Question 1

Given: ABC Company has recently installed a WLAN controller and configured it to support WPA2-Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

Options :

A : The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

B : The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.

C : The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.

D : The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.

Answer: B

Question 2

What drawbacks initially prevented the widespread acceptance and use of Opportunistic Key Caching (OKC)?

Options :

A : Sharing cached keys between controllers during inter-controller roaming created vulnerabilities that exposed the keys to attackers.

B : Because OKC is not defined by any standards or certification body, client support was delayed and sporadic early on.

C : Key exchanges during fast roams required processor-intensive cryptography, which was prohibitive for legacy devices supporting only TKIP.

D : The Wi-Fi Alliance continually delayed the creation of a client certification for OKC, even though it was defined by IEEE 802.11r.

Answer: B

Question 3

What is a primary criteria for a network to qualify as a Robust Security Network (RSN)?

Options :

A : Token cards must be used for authentication.

B : Dynamic WEP-104 encryption must be enabled.

C : WEP may not be used for encryption.

D : WPA-Personal must be supported for authentication and encryption.

E : WLAN controllers and APs must not support SSHv1.

Answer: C

Question 4

As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?

Options :

A : Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.

B : Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.

C : Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.

D : A trained employee should install and configure a WIPS for rogue detection and response measures.

E : Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

Answer: D

Question 5

Your organization required compliance reporting and forensics features in relation to the 802.11ac WLAN they have recently installed. These features are not built into the management system provided by the WLAN vendor. The existing WLAN is managed through a centralized management console provided by the AP vendor with distributed APs and multiple WLAN controllers configured through this console. What kind of system should be installed to provide the required compliance reporting and forensics features?

Options :

A : WNMS

B : WIPS overlay

C : WIPS integrated

D : Cloud management platform

Answer: B

Higher Test Marks with Free Online CWSP-208 Exam Practice

Buying Options: