Free CWNP CWSP-207 Exam Questions

Become CWNP Certified with updated CWSP-207 exam questions and correct answers

Page: 1 / 25

Total 121 Questions | Updated On: Jan 08, 2025

Add To Cart

Question 1

As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy, what password-related items should be addressed?

A : MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

B : Password complexity should be maximized so that weak WEP IV attacks are prevented.

C : Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.

D : Certificates should always be recommended instead of passwords for 802.11 client authentication.

E : EAP-TLS must be implemented in such scenarios.

Answer: C

Question 2

Given: You support a coffee shop and have recently installed a free 802.11ac wireless hot-spot for the benefit of your customers. You want to minimize legal risk in the event that the hot-spot is used for illegal Internet activity. What option specifies the best approach to minimize legal risk at this public hot-spot while maintaining an open venue for customer Internet access?

A : Configure WPA2-Enterprise security on the access point

B : Block TCP port 25 and 80 outbound on the Internet router

C : Require client STAs to have updated firewall and antivirus software

D : Allow only trusted patrons to use the WLAN

E : Use a WIPS to monitor all traffic and deauthenticate malicious stations

F : Implement a captive portal with an acceptable use disclaimer

Answer: F

Question 3

Given: ABC Company is an Internet Service Provider with thousands of customers. ABC’s customers are given login credentials for network access when they become a customer. ABC uses an LDAP server as the central user credential database. ABC is extending their service toexisting customers in some public access areas and would like to use their existing database for authentication. How can ABC Company use their existing user database for wireless user authentication as they implement a large-scale WPA2-Enterprise WLAN security solution?

A : Import all users from the LDAP server into a RADIUS server with an LDAP-to-RADIUS conversion tool.

B : Implement an X.509 compliant Certificate Authority and enable SSL queries on the LDAP server.

C : Mirror the LDAP server to a RADIUS database within a WLAN controller and perform daily backups to synchronize the user databases.

D : Implement a RADIUS server and query user authentication requests through the LDAP server.

Answer: D

Question 4

What protocols allow a network administrator to securely manage the configuration of WLAN controllers and access points? (Choose 2)

A : SNMPv1

B : HTTPS

C : Telnet

D : TFTP

E : FTP

F : SSHv2

Answer: B,F

Question 5

Which of the following security attacks cannot be detected by a WIPS solution of any kind? (Choose 2)

A : Rogue APs

B : DoS

C : Eavesdropping

D : Social engineering

Answer: C,D

Page: 1 / 25

Total 121 Questions | Updated On: Jan 08, 2025

Add To Cart