Which one of the statements regarding the Frame Control field in an 802.11 MAC header is true?
A. Only Control frames have a Frame Control field
B. The Frame Control field is used to communicate the duration value
C. The Frame Control field contains subfields, and soma in 1-bit flags
D. The Frame Control field is always set to 0
Correct Answer: C
Explanation: The statement that the Frame Control field contains subfields, and some 1- bit flags is true. The Frame Control field is a 2-byte field in the MAC header that contains information about the type, subtype, and characteristics of a frame. The Frame Control field is divided into several subfields, each with a specific function and length. Some of these subfields are 1-bit flags, which can be set to 0 or 1 to indicate a certain condition or status. For example, the To DS and From DS subfields are 1-bit flags that indicate whether a frame is destined for or originated from the DS (Distribution System). The other statements are not true, as they do not describe the Frame Control field correctly. All types of frames (management, control, and data) have a Frame Control field, not just control frames. The Frame Control field is not used to communicate the duration value, which is a separate field in the MAC header. The Frame Control field is not always set to 0, as it varies depending on the type, subtype, and characteristics of each frame. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 5: 802.11 MAC Sublayer, page 113-114
Question 12:
Which one of the following is an advantage of using display filters that is not an advantage of capture-time filters?
A. They allow for focused analysis on just the packets of interest
B. Once created they are reusable for later captures
C. They only hide the packets from view and the filtered packets can be enabled for view later
D. Multiple of them can be applied simultaneously
Correct Answer: C
Explanation: Display filters are applied after the capture is completed and they only hide the packets from view. The filtered packets are still present in the capture file and can be enabled for view later by changing or removing the display filter.
This is an advantage over capture-time filters, which discard the packets that do not match the filter criteria and cannot be recovered later34 References:
In a Spectrum Analyzer the Swept Spectrogram plot displays what information?
A. RF power present at a particular frequency over the course of time
B. Reductions in frame transmissions
C. Wi-Fi Device information
D. The RF time domain
Correct Answer: A
Explanation: The Swept Spectrogram plot is a spectrum analysis plot that shows the RF power present at a particular frequency over the course of time. It can help identify trends and patterns in the RF spectrum over a longer period of time. It can also show how the RF environment changes over time and how different sources of RF signals affect each other. The other options are not correct, as they describe different types of plots or information that are not related to the Swept Spectrogram plot. References: [Wireless Analysis Professional Study Guide], Chapter 3: Spectrum Analysis, page 72-73
Question 14:
When a data frame is encrypted with WPA2, to which portion of the frame is the encryption applied?
A. Frame body and MAC Header
B. Frame body excluding the LLCPDU
C. Frame body including the LLCPDU
D. The whole MPDU
Correct Answer: C
Explanation: When a data frame is encrypted with WPA2, the encryption is applied to the frame body including the LLCPDU. The LLCPDU (Logical Link Control Protocol Data Unit) is a part of the frame body that contains information such as protocol type, source and destination service access points (SAPs), and control fields. The LLCPDU is added by the LLC (Logical Link Control) sublayer to provide multiplexing and flow control functions for different upper layer protocols. When a data frame is encrypted with WPA2, which uses AES-CCMP as its encryption algorithm, both the payload and the LLCPDU are encrypted as a single unit. The MAC header and FCS are not encrypted, as they are needed for addressing and error detection purposes. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 5: 802.11 MAC Sublayer, page 115-116
Question 15:
Which one of the following is required for Wi-Fi integration in laptop-based Spectrum Analyzer software in addition to the spectrum analysis adapter?
A. An 802.11 wireless adaptor
B. A firmware upgrade for the spectrum analysis adapter
C. A directional antenna
D. SNMP read credentials to the WLAN controller or APs
Correct Answer: A
Explanation: An 802.11 wireless adaptor is required for Wi-Fi integration in laptop-based spectrum analyzer software in addition to the spectrum analysis adapter. The spectrum analysis adapter is a hardware device that captures the RF signals in the wireless environment and sends them to the spectrum analyzer software for analysis and display. The 802.11 wireless adapter is a hardware device that connects the laptop to the wireless network and allows the spectrum analyzer software to correlate the RF data with the Wi-Fi data, such as SSID, channel, and BSSID. This enables the spectrum analyzer software to provide more context and insight into the spectrum activity and its impact on the Wi-Fi network. A firmware upgrade for the spectrum analysis adapter is not required for Wi-Fi integration, but it may be needed to fix bugs or add features to the device. A directional antenna is an antenna that focuses the RF energy in a specific direction and has a high gain and a narrow beamwidth. A directional antenna can be used with a spectrum analysis adapter to pinpoint the location or source of interference or noise in the wireless environment, but it is not required for Wi-Fi integration. SNMP read credentials to the WLAN controller or APs are not required for Wi-Fi integration, but they may be useful for obtaining additional information about the wireless network configuration and performance from the network devices.References: CWAP-404 Study Guide, Chapter 4: Spectrum Analysis and Troubleshooting, page 123 CWAP-404 Objectives, Section 4.2: Integrate Wi-Fi data with spectrum analysis data CWAP-404 Study Guide, Chapter 4: Spectrum Analysis and Troubleshooting, page 131
Question 16:
During a VHT Transmit Beamforming sounding exchange, the beamformee transmits a Compressed Beamforming frame to the beamformer. What is communicated within this Compressed Beamforming frame?
A. Steering Matrix
B. Beamforming Matrix
C. Feedback Matrix
D. Beamformee Matrix
Correct Answer: C
Explanation: The beamformee transmits a Feedback Matrix within the Compressed Beamforming frame to the beamformer. The Feedback Matrix contains information about the channel state between the beamformee and each spatial stream of the beamformer. This information is used by the beamformer to adjust its transmit weights and optimize its signal for the beamformee34. References: CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 11: 802.11n/ac/ax PHYsical Layer Frame Exchanges, page 4033; CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 11: 802.11n/ac/ax PHYsical Layer Frame Exchanges, page 4064.
Question 17:
You are analyzing a packet decode of a Probe Request and notice the SSID element has a length of zero. What do you conclude about the transmitting STA?
A. The WLAN adaptor is configured in promiscuous mode
B. The STA is operating in Ad-Hoc mode
C. The STA's WLAN adaptor is disabled
D. The STA is discovering a list of available BSSs
Correct Answer: D
Explanation: The STA is discovering a list of available BSSs by sending a Probe Request with an empty SSID element. This is also known as a broadcast Probe Request, as it does not specify any particular SSID to probe for. Any AP that receives this Probe Request will respond with a Probe Response containing its own SSID and other information about its BSS. This way, the STA can learn about all the BSSs in its vicinity and choose which one to associate with . References: CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 6: MAC Sublayer Frame Exchanges, page 191; CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter
6: MAC Sublayer Frame Exchanges, page 193.
Question 18:
When performing protocol analysis, you notice a high number of RTS/CTS frames being transmitted on an HT network. You suspect this may be due to HT protection mechanisms. Where in the Beacon frame would you look to determine which one of the four HT protection modes the AP is operating in?
A. HT Protection Element
B. HT Information Element
C. HT Operation Element
D. Non-HT Present Element
Correct Answer: B
Explanation: When performing protocol analysis, you would look at the HT Information Element in the Beacon frame to determine which one of the four HT protection modes the AP is operating in. The HT Information Element contains various
subfields that provide information about the HT network configuration and operation. One of these subfields is the HT Protection field, which indicates whether any protection mechanisms are required for mixed-mode operation with non-HT
STAs. The four possible values for this field are:
No Protection: No protection mechanisms are required. Non-member Protection: RTS/CTS or CTS-to-self protection is required for all HT transmissions.
20 MHz Protection: RTS/CTS or CTS-to-self protection is required for all HT transmissions using a 40 MHz channel.
Non-HT Mixed Mode: All HT transmissions must use a non-HT preamble and header . References: CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 11: 802.11n/ac/ax PHYsical Layer Frame
Exchanges, page 378; CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 11: 802.11n/ac/ax PHYsical Layer Frame Exchanges, page 379.
Question 19:
What is an AIFS?
A. A medium access method introduced by 802.lln, but never implemented
B. A variable Interframe Space introduced by 802.lie to help prioritize medium access for different Access Categories
C. A form of aggregation performed at the PHY layer based on 802.lie UP values interpreted from DSCP values
D. The shortest period of time a STA can sleep
Correct Answer: B
Explanation: An AIFS is a variable interframe space introduced by 802.11e to help prioritize medium access for different Access Categories (ACs). An interframe space is a period of time that a STA (station) has to wait before attempting to access the medium. An AIFS is a type of interframe space that varies depending on the AC of the traffic. An AC is a logical queue that corresponds to a QoS (Quality of Service) level for different types of traffic. There are four ACs defined by 802.11e: AC_VO (Voice), AC_VI (Video), AC_BE (Best Effort), and AC_BK (Background). Each AC has a different AIFSN (Arbitration Interframe Space Number) value, which determines how long it has to wait before attempting to access the medium. A lower AIFSN value means a higher priority and a shorter waiting time. The other options are not correct, as they do not describe what an AIFS is. An AIFS is not a medium access method introduced by 802.11n, but never implemented, as it is part of the 802.11e standard and widely used in QoS-enabled WLANs. An AIFS is not a form of aggregation performed at the PHY layer based on 802.11e UP values interpreted from DSCP values, as aggregation is a technique that combines multiple frames into one larger frame to improve efficiency and throughput, not prioritization or medium access. An AIFS is not the shortest period of time a STA can sleep, as sleeping is a power saving mode that allows a STA to conserve battery power by periodically turning off its radio, not accessing the medium. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 7: QoS Analysis, page 194-195
Question 20:
How does a VoIP Phone, using WMM Power Save, request data frames buffered at the AP?
A. The VoIP phone transmits a PS-Poll frame
B. The VoIP phone sets the More Data bit in the MAC Header to 1
C. The VoIP phone transmits a WMM Action frame
D. The VoIP phone transmits a trigger frame, which is a QoS Null frame or a QoS Data frame
Correct Answer: D
Explanation: A VoIP phone, using WMM Power Save, requests data frames buffered at the AP by transmitting a trigger frame, which is a QoS Null frame or a QoS Data frame. WMM Power Save is a power saving mode that allows a STA (station) to conserve battery power by periodically sleeping and waking up. WMM Power Save is based on WMM (Wi-Fi Multimedia), which is a QoS (Quality of Service) enhancement that provides prioritized and differentiated access to the medium fordifferent types of traffic. When a STA sleeps, it cannot receive any data frames from the AP, so it informs the AP of its power save status by setting a bit in its MAC header. The AP then buffers any data frames destined for the sleeping STA until it wakes up. When a STA wakes up, it sends a trigger frame to the AP, indicating its AC (Access Category), which is a logical queue that corresponds to its QoS level. A trigger frame can be either a QoS Null frame or a QoS Data frame, depending on whether it has any payload or not. The AP then responds with one or more data frames from the same AC as the trigger frame, followed by an ACK or BA (Block Acknowledgement) frame from the STA. The other options are not correct, as they are not used by a VoIP phone using WMM Power Save to request data frames buffered at the AP. A PS-Poll (Power Save Poll) frame is used by a STA using legacy power save mode, not WMM Power Save mode, to request data frames buffered at the AP. A PS-Poll frame does not indicate any AC or QoS information. Setting the More Data bit in the MAC header to 1 does not request any data frames from the AP, but indicates that there are more data frames to be sent by the STA or received by the STA. Transmitting a WMM Action frame does not request any data frames from the AP, but performs various management actions related to WMM features, such as admission control, parameter update, etc. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 7: QoS Analysis, page 198-199
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWAP-404 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.