[2023年最新] リアルなCWNP問題集を使って 100%無料CWSP-206試験問題集 [Q24-Q46]

[2023年最新] リアルなCWNP問題集を使って 100%無料CWSP-206試験問題集

リアルCWSP-206問題集で最新のCWNP練習テスト問題集

CWNP CWSP-206（CWSP Certified Wireless Security Professional）認定試験は、ワイヤレスネットワーキングの専門家がワイヤレスセキュリティの専門知識を得る絶好の機会です。認定プログラムは、ワイヤレスセキュリティで実践的な知識と実践的な経験を提供し、安全なワイヤレスネットワークを設計、実装、および管理する候補者を準備します。この認定は世界的に認識されており、ワイヤレスネットワーキング業界で非常に尊敬されているため、ワイヤレスセキュリティの専門家が所有する優れた資格となっています。

CWSP-206試験に合格することで、候補者が無線ネットワークセキュリティについて熟知しており、安全な無線ネットワークを設計、実装、および維持する能力を持っていることが証明されます。また、無線ネットワーキング業界内での候補者の認知度と信頼性が高まり、キャリアアップの機会につながることもあります。

一方、Certified Wireless Security Professional（CWSP）認定は、無線セキュリティの専門知識を検証するために設計されています。CWSP-206試験は、無線セキュリティの分野における個人の知識とスキルを確認する包括的かつ厳格な試験です。無線LANの展開、認証と暗号化、無線ハッキング技術など、広範なトピックをカバーしています。

 

質問 # 24
Which of the following attacks is used to obtain a user's authentication credentials?

• A. Brute force attack
• B. Bonk attack
• C. Phishing attack
• D. Teardrop attack

正解：A

質問 # 25
Which of the following is an infrastructure system that allows the secure exchange of data over an unsecured network?

• A. PMK
• B. PKI
• C. GTK
• D. PTK

正解：B

質問 # 26
Which of the following are important characteristics of VPNs? Each correct answer represents a complete solution. Choose all that apply.

• A. Encapsulation
• B. Data integrity
• C. Encryption
• D. Authentication

正解：A、B、C、D

質問 # 27
ABC Company isimplementing a secure 802.11 WLAN at their headquarters (HQ) building in New York and at each of the 10 small, remote branch offices around the United States. 802.1X/EAP is ABC's preferred security solution, where possible. All access points (at the HQ building and all branch offices) connect to a single WLAN controller located at HQ. Each branch office has only a single AP and minimal IT resources.
What security best practices should be followed in this deployment scenario?

• A. An encrypted VPN should connect the WLAN controller and each remote controller-based AP, or each remote site should provide an encrypted VPN tunnel to HQ.
• B. RADIUS services should be provided at branch offices so that authentication server and suppliant credentials are not sent over the Internet.
• C. APs at HQ and at each branch office should not broadcast the same SSID; instead each branch should have a unique ID foruser accounting purposes.
• D. Remote management of the WLAN controller via Telnet, SSH, HTTP, and HTTPS should be prohibited across the WAN link.

正解：A

質問 # 28
You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer softwareinstalled that is capable of capturing and decoding 802.11ac data.
What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?

• A. Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.
• B. The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.
• C. Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.
• D. Only Wireshark can be used tocapture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.
• E. All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.

正解：A

質問 # 29
Which of the following attacks are considered as authentication attacks? Each correct answer represents a complete solution. Choose all that apply.

• A. Denial-of-Service (DoS) attack
• B. Jamming attack
• C. Eavesdropper attack
• D. Man-in-the-middle attack

正解：C、D

質問 # 30
Which of the following keys is derived by Pairwise Master Key (PMK)?

• A. Group Temporal Key
• B. Private Key
• C. Pairwise Transient Key
• D. Public Key

正解：C

質問 # 31
You perform a protocol capture using Wireshark and a compatible 802.11 adapter in Linux. When viewing the capture, you see an auth req frame and an auth rsp frame. Then you see an assoc req frame and an assocrsp frame. Shortly after, you see DHCP communications and then ISAKMP protocol packets. What security solution is represented?

• A. 802.1X/PEAPv0/MS-CHAPv2
• B. EAP-MD5
• C. Open 802.11 authentication with IPSec
• D. WPA2-Personal with AES-CCMP
• E. 802.1X/EAP-TTLS

正解：C

質問 # 32
A WLAN consultant has just finished installing a WLAN controller with 15 controller-based APs.
Two SSIDs with separate VLANs are configured for this network, and both VLANs are configured to use the same RADIUS server. The SSIDs are configured as follows:
1. SSID Blue - VLAN 10 - Lightweight EAP (LEAP) authentication - CCMP
cipher suite
2. SSID Red - VLAN 20 - PEAPv0/EAP-TLS authentication - TKIP cipher
suite
The consultant's computer can successfully authenticate and browse the Internet when using the Blue SSID. The same computer cannot authenticate when using the Red SSID. What is a possible cause of the problem?

• A. The client does not have a proper certificate installed for the tunneled authentication within the established TLS tunnel.
• B. The consultant does not have a valid Kerberos ID on the Blue VLAN.
• C. The TKIP cipher suite is not a valid option for PEAPv0 authentication.
• D. The Red VLAN does not use server certificate, but the client requires one.

正解：A

質問 # 33
Your company has just completed installation of an IEEE 802.11 WLAN controller with 20 controller-based APs. The CSO has specified PEAPv0/EAP-MSCHAPv2 as the only authorized WLAN authentication mechanism. Since an LDAP-compliant user database was already in use, a RADIUS server was installed and is querying authentication requeststo the LDAP server. Where must the X.509 server certificate and private key be installed in this network?

• A. LDAP server
• B. Controller-based APs
• C. RADIUS server
• D. Supplicant devices
• E. WLAN controller

正解：C

質問 # 34
Which of the following is a type of malware that is secretly installed on the user's personal computer and collects users' information without their knowledge?

• A. Spyware
• B. Virus
• C. Worm
• D. Adware

正解：A

質問 # 35
What security vulnerability may result from a lack of staging, change management, and installation procedures for WLAN infrastructure equipment?

• A. The WLAN system may be open to RF Denial-of-Service attacks.
• B. Authentication cracking of 64-bit Hex WPA-Personal PSK.
• C. AES-CCMP encryption keys may be decrypted.
• D. WIPS may not classify authorized, rogue, and neighbor APs accurately.

正解：D

質問 # 36
Which of the following security protocols uses a single, manually configured, static key for data encryption that is shared by the client and the WAP?

• A. WEP
• B. WPA
• C. L2TP
• D. IPSec

正解：A

質問 # 37
ABCHospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN. Before creating the WLAN security policy, what should you ensure you possess?

• A. Management support for the process.
• B. Security policy generation software.
• C. Awareness of the exact vendor devices being installed.
• D. End-user training manuals for the policies to be created.

正解：A

質問 # 38
The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?

• A. Phase Shift Key (PSK)
• B. Group Temporal Key (GTK)
• C. Pairwise Master Key (PMK)
• D. Group Master Key (GMK)
• E. Key Confirmation Key (KCK)
• F. PeerKey (PK)

正解：C

質問 # 39
You are the WLAN administrator in your organization and you are required to monitor the network and ensure all active WLANs are providing RSNs. You have a laptop protocol analyzer configured. In what frame could you see the existence or non-existence of proper RSN configuration parameters for each BSS through the RSNIE?

• A. Probe request
• B. Data frames
• C. Beacon
• D. RTS
• E. CTS

正解：C

質問 # 40
Which of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

• A. It is not a valid EAP type.
• B. It does notsupport the outer identity.
• C. It does not support a RADIUS server.
• D. It does not support mutual authentication.

正解：D

質問 # 41
Which of the following keys is derived from a preshared key and Extensible Authentication Protocol (EAP)?

• A. Group Temporal Key
• B. Pairwise Transient Key
• C. Private Key
• D. Pairwise Master Key

正解：D

質問 # 42
What protocol, listed here, allows a network manager to securely administer the network?

• A. SNMPv2
• B. HTTPS
• C. Telnet
• D. TFTP

正解：B

質問 # 43
A WLAN protocol analyzer trace reveals the following sequence of frames (excluding the ACK frames):
1. 802.11 Probe Req and 802.11 Probe Rsp
2. 802.11 Auth and then another 802.11 Auth
3. 802.11 Assoc Req and 802.11 Assoc Rsp
4. EAPOL-KEY
5. EAPOL-KEY
6. EAPOL-KEY
7. EAPOL-KEY
What security mechanism is being used on the WLAN?

• A. EAP-TLS
• B. WPA-Enterprise
• C. WEP-128
• D. WPA2-Personal
• E. 802.1X/LEAP

正解：D

質問 # 44
The following numbered items show some of the contents of each of the four frames exchanged during the
4-way handshake.
* Encrypted GTK sent
* Confirmation of temporal key installation
* ANonce sent from authenticator to supplicant
* SNonce sent from supplicant to authenticator, MIC included
Arrange the frames in the correct sequence beginning with the start of the 4-way handshake.

• A. 4, 3, 1, 2
• B. 3, 4, 1, 2
• C. 2, 3, 4, 1
• D. 1, 2, 3, 4

正解：B

質問 # 45
You are using a utility that takes input and generates random output. For example, you can provide the input of a known word as a secret word and then also provide another known word as salt input. When you process the input it generates a secret code which is a combination of letters and numbers with case sensitivity. For what is the described utility used?

• A. Generating GTKs for broadcast traffic encryption.
• B. Generating passwords for WLAN infrastructure equipment logins.
• C. Generating PMKs that can be imported into 802.11 RSN-compatible devices.
• D. Generating dynamic session keys used for IPSec VPNs.

正解：B

質問 # 46
......

CWSP-206問題集PDFでCWSP-206リアルな試験問題アンサー：https://www.jpntest.com/shiken/CWSP-206-mondaishu