手に入れよう！は2024年最新の有効な実践問題であなたのCWSP-206試験を合格させる（本日更新された138問) [Q73-Q98]

手に入れよう！は2024年最新の有効な実践問題であなたのCWSP-206試験を合格させる（本日更新された138問)

CWSP Certification CWSP-206試験実践テスト問題集解答豪華セットを使おう！

CWNP CWSP-206試験は、特定のワイヤレス機器または技術に結び付けられていないベンダー中立認証です。これは、試験に合格した候補者は、特定のベンダーまたはテクノロジーに限定されず、ワイヤレス機器や技術を使用できることを意味します。

CWSP認定は、組織内の無線ネットワークのセキュリティに責任を持つ無線ネットワークの専門家に最適です。これには、無線ネットワークエンジニア、セキュリティアナリスト、ネットワーク管理者、ITプロフェッショナルが含まれます。認定は、安全な無線ネットワークを実装し、セキュリティの脅威を軽減し、セキュリティ関連の問題をトラブルシューティングするために必要なスキルを個人に提供します。また、無線業界でキャリアを発展させたい専門家にとっても貴重な資格です。全体的に、CWNP CWSP-206試験は包括的で難しい認定であり、個人の無線セキュリティの専門知識を検証します。

 

質問 # 73
Which of the following provides the best protection against a man-in-the-middle attack?

• A. Strong password
• B. Fiber-optic cable
• C. Firewall
• D. Strong encryption

正解：D

質問 # 74
The IEEE 802.11 standard defined Open System authentication as consisting of two auth frames and two assoc frames. In a WPA2-Enterprise network, what process immediately follows the
802.11 association procedure?

• A. DHCP Discovery
• B. Passphrase-to-PSK mapping
• C. 802.1X/ EAP authentication
• D. Group Key Handshake
• E. 4-Way Handshake
• F. RADIUS shared secret lookup

正解：C

質問 # 75
Which of the following components are typically required for securing a wireless 802.11 network?
Each correct answer represents a complete solution. Choose all that apply.

• A. Data confidentiality
• B. Monitoring
• C. AAA
• D. Network segmentation

正解：A、B、C、D

質問 # 76
Which of the following are legacy authentication protocols used within the stronger EAP authentication protocols? Each correct answer represents a complete solution. Choose all that apply.

• A. MS-CHAP
• B. PPTP
• C. CHAP
• D. PAP

正解：A、C、D

質問 # 77
Which of the following policies are considered as a good starting point while designing a wireless security policy document? Each correct answer represents a complete solution. Choose all that apply.

• A. General security policy
• B. Rogue AP policy
• C. Protocol policy
• D. Functional security policy

正解：A、B、D

質問 # 78
Which of the following key types are defined in the 802.11i Authentication and Key Management (AKM)?
Each correct answer represents a complete solution. Choose all that apply.

• A. Group Temporal Key (GTK)
• B. Pairwise Transient Key (PTK)
• C. Pairwise Master Key (PMK)
• D. Group Master Key (GMK)

正解：A、B、C、D

質問 # 79
As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.
When writing the 802.11 security policy, what password-related items should be addressed?

• A. Password complexity should be maximized so that weak WEP IV attacks are prevented.
• B. EAP-TLS must be implemented in such scenarios.
• C. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK- based authentication.
• D. MS-CHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.
• E. Certificates should always be recommended instead of passwords for 802.11 client authentication.

正解：C

質問 # 80
Which of the following are secure infrastructure management protocols used in WLAN? Each correct answer represents a complete solution. Choose all that apply.

• A. SCP
• B. SNMPv3
• C. Telnet
• D. HTTPS

正解：A、B、D

質問 # 81
What field in the RSN information element (IE) will indicate whether PSK- or Enterprise-based WPA or WPA2 is in use?

• A. Pairwise Cipher Suite List
• B. Group Cipher Suite
• C. RSN Capabilities
• D. AKM Suite List

正解：D

解説：
Explanation/Reference:

質問 # 82
Which of the following is an infrastructure system that allows the secure exchange of data over an unsecured network?

• A. GTK
• B. PMK
• C. PTK
• D. PKI

正解：D

質問 # 83
Joe's new laptop is experiencing difficulty connecting to ABC Company's 802.11 WLAN using
802.1X/EAP PEAPv0. The company's wireless network administrator assured Joe that his laptop was authorized in the WIPS management console for connectivity to ABC's network before it was given to him. The WIPS termination policy includes alarms for rogue stations, rogue APs, DoS attacks and unauthorized roaming. What is a likely reason that Joe cannot connect to the network?

• A. Joe configured his 802.11 radio card to transmit at 100 mW to increase his SNR. The WIPS is detecting this much output power as a DoS attack.
• B. Joe disabled his laptop's integrated 802.11 radio and is using a personal PC card radio with a different chipset, drivers, and client utilities.
• C. An ASLEAP attack has been detected on APs to which Joe's laptop was trying to associate. The WIPS responded by disabling the APs.
• D. Joe's integrated 802.11 radio is sending multiple Probe Request frames on each channel.

正解：B

質問 # 84
Which of the following keys are used by the symmetric key algorithm? Each correct answer represents a complete solution. Choose all that apply.

• A. Public Key
• B. Group Temporal Key
• C. Pairwise Transient Key
• D. Private Key

正解：D

質問 # 85
Which of the following keys is derived by Pairwise Master Key (PMK)?

• A. Public Key
• B. Group Temporal Key
• C. Pairwise Transient Key
• D. Private Key

正解：C

質問 # 86
What security vulnerability may result from a lack of staging, change management, and installation procedures for WLAN infrastructure equipment?

• A. WIPS may not classify authorized, rogue, and neighbor APs accurately.
• B. AES-CCMP encryption keys may be decrypted.
• C. The WLAN system may be open to RF Denial-of-Service attacks.
• D. Authentication cracking of 64-bit Hex WPA-Personal PSK.

正解：A

質問 # 87
Which of the following types of attacks entices a user to disclose personal information such as social security number, bank account details, or credit card number?

• A. Replay attack
• B. Password guessing attack
• C. Phishing
• D. Spoofing

正解：C

質問 # 88
Your network implements an 802.1X/EAP-based wireless security solution. A WLAN controller is installed and manages seven APs. FreeRADIUS is used for the RADIUS server and is installed on a dedicated server named SRV21. One example client is a MacBook Pro with 8 GB RAM.
What device functions as the 802.1X/ EAP Authenticator?

• A. RADIUS server
• B. MacBook Pro
• C. SRV21
• D. WLAN Controller/AP

正解：D

質問 # 89
Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?

• A. MAC Authentication Bypass
• B. Quality of Service (QoS)
• C. Multi-Authentication
• D. Port security

正解：D

質問 # 90
As the primary security engineer for a large corporate network, you have been asked to author a new securitypolicy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods. When writing the 802.11 security policy, what password-related items should be addressed?

• A. Password complexity should be maximized so that weak WEP IV attacks are prevented.
• B. EAP-TLS must be implemented in such scenarios.
• C. Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.
• D. MS-CHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.
• E. Certificates should always be recommended instead of passwords for 802.11 client authentication.

正解：C

質問 # 91
You work as a Network Administrator for uCertify Inc.
You need to provide a secure communication between the server and the client computers of the company.
Which of the following protocols will you use to manage the communication securely?

• A. HTTP
• B. TCP
• C. SSL
• D. TLS

正解：C、D

質問 # 92
Many corporations configure guest VLANs on their WLAN controllers that allowvisitors to have Internet access only. The guest traffic is tunneled to the DMZ to prevent some security risks. In this deployment, what risk is still associated with implementing the guest VLAN without any advanced traffic monitoring or filtering featureenabled?

• A. Guest users can reconfigure AP radios servicing the guest VLAN unless unsecure network management protocols (e.g. Telnet, HTTP) are blocked.
• B. Peer-to-peer attacks can still be conducted between guest users unless application-layer monitoring and filtering are implemented.
• C. Once guest users are associated to the WLAN, they can capture 802.11 frames from the corporate VLANs.
• D. Intruders can send spam to the Internet through the guest VLAN.

正解：D

質問 # 93
After completing the installation of a new overlay WIPS for the purpose of rogue detection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify the security threats?

• A. Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements are being met.
• B. Authorized PEAP usernames must be added to the WIPS server's user database.
• C. WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.
• D. Separate security profiles must be defined for network operation in different regulatory domains.

正解：C

解説：
Explanation/Reference:

質問 # 94
In the basic 4-way handshake used in secure 802.11 networks, what is the purpose of the ANonce and SNonce?

• A. They are input values used in the derivation of the Pairwise Transient Key.
• B. They are used to pad Message 1 and Message 2 so each frame contains the same number of bytes.
• C. They are added together and used as the GMK, fromwhich the GTK is derived.
• D. The IEEE 802.11 standard requires that all encrypted frames contain a nonce to serve as a Message Integrity Check (MIC).

正解：A

質問 # 95
When monitoring APs within a LAN using a Wireless Network Management System (WNMS), what secure protocol may be used bythe WNMS to issue configuration changes to APs?

• A. SNMPv3
• B. PPTP
• C. 802.1X/EAP
• D. TFTP
• E. IPSec/ESP

正解：A

質問 # 96
Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP packets?

• A. Ping flood
• B. Fraggle
• C. Smurf
• D. Bonk

正解：D

質問 # 97
Which of the following security protocols uses a single, manually configured, static key for data encryption that is shared by the client and the WAP?

• A. WEP
• B. IPSec
• C. L2TP
• D. WPA

正解：A

質問 # 98
......

完全版最新の問題集PDFで最新CWSP-206試験問題と解答：https://www.jpntest.com/shiken/CWSP-206-mondaishu