Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

CWNP PW0-200 Exam -

Free PW0-200 Sample Questions:

Q: 1 What policies would prevent peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hotspots?

A. Require managed personal firewall software on each laptop.
B. Require secure applications such as POP3/S, HTTPS, and SSH2.
C. Require VPN software for connectivity to the corporate network.
D. Require WPA2-Enterprise as the minimal WLAN security solution.
E. Require Port Address Translation (PAT) on each laptop.
F. Require a managed wireless endpoint security agent on each laptop.

Answer: A, B, C, F

Q: 2 Given: You have a laptop computer with an integrated Wi-Fi compliant MiniPCI card.
What statements describe the limited effectiveness of locating rogue access points using WLAN discovery software such as NetStumbler, Kismet, or MacStumbler?

A. Discovery tools like those listed cannot determine the authorization status of an access point.
B. A laptop computer can only be in one location at a time.
C. Discovery tools like those listed cannot determine if an access point is attached to a wired network.
D. Rogue access points using non-IEEE 802.11 frequency bands or unpopular modulations are not detected.
E. When data encryption in use, access points cannot be detected using discovery tools like those listed.

Answer: A, B, C, D

Q: 3 What happens in a bit flipping attack against an IEEE 802.11 device?

A. An attacker captures an encrypted frame, modifies the ciphertext, modifies the ICV to hide the change to the ciphertext, and then transmits the frame to appear as if it is from the original source.
B. An attacker uses a non-linear Message Integrity Check (MIC) on his computer to form a wireless crossover connection with the target computer.
C. An attacker injects data into a wireless transmission that results in a memory access exception at the target system for the purpose of breaching security.
D. An attacker sends each frame with the first bit alternating between 0 and 1, causing the target computer to disable encryption synchronization.
E. An attacker captures an encrypted authentication frame, and then executes a cracking algorithm against each 0 and 1 in the frame. After the frame is cracked, it is used to authenticate the attacker's computer.

Answer: A

Q: 4 Given: ABC Company has a WLAN controller with three access points, 15 client devices, and uses WPA2-Personal for WLAN security. What statement about ABC Company's WLAN security is true?

A. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt data traffic.
B. Traffic injection attacks are possible because the transmitter lacks frame numbering.
C. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt broadcast traffic.
D. An authorized WLAN user with a protocol analyzer can decode data frames of other authorized users if he captures that user's 4-Way Handshake.
E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.

Answer: D

Q: 5 What WIPS parameter is configured to generate notifications?

A. Mobile unit density violations
B. Admission control status
C. Sensor sensitivity levels
D. Policy threshold values

Answer: D

Q: 6 When using a tunneled EAP type, what is protected against clear text transmission across the wireless medium?

A. x.509 certificates
B. User credentials
C. Server credentials
D. EAPoL keys
E. Pairwise Master Keys

Answer: B

Q: 7 Given: John Smith often works from home and wireless hotspots rather than
commuting to the office. His laptop connects to the office network over IEEE 802.11 WLANs.
To safeguard his data, what wireless security policy items should be implemented?

A. Use an IPSec VPN for remote connectivity
B. Use an HTTPS captive portal for authentication at hotspots
C. Use personal firewall software on his laptop
D. Use a protocol analyzer on his laptop to monitor for risks
E. Use 802.1X/PEAPv0 to connect to the corporate office network

Answer: A, C

Q: 8 Given: A network security auditor is assessing an IEEE 802.11 network's exposure to security holes. What task would save the most time if performed before the audit?

A. Identify the IP subnet information for each network segment.
B. Identify the manufacturer of the wireless intrusion prevention system.
C. Identify the skill level of the wireless network security administrator(s).
D. Identify the manufacturer of the wireless infrastructure hardware.
E. Identify the wireless security solution(s) currently in use.

Answer: E

Q: 9 Given: ABC Corporation is selecting a security solution for their new WLAN, and a PPTP VPN is their first consideration because it is included with both server and desktop operating systems. While the 128-bit encryption of Microsoft's MPPE is considered strong enough to adhere to corporate security policy, the company is worried about security holes in MS-CHAPv2 authentication.
As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication in a PPTP VPN?

A. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.
B. MS-CHAPv2 is subject to offline dictionary attacks.
C. MS-CHAPv2 is only secure when combined with WEP.
D. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
E. MS-CHAPv2 uses anonymous Diffie-Hellman authentication, and is therefore secure.
F. MS-CHAPv2 can be replaced with EAP-TLS as the authentication mechanism for PPTP.

Answer: B, D, F

Q: 10 Given: ABC Company's ERP WLAN has worked perfectly for the last 6 months. One morning, none of the company's 10 users can connect to the company's only access point. When the administrator logs into the access point, there are hundreds of users associated using Open System authentication. What is the problem?

A. The AP has been the victim of an RF DoS attack.
B. The AP has experienced an AP spoofing attack from a rogue AP.
C. The AP firmware has been corrupted and is erroneously reporting the number of users.
D. The AP has experienced an association flood attack.

Answer: D

Q: 11 During 802.1X/LEAP authentication, what authentication credential is passed using clear text across the wireless medium?

A. Password
B. x.509 certificate
C. Username
E. Shared secret

Answer: C

Q: 12 For WIPS to describe the location of a rogue WLAN device, what must be done as part of the WIPS installation?

A. All WIPS sensors must perform RF self-calibration after they are installed.
B. A GPS system must be installed, including the coordinates of the building's corners.
C. The WIPS must be told where the authorized APs are in relation to the WIPS sensors.
D. A graphical floor plan diagram must be imported into the WIPS.

Answer: D

Q: 13 What four tools are required to hijack a wireless station (at Layer 2 and Layer 3) from the authorized wireless network onto the unauthorized wireless network? (Select two answers that together specify the four necessary tools)

A. Access point software and a narrowband RF jamming device
B. A high-gain Yagi antenna and terminal emulation software
C. A wireless workgroup bridge and a spectrum analyzer
D. A wireless PC card and DHCP server software
E. MAC spoofing software and data flooding software

Answer: A, D

Q: 14 Given: ABC Company is planning to implement IPSec VPN technology using the Encapsulating Security Payload (ESP) protocol to secure their wireless connections. You are hired as a security consultant to discuss the security strength of this solution.
What statement about this WLAN security implementation is true?

A. ESP can only use 3DES encryption which causes high latency on half-duplex networks.
B. Wireless clients should be configured for NAT transparency so encrypted frames can traverse gateways.
C. ESP uses public key cryptography, which is incompatible with the 802.11 protocol.
D. The ESP protocol encrypts the entire original frame if implemented in tunnel mode.
E. When using ESP as a VPN solution, the implementation must incorporate SSH2 tunneling as well.

Answer: D

Q: 15 RFC 3748 specifies that the EAP-response/identity frame must comply with what criteria?

A. The EAP-response/identity frame must contain the user identity.
B. When TLS-tunneling mode is active, the EAP-response/identity frame must have a blank user identity.
C. The EAP-response/identity frame must not contain a null identity value.
D. The user identity value must be hashed prior to insertion into the EAP-response/identity frame.

Answer: C

Q: 16 What TKIP features prevent attacks against the known weaknesses of WEP?

A. 32-bit ICV (CRC-32)
B. Mandatory per-packet keys
C. RC5 stream cipher
D. Michael
E. Increased IV length
F. 4-Way Handshake

Answer: B, D, E

Q: 17 Given: John Smith often telecommutes from a coffee shop near his home. The coffee shop has an ERP access point with a captive portal for authentication.
At this hotspot, John's Wi-Fi enabled computer is susceptible to what types of WLAN attacks?

A. TCP port redirection
B. Wi-Fi phishing
C. Peer-to-peer
D. 802.11 RARP
E. Eavesdropping
F. Bluesnarf

Answer: B, C, E

Q: 18 Given: A university is installing 10 WLAN controllers and 500 dual-band IEEE 802.11 ERP/OFDM lightweight access points as part of one WLAN domain. The WLAN controllers will work as a cluster, and will support users from 20 different departments within the university system.
In this environment, how should each WLAN controller connect to the Ethernet infrastructure?

A. Each WLAN controller should connect between the core layer 3 Ethernet switch and two access-layer Ethernet switches forming 10 distribution segments.
B. Each WLAN controller should connect to the core layer 3 Ethernet switch via a gigabit (or faster) 802.1Q trunk.
C. Two WLAN controllers should be connected to the core layer 3 Ethernet switch and the other eight WLAN controllers should be chained in series with those two WLAN controllers forming the cluster.
D. Each WLAN controller should connect to an access-layer Ethernet switch using a gigabit (or faster) connection.

Answer: B

Q: 19 Wireless Intrusion Prevention Systems (WIPS) are used for what purposes?

A. Performance monitoring and troubleshooting
B. Enforcing wireless network policy
C. Detecting and defending against eavesdropping attacks
D. Security monitoring and notification
E. Preventing virtual carrier sense attacks by 802.11 transmitters
F. Physical layer protocol analysis

Answer: A, B, D

Q: 20 How does a wireless network management system (WNMS) discover EAP usernames?

A. The WNMS acts as an 802.1X authentication server proxy, relaying information between the WLAN controller and the RADIUS server.
B. The WNMS polls access points or WLAN controllers using SNMP.
C. The client device sends the username to the WNMS on port 113 (ident service) after successful authentication.
D. The RADIUS server sends the username to the WNMS after the wireless device successfully authenticates.
E. The WNMS captures the username by telling APs to sniff the wireless medium during the authentication process.

Answer: B

Q: 21 What EAP type is used by the Wi-Fi Protected Setup specification for Registrar and Enrollee discovery and for Credential establishment?


Answer: B

Q: 22 Given: ABC Company wants to install an ERP WLAN that supports fast roaming for ERP wVoIP phones. A requirement is the ability to troubleshoot reassociations that are delayed or dropped during roaming.
What is the most cost-effective system ABC Company can implement to meet the troubleshooting requirement?

A. WIPS sensor software installed on laptop computers
B. wVoIP client stations with SNMP reporting utilities and a WNMS
C. WLAN controller with lightweight access points
D. Autonomous access points and an overlay WIPS

Answer: C

Q: 23 In a WLAN hijacking attack, what WLAN client device feature works to the advantage of the attacker?

A. When the RF signal between a client and an access point is lost for more than a few seconds, the client device will attempt reassociation only with the same access point until the Layer 3 session times out.
B. When the RF signal between a client and an access point is significantly disrupted, the client will seek to reassociate with another access point with the same SSID and a stronger, higher-quality signal.
C. Clients auto-detect Ad Hoc and Infrastructure service sets and will associate to the appropriate network type.
D. The IEEE 802.11 standard specifies that clients using Open System authentication must allow direct client-to-client connections, even in Infrastructure mode.

Answer: B

Q: 24 Once strong authentication and encryption mechanisms are implemented and tested in an enterprise IEEE 802.11 WLAN, what additional security solutions are needed to maintain the WLAN's security?

A. VPN client and server software
B. Internet firewall software
C. Wireless intrusion prevention system
D. WLAN endpoint agent software
E. RADIUS proxy server

Answer: C, D

Q: 25 What security protocols support using either MS-CHAPv2 or EAP-TLS for wireless client authentication?

C. IPSec

Answer: B, D

Q: 26 When implementing an IEEE 802.11 WLAN, what password-related items should be included in a security policy?

A. Service Set Identifiers (SSIDs) should be configured to the same length and strength requirements as any other administrative-level password in the enterprise.
B. Passwords should be at least as long as usernames when user authentication is used instead of hardware authentication.
C. The password policy should be extended to provide guidance on selecting passphrases for security solutions such as WPA2-Personal.
D. Certificates should always be used instead of passwords when securing a WLAN.
E. Passwords should contain numbers, special characters, and upper and lower case letters.

Answer: C, E

© 2014, All Rights Reserved