Free 640-802 Demo Download

Free demo for CWNP CWNP PW0-200 exam (certified wireless security professional(cwsp)). You can check out the interface, question quality and usability of our practice exams

Free Download 640-802 Exam Pdf Demo
Free Download 640-802 Exam iEngine Demo

　
　
Exam : CENP PW0-200
Title : Certified Wireless Security Professional(CWSP)

1. Given: John Smith often works from home and wireless hotspots rather than commuting to the office. His laptop connects to the office network over IEEE 802.11 WLANs.
To safeguard his datawhat wireless security policy items should be implemented?
A. Use an IPSec VPN for remote connectivity
B. Use an HTTPS captive portal for authentication at hotspots
C. Use personal firewall software on his laptop
D. Use a protocol analyzer on his laptop to monitor for risks
E. Use 802.1X/PEAPv0 to connect to the corporate office network
Answer: AC

2. What happens in a bit flipping attack against an IEEE 802.11 device?
A. An attacker captures an encrypted framemodifies the ciphertextmodifies the ICV to hide the change to the ciphertextand then transmits the frame to appear as if it is from the original source.
B. An attacker uses a non-linear Message Integrity Check (MIC) on his computer to form a wireless crossover connection with the target computer.
C. An attacker injects data into a wireless transmission that results in a memory access exception at the target system for the purpose of breaching security.
D. An attacker sends each frame with the first bit alternating between 0 and 1causing the target computer to disable encryption synchronization.
E. An attacker captures an encrypted authentication frameand then executes a cracking algorithm against each 0 and 1 in the frame. After the frame is crackedit is used to authenticate the attacker’s computer.
Answer: A

3. In this diagram illustrating an example of the IEEE 802.11 standard’s 4-Way Handshakewhat is the purpose of the ANonce and SNonce?
A. They are used to pad Message 1 and Message 2 so there is no empty space in the frame.
B. The IEEE 802.11 standard requires that all cryptographic frames contain a nonce for security purposes.
C. They are added together and used as the GMKfrom which the GTK is derived.
D. They are values used in the derivation of the Pairwise Transient Key.
Answer: D

4. What policies would prevent peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hotspots?
A. Require managed personal firewall software on each laptop.
B. Require secure applications such as POP3/SHTTPSand SSH2.
C. Require VPN software for connectivity to the corporate network.
D. Require WPA2-Enterprise as the minimal WLAN security solution.
E. Require Port Address Translation (PAT) on each laptop.
F. Require a managed wireless endpoint security agent on each laptop.
Answer: ABCF

5. Given: ABC Company has a WLAN controller with three access points15 client devicesand uses WPA2-Personal for WLAN security.
What statement about ABC Company’s WLAN security is true?
A. Intruders may obtain the passphrase with an offline dictionary attack and gain network accessbut will be unable to decrypt data traffic.
B. Traffic injection attacks are possible because the transmitter lacks frame numbering.
C. An unauthorized wireless client device cannot associatebut can eavesdrop on some data because WPA2-Personal does not encrypt broadcast traffic.
D. An authorized WLAN user with a protocol analyzer can decode data frames of other authorized users if he captures that user’s 4-Way Handshake.
E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshakehijacking attacks are easily performed.
Answer: D

6. Given: You have a laptop computer with an integrated Wi-Fi compliant MiniPCI card.
What statements describe the limited effectiveness of locating rogue access points using WLAN discovery software such as NetStumblerKismetor MacStumbler?
A. Discovery tools like those listed cannot determine the authorization status of an access point.
B. A laptop computer can only be in one location at a time.
C. Discovery tools like those listed cannot determine if an access point is attached to a wired network.
D. Rogue access points using non-IEEE 802.11 frequency bands or unpopular modulations are not detected.
E. When data encryption in useaccess points cannot be detected using discovery tools like those listed.
Answer: ABCD

7. What WIPS parameter is configured to generate notifications?
A. Mobile unit density violations
B. Admission control status
C. Sensor sensitivity levels
D. Policy threshold values
Answer: D

8. Given: A network security auditor is assessing an IEEE 802.11 network’s exposure to security holes.
What task would save the most time if performed before the audit?
A. Identify the IP subnet information for each network segment.
B. Identify the manufacturer of the wireless intrusion prevention system.
C. Identify the skill level of the wireless network security administrator(s).
D. Identify the manufacturer of the wireless infrastructure hardware.
E. Identify the wireless security solution(s) currently in use.
Answer: E