Free Practice CWNP CWSP-207 Exam Questions 2025

Stay ahead with 100% Free Certified Wireless Security Professional CWSP-207 Dumps Practice Questions

Page: 1 / 25

Total 121 Questions | Updated On: Apr 09, 2025

Add To Cart

Question 1

Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection. What security characteristics and/or components play a role in preventing data decryption? (Choose 2)

A : Multi-factor authentication

B : 4-Way Handshake

C : PLCP Cyclic Redundancy Check (CRC)

D : Encrypted Passphrase Protocol (EPP)

E : Integrity Check Value (ICV)

F : Group Temporal Keys

Answer: B,F

Question 2

As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy, what password-related items should be addressed?

A : MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

B : Password complexity should be maximized so that weak WEP IV attacks are prevented.

C : Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.

D : Certificates should always be recommended instead of passwords for 802.11 client authentication.

E : EAP-TLS must be implemented in such scenarios.

Answer: C

Question 3

Given: You support a coffee shop and have recently installed a free 802.11ac wireless hot-spot for the benefit of your customers. You want to minimize legal risk in the event that the hot-spot is used for illegal Internet activity. What option specifies the best approach to minimize legal risk at this public hot-spot while maintaining an open venue for customer Internet access?

A : Configure WPA2-Enterprise security on the access point

B : Block TCP port 25 and 80 outbound on the Internet router

C : Require client STAs to have updated firewall and antivirus software

D : Allow only trusted patrons to use the WLAN

E : Use a WIPS to monitor all traffic and deauthenticate malicious stations

F : Implement a captive portal with an acceptable use disclaimer

Answer: F

Question 4

What is the purpose of the Pairwise Transient Key (PTK) in IEEE 802.11 Authentication and Key Management?

A : The PTK is a type of master key used as an input to the GMK, which is used for encrypting multicast data frames.

B : The PTK contains keys that are used to encrypt unicast data frames that traverse the wireless medium.

C : The PTK is XOR'd with the PSK on the Authentication Server to create the AAA key.

D : The PTK is used to encrypt the Pairwise Master Key (PMK) for distribution to the 802.1X Authenticator prior to the 4-Way Handshake.

Answer: B

Question 5

Which of the following security attacks cannot be detected by a WIPS solution of any kind? (Choose 2)

A : Rogue APs

B : DoS

C : Eavesdropping

D : Social engineering

Answer: C,D

Page: 1 / 25

Total 121 Questions | Updated On: Apr 09, 2025

Add To Cart