CWSP-206 Online Practice Questions and Answers

During 802.1X/LEAP authentication, the username is passed across the wireless medium in clear text. From a security perspective, why is this significant?

A. The username can be looked up in a dictionary file that lists common username/password combinations.

B. The username is needed for Personal Access Credential (PAC) and X.509 certificate validation.

C. 4-Way Handshake nonces are based on the username in WPA and WPA2 authentication.

D. The username is an input to the LEAP challenge/response hash that is exploited, so the username must be known to conduct authentication cracking.

You manage a wireless network that services 200 wireless users. Your facility requires 20 access points, and you have installed an IEEE 802.11-compliant implementation of 802.1X/LEAP with AES-CCMP as an authentication and encryption solution. In this configuration, the wireless network is initially susceptible to what type of attack?

A. Offline dictionary attacks

B. Application eavesdropping

C. Session hijacking

D. Layer 3 peer-to-peer

E. Encryption cracking

ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations. As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication?

A. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.

B. When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.

C. MS-CHAPv2 uses AES authentication, and is therefore secure.

D. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.

E. LEAP's use of MS-CHAPv2 is only secure when combined with WEP.

You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assoc rsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?

A. 802.1X/EAP-TTLS

B. WPA2-Personal with AES-CCMP

C. 802.1X/PEAPv0/MS-CHAPv2

D. EAP-MD5

E. Open 802.11 authentication with IPSec

Which one of the following is not a role defined in the 802.1X authentication procedures used in 802.11 and 802.3 networks for port-based authentication?

A. AAA Server

B. Authentication Server

C. Supplicant

D. Authenticator

What TKIP feature was introduced to counter the weak integrity check algorithm used in WEP?

A. RC5 stream cipher

B. Block cipher support

C. Sequence counters

D. 32-bit ICV (CRC-32)

E. Michael

Which of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

A. It does not support a RADIUS server.

B. It is not a valid EAP type.

C. It does not support mutual authentication.

D. It does not support the outer identity.

A WLAN consultant has just finished installing a WLAN controller with 15 controller-based APs. Two SSIDs with separate VLANs are configured for this network, and both VLANs are configured to use the same RADIUS server. The SSIDs are configured as follows:

SSID Blue – VLAN 10 – Lightweight EAP (LEAP) authentication – CCMP cipher suite SSID Red – VLAN 20 – PEAPv0/EAP-TLS authentication – TKIP cipher suite

The consultant's computer can successfully authenticate and browse the Internet when using the Blue SSID. The same computer cannot authenticate when using the Red SSID. What is a possible cause of the problem?

A. The consultant does not have a valid Kerberos ID on the Blue VLAN.

B. The client does not have a proper certificate installed for the tunneled authentication within the established TLS tunnel.

C. The TKIP cipher suite is not a valid option for PEAPv0 authentication.

D. The Red VLAN does not use server certificate, but the client requires one.

Your network implements an 802.1X/EAP-based wireless security solution. A WLAN controller is installed and manages seven APs. FreeRADIUS is used for the RADIUS server and is installed on a dedicated server named SRV21. One example client is a MacBook Pro with 8 GB RAM. What device functions as the 802.1X/EAP Authenticator?

A. WLAN Controller/AP

B. MacBook Pro

C. SRV21

D. RADIUS server

XYZ Company has recently installed a controller-based WLAN and is using a RADIUS server to query authentication requests to an LDAP server. XYZ maintains user-based access policies and would like to use the RADIUS server to facilitate network authorization. What RADIUS feature could be used by XYZ to assign the proper network permissions to users during authentications?

A. RADIUS can reassign a client's 802.11 association to a new SSID by referencing a username-to-SSID mapping table in the LDAP user database.

B. The RADIUS server can support vendor-specific attributes in the ACCESS-ACCEPT response, which can be used for user policy assignment.

C. The RADIUS server can communicate with the DHCP server to issue the appropriate IP address and VLAN assignment to users.

D. RADIUS can send a DO-NOT-AUTHORIZE demand to the authenticator to prevent the STA from gaining access to specific files, but may only employ this in relation to Linux servers.

Role-Based Access Control (RBAC) allows a WLAN administrator to perform what network function?

A. Provide two or more user groups connected to the same SSID with different levels of network privileges.

B. Allow access to specific files and applications based on the user's WMM access category.

C. Allow simultaneous support for multiple EAP types on a single access point.

D. Minimize traffic load on an AP by requiring mandatory admission control for use of the Voice access category.

A large enterprise is designing a secure, scalable, and manageable 802.11n WLAN that will support thousands of users. The enterprise will support both 802.1X/EAP-TTLS and PEAPv0/MSCHAPv2. Currently, the company is upgrading network servers as well and will replace their existing Microsoft IAS implementation with Microsoft NPS, querying Active Directory for user authentication. For this organization, as they update their WLAN infrastructure, what WLAN controller feature will likely be least valuable?

A. SNMPv3 support

B. 802.1Q VLAN trunking

C. Internal RADIUS server

D. WIPS support and integration

E. WPA2-Enterprise authentication/encryption

The Marketing department's WLAN users need to reach their file and email server as well as the Internet, but should not have access to any other network resources. What single WLAN security feature should be implemented to comply with these requirements?

A. RADIUS policy accounting

B. Group authentication

C. Role-based access control

D. Captive portal

E. Mutual authentication

For a WIPS system to identify the location of a rogue WLAN device using location pattering (RF fingerprinting), what must be done as part of the WIPS installation?

A. A location chipset (GPS) must be installed with it.

B. At least six antennas must be installed in each sector.

C. The RF environment must be sampled during an RF calibration process.

D. All WIPS sensors must be installed as dual-purpose (AP/sensor) devices.

WLAN protocol analyzers can read and record many wireless frame parameters. What parameter is needed to physically locate rogue APs with a protocol analyzer?

A. IP Address

B. Noise floor

C. RSN IE

D. SSID

E. Signal strength

F. BSSID