CWNP CWSP-205 - Certified Wireless Security Professional (CWSP) Exam
Page: 1 / 24
Total 119 questions
Question #1 (Topic: Topic 1)
Given: During 802.1X/LEAP authentication, the username is passed across the wireless
medium in clear text.
From a security perspective, why is this significant?
medium in clear text.
From a security perspective, why is this significant?
A. The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.
B. The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.
C. 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.
D. The username can be looked up in a dictionary file that lists common username/password combinations.
Answer: B
Question #2 (Topic: Topic 1)
Given: ABC Corporation is evaluating the security solution for their existing WLAN. Two of
their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP
VPNs because of their wide support in server and desktop operating systems. While both
PPTP and LEAP adhere to the minimum requirements of the corporate security policy,
some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and
the known fact that MS-CHAPv2 has proven vulnerable in improper implementations.
As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2
authentication? (Choose 2)
their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP
VPNs because of their wide support in server and desktop operating systems. While both
PPTP and LEAP adhere to the minimum requirements of the corporate security policy,
some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and
the known fact that MS-CHAPv2 has proven vulnerable in improper implementations.
As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2
authentication? (Choose 2)
A. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.
B. MS-CHAPv2 is subject to offline dictionary attacks.
C. LEAP’s use of MS-CHAPv2 is only secure when combined with WEP.
D. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
E. MS-CHAPv2 uses AES authentication, and is therefore secure.
F. When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.
Answer: B,D
Question #3 (Topic: Topic 1)
Given: One of the security risks introduced by WPA2-Personal is an attack conducted by
an authorized network user who knows the passphrase. In order to decrypt other users
traffic, the attacker must obtain certain information from the 4-way handshake of the other
users.
In addition to knowing the Pairwise Master Key (PMK) and the supplicants address (SA),
what other three inputs must be collected with a protocol analyzer to recreate encryption
keys? (Choose 3)
an authorized network user who knows the passphrase. In order to decrypt other users
traffic, the attacker must obtain certain information from the 4-way handshake of the other
users.
In addition to knowing the Pairwise Master Key (PMK) and the supplicants address (SA),
what other three inputs must be collected with a protocol analyzer to recreate encryption
keys? (Choose 3)
A. Authenticator nonce
B. Supplicant nonce
C. Authenticator address (BSSID)
D. GTKSA
E. Authentication Server nonce
Answer: A,B,C
Question #4 (Topic: Topic 1)
What software and hardware tools are used together to hijack a wireless station from the
authorized wireless network onto an unauthorized wireless network? (Choose 2)
authorized wireless network onto an unauthorized wireless network? (Choose 2)
A. RF jamming device and a wireless radio card
B. A low-gain patch antenna and terminal emulation software
C. A wireless workgroup bridge and a protocol analyzer
D. DHCP server software and access point software
E. MAC spoofing software and MAC DoS software
Answer: A,D
Question #5 (Topic: Topic 1)
Given: Many computer users connect to the Internet at airports, which often have 802.11n
access points with a captive portal for authentication.
While using an airport hot-spot with this security solution, to what type of wireless attack is
a user susceptible? (Choose 2)
access points with a captive portal for authentication.
While using an airport hot-spot with this security solution, to what type of wireless attack is
a user susceptible? (Choose 2)
A. Man-in-the-Middle
B. Wi-Fi phishing
C. Management interface exploits
D. UDP port redirection
E. IGMP snooping
Answer: A,B
