
合格させるCWSP-206テスト問題集で[2023年05月02日]に更新された138問あります
CWNP CWSP-206実際の問題と100%カバー率でリアル試験問題
CWSP-206認定試験は、多くの組織によって認められているベンダーニュートラルな認定プログラムです。この認定は、ITプロフェッショナルがワイヤレスセキュリティに関する専門知識を証明し、キャリアの展望を高めるために設計されています。CWSP-206認定試験は、ワイヤレスセキュリティに関する候補者の知識とスキルを厳しくテストし、試験に合格することは、候補者のワイヤレスセキュリティにおける熟練度を証明するものです。
認定ワイヤレスセキュリティプロフェッショナル(CWSP)認定は、ワイヤレスセキュリティ分野における非常に高い評価を受けている認定資格です。CWSP-206は、この認定の最新バージョンであり、常に進化する脅威からワイヤレスネットワークを保護するために必要な知識とスキルを持った候補者を確保するために設計されています。
CWSP-206(CWSP認定ワイヤレスセキュリティプロフェッショナル)認定試験は、ワイヤレスネットワークのセキュリティを専門とするITプロフェッショナル向けのベンダーニュートラルな認定プログラムです。この認定試験は、ワイヤレス技術教育と認定の権威であるCertified Wireless Network Professional(CWNP)組織によって提供されています。 CWSP認定試験は、潜在的な脅威や攻撃からワイヤレスネットワークを安全に保護するために必要なスキルと知識を検証します。
質問 # 57
ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations. As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication?
- A. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.
- B. MS-CHAPv2 uses AES authentication, and is therefore secure.
- C. LEAP's use of MS-CHAPv2 is only secure when combined with WEP.
- D. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
- E. When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.
正解:D
解説:
Explanation/Reference:
質問 # 58
What EAP type supports using MS-CHAPv2, EAP-GTC or EAP-TLS for wireless client authentication?
- A. EAP-TTLS
- B. LEAP
- C. PEAP
- D. H-REAP
- E. EAP-GTC
正解:C
解説:
Explanation/Reference:
質問 # 59
Which one of the following is not a role defined in the 802.1X authentication procedures used in
802.11 and 802.3 networks for port-based authentication?
- A. AAA Server
- B. Authenticator
- C. Supplicant
- D. Authentication Server
正解:A
質問 # 60
Which of the following wireless security protocols is defined in IEEE 802.11 pre-RSNA security?
- A. EAP
- B. CCMP
- C. WEP
- D. TKIP
正解:C
質問 # 61
Joe's new laptop is experiencing difficulty connecting to ABC Company's 802.11 WLAN using 802.1X/EAP PEAPv0. The company's wireless network administrator assured Joe that his laptop was authorized in the WIPS management console for connectivity to ABC's network before it was given to him. The WIPS termination policy includes alarms for rogue stations, rogue APs, DoS attacks and unauthorized roaming. What is a likely reason that Joe cannot connect to the network?
- A. Joe disabled his laptop's integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.
- B. Joe's integrated 802.11 radio is sending multiple Probe Request frames on each channel.
- C. Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.
- D. An ASLEAP attack has been detected on APs to which Joe's laptop was trying to associate. The WIPS responded by disabling the APs.
正解:A
解説:
Explanation
質問 # 62
Which of the following monitors program activities and modifies malicious activities on a system?
- A. NIDS
- B. Back door
- C. HIDS
- D. RADIUS
正解:C
質問 # 63
Which of the following is a security access control technique that allows or prevents specific network devices from accessing the network?
- A. Packet filtering
- B. Ingress filtering
- C. MAC filtering
- D. Route filtering
正解:C
質問 # 64
What WLAN client device behavior is exploited by an attacker during a hijacking attack?
- A. When the RF signal between a client and an access point is disrupted for more than a few seconds, the client device will attempt toassociate to an access point with better signal quality.
- B. When the RF signal between a client and an access point is lost, the client will not seek to reassociate with another access point until the 120 second hold down timer has expired.
- C. Client drivers scan for and connect to access point in the 2.4 GHz band before scanning the 5 GHz band.
- D. As specifiedby the Wi-Fi Alliance, clients using Open System authentication must allow direct client-to-client connections, even in an infrastructure BSS.
- E. After the initial association and 4-way handshake, client stations and access points do not need to perform another 4-way handshake, even if connectivity is lost.
正解:A
質問 # 65
ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing awireless connection. What security characteristic and/or component plays a role in preventing data decryption?
- A. Encrypted Passphrase Protocol (EPP)
- B. Multi-factor authentication
- C. PLCP Cyclic Redundancy Check (CRC)
- D. Integrity Check Value (ICV)
- E. 4-Way Handshake
正解:E
質問 # 66
Which of the following are legacy authentication protocols used within the stronger EAP authentication protocols? Each correct answer represents a complete solution. Choose all that apply.
- A. MS-CHAP
- B. PAP
- C. CHAP
- D. PPTP
正解:A、B、C
質問 # 67
You support a coffee shop and have recently installed a free 802.11ac wireless hotspot for the benefit of your customers. You want to minimize legal risk in the event that the hotspot is used for illegal Internet activity. What option specifies the best approach to minimize legal risk at this public hotspot while maintaining an open venue for customer Internet access?
- A. Require client STAs to have updated firewall and antivirus software.
- B. Allow only trusted patrons to use the WLAN.
- C. Block TCP port 25 and 80 outbound on the Internet router.
- D. Configure WPA2-Enterprise security on the access point.
- E. Use a WIPS to monitor all traffic and deauthenticate malicious stations.
- F. Implement a captive portal with an acceptable use disclaimer.
正解:F
質問 # 68
Joe's new laptop is experiencing difficulty connecting to ABC Company's 802.11 WLAN using 802.1X/EAP PEAPv0. The company's wireless networkadministrator assured Joe that his laptop was authorized in the WIPS management console for connectivity to ABC's network before it was given to him. The WIPS termination policy includes alarms for rogue stations, rogue APs, DoS attacks and unauthorized roaming.
What is a likely reason that Joe cannot connect to the network?
- A. Joe disabled his laptop's integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.
- B. Joe's integrated 802.11 radio is sending multiple Probe Request frames on each channel.
- C. Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.
- D. An ASLEAP attack has been detected on APs to which Joe's laptop was trying to associate. The WIPS responded by disabling the APs.
正解:A
質問 # 69
What software and hardware tools are used in the processperformed to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network?
- A. A wireless workgroup bridge and a protocol analyzer
- B. RF jamming device and a wireless radio card
- C. A low-gain patch antenna and terminal emulation software
- D. MAC spoofing software and MAC DoS software
正解:B
質問 # 70
After completing the installation of a new overlay WIPS for the purpose of roguedetection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify the security threats?
- A. Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements arebeing met.
- B. Authorized PEAP usernames must be added to the WIPS server's user database.
- C. WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.
- D. Separate security profiles must be defined for network operation in different regulatory domains.
正解:C
質問 # 71
Fred works primarily from home and public wireless hotspots rather than commuting to office. He frequently accesses the office network remotely from his Mac laptop using the local 802.11 WLAN. In this remote scenario, what single wirelesssecurity practice will provide the greatest security for Fred?
- A. Use 802.1X/PEAPv0 to connect to the corporate office network from public hotspots.
- B. Use WIPS sensor software on the laptop to monitor for risks and attacks.
- C. Use an IPSec VPN for connectivity to the office network.
- D. Use only HTTPS when agreeing to acceptable use terms on public networks.
- E. Use enterprise WIPS on the corporate office network.
- F. Use secure protocols, such as FTP, for remote file transfers.
正解:C
質問 # 72
Which of the following are secure infrastructure management protocols used in WLAN? Each correct answer represents a complete solution. Choose all that apply.
- A. HTTPS
- B. SCP
- C. Telnet
- D. SNMPv3
正解:A、B、D
質問 # 73
Your company has just completed installation of an IEEE 802.11 WLAN controller with 20 controller-based APs. The CSO has specified PEAPv0/EAP-MSCHAPv2 as the only authorized WLAN authentication mechanism. Since an LDAP-compliant user database was already in use, a RADIUS server was installed and is querying authentication requeststo the LDAP server. Where must the X.509 server certificate and private key be installed in this network?
- A. LDAP server
- B. Supplicant devices
- C. RADIUS server
- D. Controller-based APs
- E. WLAN controller
正解:C
質問 # 74
Which of the following provides security by implementing authentication and encryption on Wireless LAN (WLAN)?
- A. IPSec
- B. WEP
- C. WAP
- D. L2TP
正解:B
質問 # 75
Which of the following protocols is designed to provide more secure encryption than the weak wired encryption privacy?
- A. PEAP
- B. CCMP
- C. LEAP
- D. TKIP
正解:D
質問 # 76
As the primary security engineer for a large corporate network, you have been asked to author a new securitypolicy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy, what password-related items should be addressed?
- A. MS-CHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.
- B. EAP-TLS must be implemented in such scenarios.
- C. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.
- D. Certificates should always be recommended instead of passwords for 802.11 client authentication.
- E. Password complexity should be maximized so that weak WEP IV attacks are prevented.
正解:C
質問 # 77
You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter.
Your laptop computer has protocol analyzer software installed that is capable of capturing and decoding 802.11ac data. What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?
- A. All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.
- B. Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.
- C. Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.
- D. Only Wireshark can be used to capture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.
- E. The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.
正解:C
質問 # 78
Which of the following keys are used by the symmetric key algorithm? Each correct answer represents a complete solution. Choose all that apply.
- A. Public Key
- B. Private Key
- C. Group Temporal Key
- D. Pairwise Transient Key
正解:B
質問 # 79
Which of the following components are typically required for securing a wireless 802.11 network?
Each correct answer represents a complete solution. Choose all that apply.
- A. Data confidentiality
- B. Network segmentation
- C. AAA
- D. Monitoring
正解:A、B、C、D
質問 # 80
......
CWNP CWSP-206リアルな2023年最新のブレーン問題集で模擬試験問題集:https://jp.fast2test.com/CWSP-206-premium-file.html
CWSP-206無料試験問題と解答PDF更新されたのは2023年05月:https://drive.google.com/open?id=1ECW9QG4N4jOC122kFaUfpM0soGvntWFB