How many frames make up the Group Key Handshake excluding any Ack frames that may be required?
A. 1
B. 2
C. 3
D. 4
Correct Answer: B
Explanation: The Group Key Handshake consists of two frames excluding any Ack frames that may be required. The Group Key Handshake is used to distribute and update the Group Temporal Key (GTK) for encrypting broadcast and multicast traffic. The AP initiates the Group Key Handshake by sending a Group Key Message 1 frame to a STA, which contains the new GTK and other information. The STA responds with a Group Key Message 2 frame to the AP, which confirms the receipt of the GTK and other information. After this, both the AP and the STA can use the new GTK for encryption and decryption of broadcast and multicast traffic . References: CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 7: 802.11 Security, page 246; CWAP- 404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 7:
802.11 Security, page 247.
Question 42:
A manufacturing facility has installed a new automation system which incorporates an 802.11 wireless network. The automation system is controlled from tablet computers connected via the WLAN. However, the automation system has not gone live due to problem with the tablets connecting to the WLAN. The WLAN vendor has been onsite to perform a survey and confirmed good primary and secondary coverage across the facility. As a CWAP you are called in to perform Spectrum Analysis to identify any interference sources. From the spectrum analysis, you did not identify any interference sources but were able to correctly identify the issue. Which of the following issues did you identify from the spectrum analysis?
A. The tablets are connecting to the wrong SSID
B. The tablets are entering power save mode and failing to wake up to receive the access points transmissions
C. A high noise floor has resulted in a SNR of less than 20dB
D. There is a power mismatch between the APs and the clients
Correct Answer: D
Explanation: The most likely issue that can be identified from the spectrum analysis is a power mismatch between the APs and the clients. A power mismatch occurs when the APs transmit at a higher power level than the clients, or vice versa. This can cause asymmetric communication, where one side can hear the other, but not vice versa. This can result in poor performance, disconnections, or packet loss. A spectrum analysis can reveal a power mismatch by showing different signal amplitudes or RSSI values for the APs and the clients on the same channel or frequency. The other options are not correct, as they cannot be identified from the spectrum analysis alone. The tablets' SSID, power save mode,
and noise floor can be determined by using other tools or methods, such as protocol analysis, site survey, or device configuration. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 3: Spectrum Analysis, page
Question 43:
What is the function of the PHY layer?
A. Convert PPDUs to PSDUs for transmissions and PSDUs to PPDUs for receptions
B. Convert MSDUs to PPDUs for transmissions and PPDUs to MSDUs for receptions
C. Convert PPDUs to MSDUs for transmissions and MSDUs to PPDUs for receptions
D. Convert PSDUs to PPDUs for transmissions and PPDUs to PSDUs for receptions
Correct Answer: D
Explanation: The function of the PHY layer is to convert PSDUs to PPDUs for transmissions and PPDUs to PSDUs for receptions. A PSDU (PHY Service Data Unit) is the data unit that is passed from the MAC layer to the PHY layer for transmission, or from the PHY layer to the MAC layer for reception. A PPDU (PHY Protocol Data Unit) is the data unit that is transmitted or received over the wireless medium by the PHY layer. A PPDU consists of a PSDU and a PHY header, which contains information such as modulation, coding, and data rate. The PHY layer adds or removes the PHY header to or from the PSDU during the conversion process. References: [Wireless Analysis Professional Study Guide CWAP404], Chapter 4: 802.11 Physical Layer, page 97-98
Question 44:
What is the function of the PHY Preamble?
A. To terminate a conversation between transmitter and receiver
B. To set the modulation method for the MPDU
C. Carries the NDP used in Transmit Beamforming and MU-MIMO
D. Allows the receiver to detect and synchronize with the signal
Correct Answer: D
Explanation: The function of the PHY preamble is to allow the receiver to detect and synchronize with the signal. The PHY preamble is a part of the PPDU that is transmitted before the PHY header and the PSDU. The PHY preamble consists of a series of training fields that help the receiver to adjust its parameters, such as frequency, timing, and gain, to match the incoming signal. The PHY preamble also helps the receiver to estimate the channel conditions and noise level. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 4: 802.11 Physical Layer, page 99-100
Question 45:
Which one of the following statements is not true concerning DTIMs?
A. Buffered Broadcast and Multicast traffic will be transmitted following a DTIM
B. The DTIM interval can dictate when an STA will wake up to listen to beacon frames
C. DTIM stands for Delivery Traffic Indication Map
D. Every Beacon frame must contain a DTIM
Correct Answer: D
Explanation: Every Beacon frame must contain a DTIM is not a true statement concerning DTIMs. DTIM stands for Delivery Traffic Indication Message, and it is a subfield within the TIM (Traffic Indication Map) element in a Beacon frame. The DTIM indicates how many Beacon frames (including the current one) will appear before the next DTIM. For example, if the DTIM interval is set to 3, it means that every third Beacon frame will contain a DTIM. Buffered broadcast and multicast traffic will be transmitted following a DTIM, so that STAs in power save mode can wake up and receive them. The DTIM interval can also dictate when an STA will wake up to listen to Beacon frames, as some STAs may choose to only listen to Beacon frames that contain a DTIM . References: CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 6: MAC Sublayer Frame Exchanges, page 200; CWAP-404 CertifiedWireless Analysis Professional Study and Reference Guide, Chapter 6: MAC Sublayer Frame Exchanges, page 201.
Question 46:
When would you expect to see a Reassociation Request frame?
A. Every time a STA associates to an AP to which it has previously been associated
B. Only when a STA is using FT roaming
C. Only when a STA roams back to an AP it has previously been associated with
D. Every time a STA roams
Correct Answer: D
Explanation: A Reassociation Request frame is sent every time a STA roams from one AP to another within the same ESS. A Reassociation Request frame is similar to an Association Request frame, but it also contains the BSSID of the current AP that the STA is leaving. This allows the new AP to coordinate with the old AP and transfer the STA's context information, such as security keys, QoS parameters, and buffered frames. This way, the STA can maintain its connectivity and session continuity during roaming . References: CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 6: MAC Sublayer Frame Exchanges, page 195;CWAP-404 Certified Wireless Analysis Professional Study and Reference Guide, Chapter 6: MAC Sublayer Frame Exchanges, page 196.
Question 47:
What is encrypted within the third message of the 4-Way Handshake?
A. PMK
B. PTK
C. GMK
D. GTK
Correct Answer: D
Explanation: The GTK (Group Temporal Key) is encrypted within the third message of the 4-Way Handshake. The 4-Way Handshake is a process that establishes a secure connection between a STA (station) and an AP (access point) using WPA2 (Wi-Fi Protected Access 2), which is a security protocol that uses AES-CCMP (Advanced Encryption Standard-Counter Mode CBC-MAC Protocol) as its encryption algorithm. The 4- Way Handshake consists of four messages that are exchanged between the STA and the AP. The first message is sent by the AP to the STA, containing the ANonce (Authenticator Nonce), which is a random number generated by the AP. The second message is sent by the STA to the AP, containing the SNonce (Supplicant Nonce), which is a random number generated by the STA, and the MIC (Message Integrity Code), which is a value that verifies the integrity of the message. The third message is sent by the AP to the STA, containing the GTK, which is a key that is used to encrypt and decrypt multicast and broadcast data frames, and the MIC. The GTK is encrypted with the KEK (Key Encryption Key), which is derived from the PTK (Pairwise Temporal Key). The PTK is a key that is used to encrypt and decrypt unicast data frames, and it is derived from the PMK (Pairwise Master Key), the ANonce, and the SNonce. The fourth message is sent by the STA to the AP, containing only the MIC, to confirm the completion of the 4-Way Handshake. The other options are not correct, asthey are not encrypted within the third message of the 4-Way Handshake. The PMK is a key that is derived from a passphrase or obtained from an authentication server, and it is not transmitted in any message of the 4-Way Handshake. The PTK is a key that is derived from the PMK, the ANonce, and the SNonce, and it is not transmitted in any message of the 4-Way Handshake. The GMK (Group Master Key) is a key that is generated by the AP and used to derive the GTK, and it is not transmitted in any message of the 4-Way Handshake. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 8: Security Analysis, page 211-213
Question 48:
An RTS frame should be acknowledged by which frame?
A. CTS
B. Ack
C. RTS-Ack
D. Block Ack
Correct Answer: A
Explanation: An RTS (Request to Send) frame should be acknowledged by a CTS (Clear to Send) frame. An RTS and CTS frame are types of control frames that are used to implement a virtual carrier sense mechanism called RTS/CTS. RTS/CTS is a technique that helps to avoid collisions and hidden node problems in wireless transmissions. When a STA (station) wants to send a data frame, it first sends an RTS frame to the intended receiver, indicating the duration of the transmission. The receiver then responds with a CTS frame, also indicating the duration of the transmission. The other STAs in the vicinity hear either the RTS or the CTS frame and update their NAV (Network Allocation Vector) timers accordingly, deferring their access to the medium until the transmission is over. The sender then sends the data frame, followed by an ACK (Acknowledgement) frame from the receiver. The other options are not correct, as they are not used to acknowledge an RTS frame. An ACK frame is used to acknowledge a data frame, not an RTS frame. An RTS- Ack frame does not exist, as there is no such type of control frame in 802.11. A Block Ack (BA) frame is used to acknowledge multiple data frames in a single frame, not an RTS frame. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 6:
802.11 Frame Exchanges, page 166-167
Question 49:
What is the function of 802.11 Management frames?
A. Prioritize network administration traffic
B. Communicate configuration changes between WLAN controller and APs
C. Manage the BSS
D. Manage the flow of data
Correct Answer: C
Explanation: The function of 802.11 management frames is to manage the BSS. A BSS (Basic Service Set) is a group of STAs (stations) that share a common SSID (Service Set Identifier) and communicate with each other through an AP (access point) or directly in an ad hoc mode. Management frames are one of the three types of 802.11 frames, along with control and data frames. Management frames are used to establish, maintain, and terminate associations between STAs and APs, as well as to advertise and discover BSSs, exchange security information, report errors, and perform other management functions. The other options are not correct, as they are not functions of 802.11 management frames. Prioritizing network administration traffic, communicating configuration changes between WLAN controller and APs, and managing the flow of data are functions of other types of frames or protocols. References: [Wireless Analysis Professional Study Guide CWAP-404], Chapter 5: 802.11 MAC Sublayer, page 120-121
Question 50:
What is used to respond with an uplink transmission to an MU-RTS trigger frame in the 802.11ax PHY?
A. HE SU PPDU
B. HE MU PPDU
C. HE TB PPDU
D. VHT PPDU
Correct Answer: C
Explanation: An HE TB PPDU (High Efficiency Trigger-Based Packet Data Unit) is used to respond with an uplink transmission to an MU-RTS trigger frame in the 802.11ax PHY (Physical Layer). An MU-RTS trigger frame is a frame that initiates a multi-user transmission opportunity (MU-TXOP) by requesting multiple stations (STAs) to send clear- to-send (CTS) frames on different spatial streams or resource units (RUs). An HE TB PPDU is a frame that contains data from multiple STAs that have been allocated RUs by an MU-RTS trigger frame or another type of trigger frame. An HE SU PPDU (High Efficiency Single User Packet Data Unit) is a frame that contains data from a single STA using all available spatial streams or RUs. An HE MU PPDU (High Efficiency Multi User Packet Data Unit) is a frame that contains data from multiple STAs using different spatial streams or RUs without being triggered by another frame. A VHT PPDU (Very High Throughput Packet Data Unit) is a frame that uses the 802.11ac PHY and does not support multi-user transmissions.References: CWAP-404 Study Guide, Chapter 3: 802.11 MAC Layer Frame Formats and Technologies, page 101 CWAP-404 Objectives, Section 3.4: Analyze multi-user transmissions CWAP-404 Study Guide, Chapter 3: 802.11 MAC Layer Frame Formats and Technologies, page 99
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWAP-404 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.