-
PW0-200题库demo免费下载
Filed under CWNPAug 3CWNP认证PW0-200考试题库介绍
考试代号: PW0-200
问题数量:120 Q&As
更新时间: 2009-08-05
注册地点: Prometric/Pearson VUE
题库全称:certified wireless security professional(cwsp)免费PW0-200题库Demo赏析
Exam : CENP PW0-200
Title : Certified Wireless Security Professional(CWSP)1. Given: ABC Company’s ERP WLAN has worked perfectly for the last 6 months. One morningnone of the company’s 10 users can connect to the company’s only access point. When the administrator logs into the access pointthere are hundreds of users associated using Open System authentication.
What is the problem?
A. The AP has been the victim of an RF DoS attack.
B. The AP has experienced an AP spoofing attack from a rogue AP.
C. The AP firmware has been corrupted and is erroneously reporting the number of users.
D. The AP has experienced an association flood attack.
Answer: D2. Given: ABC Company has a WLAN controller with three access points15 client devicesand uses WPA2-Personal for WLAN security.
What statement about ABC Company’s WLAN security is true?
A. Intruders may obtain the passphrase with an offline dictionary attack and gain network accessbut will be unable to decrypt data traffic.
B. Traffic injection attacks are possible because the transmitter lacks frame numbering.
C. An unauthorized wireless client device cannot associatebut can eavesdrop on some data because WPA2-Personal does not encrypt broadcast traffic.
D. An authorized WLAN user with a protocol analyzer can decode data frames of other authorized users if he captures that user’s 4-Way Handshake.
E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshakehijacking attacks are easily performed.
Answer: D3. What WIPS parameter is configured to generate notifications?
A. Mobile unit density violations
B. Admission control status
C. Sensor sensitivity levels
D. Policy threshold values
Answer: D4. How does a wireless network management system (WNMS) discover EAP usernames?
A. The WNMS acts as an 802.1X authentication server proxyrelaying information between the WLAN controller and the RADIUS server.
B. The WNMS polls access points or WLAN controllers using SNMP.
C. The client device sends the username to the WNMS on port 113 (ident service) after successful authentication.
D. The RADIUS server sends the username to the WNMS after the wireless device successfully authenticates.
E. The WNMS captures the username by telling APs to sniff the wireless medium during the authentication process.
Answer: B5. Given: A network security auditor is assessing an IEEE 802.11 network’s exposure to security holes.
What task would save the most time if performed before the audit?
A. Identify the IP subnet information for each network segment.
B. Identify the manufacturer of the wireless intrusion prevention system.
C. Identify the skill level of the wireless network security administrator(s).
D. Identify the manufacturer of the wireless infrastructure hardware.
E. Identify the wireless security solution(s) currently in use.
Answer: E6. In this diagram illustrating an example of the IEEE 802.11 standard’s 4-Way Handshakewhat is the purpose of the ANonce and SNonce?
A. They are used to pad Message 1 and Message 2 so there is no empty space in the frame.
B. The IEEE 802.11 standard requires that all cryptographic frames contain a nonce for security purposes.
C. They are added together and used as the GMKfrom which the GTK is derived.
D. They are values used in the derivation of the Pairwise Transient Key.
Answer: D7. Given: ABC Company is planning to implement IPSec VPN technology using the Encapsulating Security Payload (ESP) protocol to secure their wireless connections. You are hired as a security consultant to discuss the security strength of this solution.
What statement about this WLAN security implementation is true?
A. ESP can only use 3DES encryption which causes high latency on half-duplex networks.
B. Wireless clients should be configured for NAT transparency so encrypted frames can traverse gateways.
C. ESP uses public key cryptographywhich is incompatible with the 802.11 protocol.
D. The ESP protocol encrypts the entire original frame if implemented in tunnel mode.
E. When using ESP as a VPN solutionthe implementation must incorporate SSH2 tunneling as well.
Answer: D8. Given: John Smith often works from home and wireless hotspots rather than commuting to the office. His laptop connects to the office network over IEEE 802.11 WLANs.
To safeguard his datawhat wireless security policy items should be implemented?
A. Use an IPSec VPN for remote connectivity
B. Use an HTTPS captive portal for authentication at hotspots
C. Use personal firewall software on his laptop
D. Use a protocol analyzer on his laptop to monitor for risks
E. Use 802.1X/PEAPv0 to connect to the corporate office network
Answer: AC9. Joe’s new laptop is experiencing difficulty connecting to ABC Company’s 802.11 network. The company’s wireless network administrator assured Joe that his laptop was authorized in the WIPS for connectivity to all Marketing department APs before it was given to him yesterday. The WIPS termination policy is shown in the exhibit.
What are some possible reasons that Joe cannot connect to the network?
A. Joe disabled his laptop’s integrated 802.11 radio and is using a personal PC card radio because of its updated chipsetdriversand client utilities.
B. Joe’s integrated 802.11 radio is sending too many Probe Request and EAPoL Start frames due to a corrupted driver.
C. Joe’s radio card has associated to an access point belonging to a neighboring 802.11 WLAN because it was configured to connect to any wireless network.
D. An ASLEAP attack has been detected on APs to which Joe’s laptop was trying to associate. The WIPS responded by disabling the APs.
E. Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.
F. Joe changed the system time on his computerand the WIPS is detecting this as a usage time violation.
Answer: AC10. What four tools are required to hijack a wireless station (at Layer 2 and Layer 3) from the authorized wireless network onto the unauthorized wireless network? (Select two answers that together specify the four necessary tools)
A. Access point software and a narrowband RF jamming device
B. A high-gain Yagi antenna and terminal emulation software
C. A wireless workgroup bridge and a spectrum analyzer
D. A wireless PC card and DHCP server software
E. MAC spoofing software and data flooding software
Answer: AD11. Given: The illustrated WLAN software tool can transmit customized 802.11 frames.
What are two uses for such a tool?
A. EAPoL flood attacks against access points
B. Auditing the performance features of a WIPS
C. Testing Role-Based Access Control features of a WLAN controller
D. NAV/duration attacks against all stations in a BSA
E. Altering physical layer frame headers for frame injection attacks
F. Changing a frame’s WEP ICV while it is in transit
Answer: AD12. What type of WLAN attack is illustrated on the 802.11 protocol analyzer screenshot?
A. Wideband RF jamming
B. Bit-flipping
C. Narrowband RF jamming
D. Authentication flood
E. Hijacking
Answer: A13. During 802.1X/LEAP authenticationwhat authentication credential is passed using clear text across the wireless medium?
A. Password
B. x.509 certificate
C. Username
D. PAC
E. Shared secret
Answer: C14. Given: ABC Corporation is selecting a security solution for their new WLANand a PPTP VPN is their first consideration because it is included with both server and desktop operating systems. While the 128-bit encryption of Microsoft’s MPPE is considered strong enough to adhere to corporate security policythe company is worried about security holes in MS-CHAPv2 authentication.
As a consultantwhat do you tell ABC Corporation about implementing MS-CHAPv2 authentication in a PPTP VPN?
A. MS-CHAPv2 is compliant with WPA-Personalbut not WPA2-Enterprise.
B. MS-CHAPv2 is subject to offline dictionary attacks.
C. MS-CHAPv2 is only secure when combined with WEP.
D. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
E. MS-CHAPv2 uses anonymous Diffie-Hellman authenticationand is therefore secure.
F. MS-CHAPv2 can be replaced with EAP-TLS as the authentication mechanism for PPTP.
Answer: BDF15. Given: You have a laptop computer with an integrated Wi-Fi compliant MiniPCI card.
What statements describe the limited effectiveness of locating rogue access points using WLAN discovery software such as NetStumblerKismetor MacStumbler?
A. Discovery tools like those listed cannot determine the authorization status of an access point.
B. A laptop computer can only be in one location at a time.
C. Discovery tools like those listed cannot determine if an access point is attached to a wired network.
D. Rogue access points using non-IEEE 802.11 frequency bands or unpopular modulations are not detected.
E. When data encryption in useaccess points cannot be detected using discovery tools like those listed.
Answer: ABCD16. What policies would prevent peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hotspots?
A. Require managed personal firewall software on each laptop.
B. Require secure applications such as POP3/SHTTPSand SSH2.
C. Require VPN software for connectivity to the corporate network.
D. Require WPA2-Enterprise as the minimal WLAN security solution.
E. Require Port Address Translation (PAT) on each laptop.
F. Require a managed wireless endpoint security agent on each laptop.
Answer: ABCF17. Wireless Intrusion Prevention Systems (WIPS) are used for what purposes?
A. Performance monitoring and troubleshooting
B. Enforcing wireless network policy
C. Detecting and defending against eavesdropping attacks
D. Security monitoring and notification
E. Preventing virtual carrier sense attacks by 802.11 transmitters
F. Physical layer protocol analysis
Answer: ABD18. Given: A university is installing 10 WLAN controllers and 500 dual-band IEEE 802.11 ERP/OFDM lightweight access points as part of one WLAN domain. The WLAN controllers will work as a clusterand will support users from 20 different departments within the university system.
In this environmenthow should each WLAN controller connect to the Ethernet infrastructure?
A. Each WLAN controller should connect between the core layer 3 Ethernet switch and two access-layer Ethernet switches forming 10 distribution segments.
B. Each WLAN controller should connect to the core layer 3 Ethernet switch via a gigabit (or faster) 802.1Q trunk.
C. Two WLAN controllers should be connected to the core layer 3 Ethernet switch and the other eight WLAN controllers should be chained in series with those two WLAN controllers forming the cluster.
D. Each WLAN controller should connect to an access-layer Ethernet switch using a gigabit (or faster) connection.
Answer: B19. What TKIP features prevent attacks against the known weaknesses of WEP?
A. 32-bit ICV (CRC-32)
B. Mandatory per-packet keys
C. RC5 stream cipher
D. Michael
E. Increased IV length
F. 4-Way Handshake
Answer: BDE20. What happens in a bit flipping attack against an IEEE 802.11 device?
A. An attacker captures an encrypted framemodifies the ciphertextmodifies the ICV to hide the change to the ciphertextand then transmits the frame to appear as if it is from the original source.
B. An attacker uses a non-linear Message Integrity Check (MIC) on his computer to form a wireless crossover connection with the target computer.
C. An attacker injects data into a wireless transmission that results in a memory access exception at the target system for the purpose of breaching security.
D. An attacker sends each frame with the first bit alternating between 0 and 1causing the target computer to disable encryption synchronization.
E. An attacker captures an encrypted authentication frameand then executes a cracking algorithm against each 0 and 1 in the frame. After the frame is crackedit is used to authenticate the attacker’s computer.
Answer: A免费下载PW0-200题库Demo
Examsoon提供最新的CWNP认证 PW0-200题库,其全名为:(certified wireless security professional(cwsp)). 在您决定是否购买之前 可以先下载PW0-200题库的部分演示. Examsoon是全球唯一提供所有IT认证考试题库demo免费下载的厂商 ,以下为免费PW0-200模拟测试题的下载链接
CWNP PW0-200学习指南
CWNP认证 PW0-200考试已经证明了它在全世界的广泛性和重要性,因此明白这项认证考试的世界各地的人必须具备与认证考试相关领域所需的技能和知识。CWNP认证 PW0-200学习指南的目的是检查考生的能力和他对概念的意识。很多时候练习测试PW0-200考试都已经被修改过了,删掉了许多过时的东西,而那些需求是在考试课程。当应用到时候你所学的知识的时候,就会鉴定出你所学到的东西以及对所学知识的应用是多么的恰到好处。CWNP认证 PW0-200是在IT行业的知名品牌,所以如果您通过了这样一个知名公司举行的一次考试,你可以想象你将来的事业会做的多么好。
想要通过这个考试当然存在很多困难。你所要做的就是准备好充足的勇气和信心,而这些都来源与你平时训练的好坏.建议大家可以去Examsoon这个网站看一下,它的PW0-200考试是为了测试您在这方面的知识的掌握程度,最好的部分是它可以使你不断更新你所学的知识,不断进步。如果你知道所有的概念和如何使用他们的时候才是你真正掌握了Examsoon的用意。这门考试检查了您的能力和一旦你通过这次考验你将成为最优秀的人才,其他PW0-200考试的Examsoon结算值得注意的影响就是你的薪水将直线上升这大概也是每个人都希望获得的,所以要找一些好的资源才行。
Examsoon考题大师PW0-200试题都是考试原题的完美组合,覆盖率95%以上,答案由多位专业资深讲师原版破解得出,正确率100%,只要您使用Examsoon的考试题库参加PW0-200考试,保证您一次轻松通过考试;
售后服务第一!我们相信要想在当今时代取得成功,必须为广大用户提供全套的周到细致的全程优质售后服务,只有客户满意了,才能发展。客户至上是Examsoon考题大师的一贯宗旨;
Leave a Reply
You must be logged in to post a comment.
Recent Comments