Given: An 802.1X/EAP implementation includes an Active Directory domain controller running Windows Server 2012 and an AP from a major vendor. A Linux server is running RADIUS and it queries the domain controller for user credentials. A Windows client is accessing the network.
What device functions as the EAP Supplicant?
A. Linux server
B. Windows client
C. Access point
D. Windows server
E. An unlisted switch
F. An unlisted WLAN controller
In the IEEE 802.11-2012 standard, what is the purpose of the 802.1X Uncontrolled Port?
A. To allow only authentication frames to flow between the Supplicant and Authentication Server
B. To block authentication traffic until the 4-Way Handshake completes
C. To pass general data traffic after the completion of 802.11 authentication and key management
D. To block unencrypted user traffic after a 4-Way Handshake completes
What statement accurately describes the functionality of the IEEE 802.1X standard?
A. Port-based access control with EAP encapsulation over the LAN (EAPoL)
B. Port-based access control with dynamic encryption key management and distribution
C. Port-based access control with support for authenticated-user VLANs only
D. Port-based access control with mandatory support of AES-CCMP encryption
E. Port-based access control, which allows three frame types to traverse the uncontrolled port: EAP, DHCP, and DNS.
Given: The ABC Corporation currently utilizes an enterprise Public Key Infrastructure (PKI) to allow employees to securely access network resources with smart cards. The new wireless network will use WPA2-Enterprise as its primary authentication solution. You have been asked to recommend a Wi-Fi Alliance-tested EAP method.
What solutions will require the least change in how users are currently authenticated and still integrate with their existing PKI?
A. EAP-FAST
B. EAP-TLS
C. PEAPv0/EAP-MSCHAPv2
D. LEAP
E. PEAPv0/EAP-TLS
F. EAP-TTLS/MSCHAPv2
Given: ABC Corporation's 802.11 WLAN is comprised of a redundant WLAN controller pair (N+1) and 30 access points implemented in 2004. ABC implemented WEP encryption with IPSec VPN technology to secure their wireless communication because it was the strongest security solution available at the time it was implemented. IT management has decided to upgrade the WLAN infrastructure and implement Voice over Wi-Fi and is concerned with security because most Voice over Wi-Fi phones do not support IPSec.
As the wireless network administrator, what new security solution would be best for protecting ABC's data?
A. Migrate corporate data clients to WPA-Enterprise and segment Voice over Wi-Fi phones by assigning them to a different frequency band.
B. Migrate corporate data and Voice over Wi-Fi devices to WPA2-Enterprise with fast secure roaming support, and segment Voice over Wi-Fi data on a separate VLAN.
C. Migrate to a multi-factor security solution to replace IPSec; use WEP with MAC filtering, SSID hiding, stateful packet inspection, and VLAN segmentation.
D. Migrate all 802.11 data devices to WPA-Personal, and implement a secure DHCP server to allocate addresses from a segmented subnet for the Voice over Wi-Fi phones.
You are using a protocol analyzer for random checks of activity on the WLAN. In the process, you notice two different EAP authentication processes. One process (STA1) used seven EAP frames (excluding ACK frames) before the 4-way handshake and the other (STA2) used 11 EAP frames (excluding ACK frames) before the 4-way handshake.
Which statement explains why the frame exchange from one STA required more frames than the frame exchange from another STA when both authentications were successful? (Choose the single most probable answer given a stable WLAN.)
A. STA1 and STA2 are using different cipher suites.
B. STA2 has retransmissions of EAP frames.
C. STA1 is a reassociation and STA2 is an initial association.
D. STA1 is a TSN, and STA2 is an RSN.
E. STA1 and STA2 are using different EAP types.
While performing a manual scan of your environment using a spectrum analyzer on a laptop computer, you notice a signal in the real time FFT view. The signal is characterized by having peak power centered on channel 11 with an approximate width of 20 MHz at its peak. The signal widens to approximately 40 MHz after it has weakened by about 30 dB.
What kind of signal is displayed in the spectrum analyzer?
A. A frequency hopping device is being used as a signal jammer in 5 GHz
B. A low-power wideband RF attack is in progress in 2.4 GHz, causing significant 802.11 interference
C. An 802.11g AP operating normally in 2.4 GHz
D. An 802.11a AP operating normally in 5 GHz
What wireless authentication technologies may build a TLS tunnel between the supplicant and the authentication server before passing client authentication credentials to the authentication server? (Choose 3)
A. EAP-MD5
B. EAP-TLS
C. LEAP
D. PEAPv0/MSCHAPv2
E. EAP-TTLS
What is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism in an
802.11 WLAN?
A. EAP-TTLS sends encrypted supplicant credentials to the authentication server, but EAP-TLS uses unencrypted user credentials.
B. EAP-TTLS supports client certificates, but EAP-TLS does not.
C. EAP-TTLS does not require an authentication server, but EAP-TLS does.
D. EAP-TTLS does not require the use of a certificate for each STA as authentication credentials, but EAP-TLS does.
What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hot-spots?
A. Require Port Address Translation (PAT) on each laptop.
B. Require secure applications such as POP, HTTP, and SSH.
C. Require VPN software for connectivity to the corporate network.
D. Require WPA2-Enterprise as the minimal WLAN security solution.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CWNP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CWSP-205 exam preparations and CWNP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.