Practice Free CWSP-207 Exam Online Questions
Your network just passed an external compliance audit. However, the same day it passed the audit there was an intrusion that compromised your company’s private data.
Your staff conducted an internal audit immediately after the intrusion was detected and found that your network is still compliant. The security audit files indicate that the network was compliant during the compromise as well.
What is the most likely reason that this compromise was possible on your compliant network?
- A . The auditor was indeed the attacker.
- B . The attacker was a network administrator.
- C . Being compliant is not the same as being secure.
- D . Your network is not the applicable audience for this compliance.
Your organization is developing a wireless device usage policy.
Which group(s) should be represented in the committee that actually develops this policy?
- A . IT staff
- B . Security staff
- C . Management
- D . End users
- E . Support staff
- F . All of the above
SSID: ABCVoice VLAN 60 Security: WPA2-Personal 2 current clients
Two client STAs are connected to ABCData and can access a media server that requires authentication at the Application Layer and is used to stream multicast video streams to the clients.
What client stations possess the keys that are necessary to decrypt the multicast data packets carrying these videos?
- A . Only the members of the executive team that are part of the multicast group configured on the media server
- B . All clients that are associated to the AP using the ABCData SSID
- C . All clients that are associated to the AP using any SSID
- D . All clients that are associated to the AP with a shared GTK, which includes ABCData and ABCVoice.
Given: Many computer users connect to the Internet at airports, which often have 802.11n access points with a captive portal for authentication.
While using an airport hot-spot with this security solution, to what type of wireless attack is a user susceptible? (Choose 2)
- A . Man-in-the-Middle
- B . Wi-Fi phishing
- C . Management interface exploits
- D . UDP port redirection
- E . IGMP snooping
What wireless authentication technologies may build a TLS tunnel between the supplicant and the authentication server before passing client authentication credentials to the authentication server? (Choose 3)
- A . EAP-MD5
- B . EAP-TLS
- C . LEAP
- D . PEAPv0/MSCHAPv2
- E . EAP-TTLS
What are the best and most often used security solutions used to provide data privacy across 802.11 WLAN bridge links? (Choose all that apply.)
- A . 802.1X/EAP
- B . Captive web portal
- C . Firewall
- D . IPsec VPN
- E . PSK
- F . Mobile device management
What would be the intended purpose of using a third-party AP as part of a WLAN audit?
- A . Audit Layer 1.
- B . Audit Layer 2.
- C . Audit the wired infrastructure.
- D . Audit the WIPS.
What can cause PSK authentication to fail? (Choose all that apply.)
- A . Passphrase mismatch
- B . Expired root CA certificate
- C . WLAN client driver problem
- D . Expired LDAP user account
- E . Encryption mismatch
What are some of the methods used by WIPS vendors to determine if a Layer 3 rogue device is connected to the wired network infrastructure? (Choose all that apply.)
- A . Sensor associates with a suspected rogue device and sends traffic back to the WIPS.
- B . Sensor deauthenticates rogue clients from the suspected rogue AP and captures the association frames from the rogue clients.
- C . The WIPS looks for decremented MAC addresses.
- D . The WIPS looks for spoofed MAC addresses.
What are of some of the common security capabilities often integrated within in access points deployed in a distributed WLAN architecture?
- A . Captive web portal
- B . Firewall
- C . Integrated RADIUS
- D . WIPS
- E . All of the above