strongest supported security mechanism, but does not wish to implement a RADIUS/AAA server due to complexity.

    What security implementation will allow the network administrator to achieve this goal?

    A. Implement an SSID with WPA2-Personal that allows both AES-CCMP and TKIP clients to connect.
    B. Implement an SSID with WPA-Personal that allows both AES-CCMP and TKIP clients to connect.
    C. Implement two separate SSIDs on the AP-one for WPA-Personal using TKIP and one for WPA2-Personal using AES-CCMP.
    D. Implement an SSID with WPA2-Personal that sends all broadcast traffic using AES-CCMP and unicast traffic using either TKIP or AES-CCMP.

  • Question 42:

    You work as the security administrator for your organization. In relation to the WLAN, you are viewing a dashboard that shows security threat, policy compliance and rogue threat charts.

    What type of system is in view?

    A. Wireshark Protocol Analyzer
    B. Wireless VPN Management Systems
    C. Wireless Intrusion Prevention System
    D. Distributed RF Spectrum Analyzer
    E. WLAN Emulation System

  • Question 43:

    What 802.11 WLAN security problem is directly addressed by mutual authentication?

    A. Wireless hijacking attacks
    B. Weak password policies
    C. MAC spoofing
    D. Disassociation attacks
    E. Offline dictionary attacks
    F. Weak Initialization Vectors

  • Question 44:

    What preventative measures are performed by a WIPS against intrusions?

    A. EAPoL Reject frame flood against a rogue AP
    B. Evil twin attack against a rogue AP
    C. Deauthentication attack against a classified neighbor AP
    D. ASLEAP attack against a rogue AP
    E. Uses SNMP to disable the switch port to which rogue APs connect

  • Question 45:

    The following numbered items show some of the contents of each of the four frames exchanged during the 4-way handshake:

    1. Encrypted GTK sent

    2. Confirmation of temporal key installation

    3. Anonce sent from authenticator to supplicant

    4. Snonce sent from supplicant to authenticator, MIC included

    Arrange the frames in the correct sequence beginning with the start of the 4-way handshake.

    A. 2, 3, 4, 1
    B. 1, 2, 3, 4
    C. 4, 3, 1, 2
    D. 3, 4, 1, 2

  • Question 46:

    Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website. The bank's website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain John's bank account user ID and password and exploit this information.

    What likely scenario could have allowed the hacker to obtain John's bank account user ID and password?

    A. John's bank is using an expired X.509 certificate on their web server. The certificate is on John's Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted.
    B. John uses the same username and password for banking that he does for email. John used a POP3 email client at the wireless hot-spot to check his email, and the user ID and password were not encrypted.
    C. John accessed his corporate network with his IPSec VPN software at the wireless hot-spot. An IPSec VPN only encrypts data, so the user ID and password were sent in clear text. John uses the same username and password for banking that he does for his IPSec VPN software.
    D. The bank's web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.
    E. Before connecting to the bank's website, John's association to the AP was hijacked. The attacker intercepted the HTTPS public encryption key from the bank's web server and has decrypted John's login credentials in near real-time.

  • Question 47:

    Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation's wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user's connections. XYZ's legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices.

    With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

    A. All WLAN clients will reassociate to the consultant's software AP if the consultant's software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.
    B. A higher SSID priority value configured in the Beacon frames of the consultant's software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.
    C. When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant's software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.
    D. If the consultant's software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ's current 802.11b data rates, all WLAN clients will reassociate to the faster AP.

  • Question 48:

    Given: In XYZ's small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.

    What statement about the WLAN security of this company is true?

    A. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.
    B. A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.
    C. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.
    D. An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user's 4-Way Handshake.
    E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

  • Question 49:

    What TKIP feature was introduced to counter the weak integrity check algorithm used in WEP?

    A. 32-bit ICV (CRC-32)
    B. Sequence counters
    C. RC5 stream cipher
    D. Michael
    E. Block cipher support

  • Question 50:

    Given: ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN.

    Before creating the WLAN security policy, what should you ensure you possess?

    A. Awareness of the exact vendor devices being installed
    B. Management support for the process
    C. End-user training manuals for the policies to be created
    D. Security policy generation software

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-208 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.