Leads4pass > CWNP > CWNP Certifications > CWSP-205 > CWSP-205 Online Practice Questions and Answers

CWSP-205 Online Practice Questions and Answers

Questions 4

Given: You are using a Wireless Aggregator utility to combine multiple packet captures. One capture exists for each of channels 1, 6 and 11. What kind of troubleshooting are you likely performing with such a tool?

A. Wireless adapter failure analysis.

B. Interference source location.

C. Fast secure roaming problems.

D. Narrowband DoS attack detection.

Buy Now
Questions 5

Given: In a security penetration exercise, a WLAN consultant obtains the WEP key of XYZ Corporation's wireless network. Demonstrating the vulnerabilities of using WEP, the consultant uses a laptop running a software AP in an attempt to hijack the authorized user's connections. XYZ's legacy network is using 802.11n APs with 802.11b, 11g, and 11n client devices.

With this setup, how can the consultant cause all of the authorized clients to establish Layer 2 connectivity with the software access point?

A. All WLAN clients will reassociate to the consultant's software AP if the consultant's software AP provides the same SSID on any channel with a 10 dB SNR improvement over the authorized AP.

B. A higher SSID priority value configured in the Beacon frames of the consultant's software AP will take priority over the SSID in the authorized AP, causing the clients to reassociate.

C. When the RF signal between the clients and the authorized AP is temporarily disrupted and the consultant's software AP is using the same SSID on a different channel than the authorized AP, the clients will reassociate to the software AP.

D. If the consultant's software AP broadcasts Beacon frames that advertise 802.11g data rates that are faster rates than XYZ's current 802.11b data rates, all WLAN clients will reassociate to the faster AP.

Buy Now
Questions 6

What elements should be addressed by a WLAN security policy? (Choose 2)

A. Enabling encryption to prevent MAC addresses from being sent in clear text

B. How to prevent non-IT employees from learning about and reading the user security policy

C. End-user training for password selection and acceptable network use

D. The exact passwords to be used for administration interfaces on infrastructure devices

E. Social engineering recognition and mitigation techniques

Buy Now
Questions 7

Given: ABC Company has 20 employees and only needs one access point to cover their entire facility. Ten of ABC Company's employees have laptops with radio cards capable of only WPA security. The other ten employees have laptops with radio cards capable of WPA2 security. The network administrator wishes to secure all wireless communications (broadcast and unicast) for each laptop with its strongest supported security mechanism, but does not wish to implement a RADIUS/AAA server due to complexity.

What security implementation will allow the network administrator to achieve this goal?

A. Implement an SSID with WPA2-Personal that allows both AES-CCMP and TKIP clients to connect.

B. Implement an SSID with WPA-Personal that allows both AES-CCMP and TKIP clients to connect.

C. Implement two separate SSIDs on the AP--one for WPA-Personal using TKIP and one for WPA2Personal using AES-CCMP.

D. Implement an SSID with WPA2-Personal that sends all broadcast traffic using AES-CCMP and unicast traffic using either TKIP or AES-CCMP.

Buy Now
Questions 8

What disadvantage does EAP-TLS have when compared with PEAPv0 EAP/MSCHAPv2 as an 802.11 WLAN security solution?

A. Fast/secure roaming in an 802.11 RSN is significantly longer when EAP-TLS is in use.

B. EAP-TLS does not protect the client's username and password inside an encrypted tunnel.

C. EAP-TLS cannot establish a secure tunnel for internal EAP authentication.

D. EAP-TLS is supported only by Cisco wireless infrastructure and client devices.

E. EAP-TLS requires extensive PKI use to create X.509 certificates for both the server and all clients, which increases administrative overhead.

Buy Now
Questions 9

A single AP is configured with three separate WLAN profiles, as follows:

1.

SSID: ABCData BSSID: 00:11:22:00:1F:C3 VLAN 10 Security: PEAPv0/EAP- MSCHAPv2 with AESCCMP 3 current clients

2.

SSID: ABCVoice BSSID: 00:11:22:00:1F:C4 VLAN 60 Security: WPA2-Personal with AES-CCMP 2 current clients

3.

SSID: Guest BSSID: 00:11:22:00:1F:C5 VLAN 90 Security: Open with captive portal authentication 3 current clients Three STAs are connected to ABCData. Three STAs are connected to Guest. Two STAs are connected to ABCVoice.

How many unique GTKs and PTKs are currently in place in this scenario?

A. 1 GTK 8 PTKs

B. 2 GTKs 5 PTKs

C. 2 GTKs 8 PTKs

D. 3 GTKs 8 PTKs

Buy Now
Questions 10

Given: ABC Company is implementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources.

What security best practices should be followed in this deployment scenario?

A. An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.

B. APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID for user accounting purposes.

C. RADIUS services should be provided at branch offices so that authentication server and supplicant credentials are not sent over the Internet.

D. Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.

Buy Now
Questions 11

Given: Your company has just completed installation of an IEEE 802.11 WLAN controller with 20 controller-based APs. The CSO has specified PEAPv0/EAP-MSCHAPv2 as the only authorized WLAN authentication mechanism. Since an LDAP-compliant user database was already in use, a RADIUS server was installed and is querying authentication requests to the LDAP server.

Where must the X.509 server certificate and private key be installed in this network?

A. Supplicant devices

B. LDAP server

C. Controller-based APs

D. WLAN controller

E. RADIUS server

Buy Now
Questions 12

You are using a utility that takes input and generates random output. For example, you can provide the input of a known word as a secret word and then also provide another known word as salt input. When you process the input it generates a secret code which is a combination of letters and numbers with case sensitivity. For what is the described utility used? (Choose 3)

A. Generating passwords for WLAN infrastructure equipment logins

B. Generating PMKs that can be imported into 802.11 RSN-compatible devices

C. Generating secret keys for RADIUS servers and WLAN infrastructure devices

D. Generating passphrases for WLAN systems secured with WPA2-Personal

E. Generating dynamic session keys used for IPSec VPNs

Buy Now
Questions 13

ABC Company requires the ability to identify and quickly locate rogue devices. ABC has chosen an overlay WIPS solution with sensors that use dipole antennas to perform this task. Use your knowledge of location tracking techniques to answer the question.

In what ways can this 802.11-based WIPS platform determine the location of rogue laptops or APs? (Choose 3)

A. Time Difference of Arrival (TDoA)

B. Angle of Arrival (AoA)

C. Trilateration of RSSI measurements

D. GPS Positioning

E. RF Fingerprinting

Buy Now
Exam Code: CWSP-205
Exam Name: Certified Wireless Security Professional
Last Update: Jul 09, 2026
Questions: 119
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$49.99

VCE

$55.99

PDF + VCE

$65.99