CWSP PART 3 only Questions With Complete Solutions
802.1X/EAP-TLS supports what client authentication credential
type? Correct Answers x.509 Certificates
A government agency has allowed its employees to telecommute
from WLAN hot-spots. After implementing this policy, there
occurred a sharp increase in the exposure and exploitation of
sensitive government data. The WLAN administrator has been
tasked with securing remote user
laptop computers so that telecommuting can be continued
indefinitely. What steps does the WLAN Administrator take to
secure these laptop computers during use at wireless hot-spots?
Correct Answers Install personal firewall software and VPN
end-point software on all laptops
A government agency requires the utmost in WLAN security
and is currently creating an updated WLAN security policy to
outline the security procedures to be implemented on all
wireless networks within the agency. Documentation procedures
for any security event in the agency require a detailed paper trail
including specifics on the time/date, physical location, and type
of attack. What tasks must be required by the new security
policy to ensure adherence to the documentation requirements?
(Choose three) Correct Answers A. Implementation of a
wireless intrusion prevention system
B. In depth review of WIPS security event reports
C. Frequent customized WIPS security event reports
A university's WLAN administrator is seeking an efficient and
effective method of detecting and eliminating rogue access
,points and wireless Ad Hoc networks across the entire campus.
The administrator's friend suggests that the he use a WLAN
protocol analyzer to perform a weekly
survey of the campus to discover rogues devices. The
administrator considers this option and then asks you to offer
advice on the subject. What is your advice to the administrator?
(Choose two) Correct Answers WLAN protocol analyzers will
not detect rogue devices that do not use the 802.11 protocol
frame format.
In a campus environment, manual scanning for rogues requires
too much time and resources to effectively and consistently
locate all rogue devices. A system is needed that can inspect the
entire campus in real time.
ABC Company has 5 departments, and each requires a separate
LAN segment and 802.11g WLAN connectivity. Which devices
in ABC Company's network are unaware of the 802.1Q
VLANs? (Choose two) Correct Answers Authentication Server
Supplicant
ABC Company has 6 employees, each of whom uses a laptop
with an 802.11a/b/g Mini-PCI card configured for Ad-Hoc
mode. These laptops are the only computers in the company.
Why is it not possible for ABC Company to have a Wireless
Intrusion Prevention System (WIPS) with the
existing network configuration? Correct Answers In an Ad-
Hoc WLAN environment, there is no central management
station to which to report intrusions.
, ABC Company has a Microsoft Windows 2003 Active Directory
(AD) environment with IAS (an EAP-enabled RADIUS server)
installed at their corporate headquarters (HQ) and at all branch
locations. The HQ IAS server is currently used to authenticate
HQ 802.11g WLAN users. ABC is installing an 802.11g WLAN
at a branch office, and they have hired you to advise them on the
best way to implement authentication for branch WLAN users.
How will you configure access points at the branch office for
maximized authentication speed and reliability? Correct
Answers Authenticate against the branch IAS server. The
branch IAS server will look up the user on the branch ADserver.
ABC Company has implemented WPA2-Enterprise with PEAP
on their WLAN. They use POP3/SSL for email retrieval. At
what OSI layers is encryption applied using these security
protocols? (Choose two) Correct Answers Layer-2
Layer-7
ABC Company's lightweight access points periodically go 'off
channel' for a short period of time to scan all 802.11a/g Wi-Fi
channels to detect and locate rogue access points. When a rogue
access point is found, the active security policy requires at least
one access point to perform a
deauthentication attack against the rogue. What type of WIPS
does ABC Company have? Correct Answers Integrated
ABC Company's network includes ten ERP-OFDM (802.11g)
STAs connecting through a single access point. To help avoid
the spread of viruses between wireless users, what should be
implemented on the network? (Choose two) Correct Answers
Peer-to-peer data blocking in the AP
802.1X/EAP-TLS supports what client authentication credential
type? Correct Answers x.509 Certificates
A government agency has allowed its employees to telecommute
from WLAN hot-spots. After implementing this policy, there
occurred a sharp increase in the exposure and exploitation of
sensitive government data. The WLAN administrator has been
tasked with securing remote user
laptop computers so that telecommuting can be continued
indefinitely. What steps does the WLAN Administrator take to
secure these laptop computers during use at wireless hot-spots?
Correct Answers Install personal firewall software and VPN
end-point software on all laptops
A government agency requires the utmost in WLAN security
and is currently creating an updated WLAN security policy to
outline the security procedures to be implemented on all
wireless networks within the agency. Documentation procedures
for any security event in the agency require a detailed paper trail
including specifics on the time/date, physical location, and type
of attack. What tasks must be required by the new security
policy to ensure adherence to the documentation requirements?
(Choose three) Correct Answers A. Implementation of a
wireless intrusion prevention system
B. In depth review of WIPS security event reports
C. Frequent customized WIPS security event reports
A university's WLAN administrator is seeking an efficient and
effective method of detecting and eliminating rogue access
,points and wireless Ad Hoc networks across the entire campus.
The administrator's friend suggests that the he use a WLAN
protocol analyzer to perform a weekly
survey of the campus to discover rogues devices. The
administrator considers this option and then asks you to offer
advice on the subject. What is your advice to the administrator?
(Choose two) Correct Answers WLAN protocol analyzers will
not detect rogue devices that do not use the 802.11 protocol
frame format.
In a campus environment, manual scanning for rogues requires
too much time and resources to effectively and consistently
locate all rogue devices. A system is needed that can inspect the
entire campus in real time.
ABC Company has 5 departments, and each requires a separate
LAN segment and 802.11g WLAN connectivity. Which devices
in ABC Company's network are unaware of the 802.1Q
VLANs? (Choose two) Correct Answers Authentication Server
Supplicant
ABC Company has 6 employees, each of whom uses a laptop
with an 802.11a/b/g Mini-PCI card configured for Ad-Hoc
mode. These laptops are the only computers in the company.
Why is it not possible for ABC Company to have a Wireless
Intrusion Prevention System (WIPS) with the
existing network configuration? Correct Answers In an Ad-
Hoc WLAN environment, there is no central management
station to which to report intrusions.
, ABC Company has a Microsoft Windows 2003 Active Directory
(AD) environment with IAS (an EAP-enabled RADIUS server)
installed at their corporate headquarters (HQ) and at all branch
locations. The HQ IAS server is currently used to authenticate
HQ 802.11g WLAN users. ABC is installing an 802.11g WLAN
at a branch office, and they have hired you to advise them on the
best way to implement authentication for branch WLAN users.
How will you configure access points at the branch office for
maximized authentication speed and reliability? Correct
Answers Authenticate against the branch IAS server. The
branch IAS server will look up the user on the branch ADserver.
ABC Company has implemented WPA2-Enterprise with PEAP
on their WLAN. They use POP3/SSL for email retrieval. At
what OSI layers is encryption applied using these security
protocols? (Choose two) Correct Answers Layer-2
Layer-7
ABC Company's lightweight access points periodically go 'off
channel' for a short period of time to scan all 802.11a/g Wi-Fi
channels to detect and locate rogue access points. When a rogue
access point is found, the active security policy requires at least
one access point to perform a
deauthentication attack against the rogue. What type of WIPS
does ABC Company have? Correct Answers Integrated
ABC Company's network includes ten ERP-OFDM (802.11g)
STAs connecting through a single access point. To help avoid
the spread of viruses between wireless users, what should be
implemented on the network? (Choose two) Correct Answers
Peer-to-peer data blocking in the AP
