CWNP CWSP-206豪華セット学習ガイドにはオンライン試験エンジン [Q42-Q63]

CWNP CWSP-206豪華セット学習ガイドにはオンライン試験エンジン

CWSP-206問題集レビュー専門クイズ学習材料

CWSP-206試験は、90分以内に完了する必要がある60問の多肢選択およびマッチング問題で構成されています。試験は、候補者がワイヤレスネットワークを構成、実装、およびセキュリティを確保する能力を評価します。試験ではまた、候補者がワイヤレスネットワークの脅威、脆弱性、および対策に関する知識をテストします。問題は難しい設計になっており、試験に合格するためには包括的な学習計画が必要です。

CWSP-206試験は、ワイヤレスセキュリティソリューションを実装および管理する候補者の能力をテストするように設計されています。試験は複数のセクションに分けられ、それぞれがワイヤレスセキュリティの特定の領域をカバーしています。候補者は、ワイヤレスセキュリティプロトコル、セキュリティポリシーの実装、ワイヤレスセキュリティの問題のトラブルシューティングに関する知識を実証する必要があります。 CWSP認定試験を正常に完了すると、候補者が組織のワイヤレスネットワークを保護し、機密情報を保護し、不正アクセスを防ぐ能力が示されています。

 

質問 # 42
A WLAN protocol analyzer trace reveals the following sequence of frames (excluding the ACK frames):
* 802.11 Probe Req and 802.11 Probe Rsp
* 802.11 Auth and then another 802.11 Auth
* 802.11 Assoc Req and 802.11 Assoc Rsp
* EAPOL-KEY
* EAPOL-KEY
* EAPOL-KEY
* EAPOL-KEY
What security mechanism is being used on the WLAN?

• A. WPA-Enterprise
• B. 802.1X/LEAP
• C. EAP-TLS
• D. WPA2-Personal
• E. WEP-128

正解：D

質問 # 43
You are using a utility that takes input and generates random output. For example, you can provide the input of a known word as a secret word and then also provide another known word as salt input. When you process the input it generates a secret code which is a combination of letters and numbers with case sensitivity. For what is the described utility used?

• A. Generating GTKs for broadcast traffic encryption.
• B. Generating passwords for WLAN infrastructure equipment logins.
• C. Generating PMKs that can be imported into 802.11 RSN-compatible devices.
• D. Generating dynamic session keys used for IPSec VPNs.

正解：B

質問 # 44
After completing the installation of a new overlay WIPS for the purpose of rogue detection and security monitoring at your corporate headquarters, what baseline function MUST be performed in order to identify the security threats?

• A. Upstream and downstream throughput thresholds must be specified to ensure that service-level agreements are being met.
• B. WLAN devices that are discovered must be classified (rogue, authorized, neighbor, etc.) and a WLAN policy must define how to classify new devices.
• C. Separate security profiles must be defined for network operation in different regulatory domains.
• D. Authorized PEAP usernames must be added to the WIPS server's user database.

正解：B

解説：
Explanation/Reference:

質問 # 45
ABC Company has recently installed a WLAN controller and configured it to support WPA2- Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

• A. The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.
• B. The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.
• C. The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.
• D. The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

正解：C

質問 # 46
ABC Company has recently installed a WLAN controller and configured it to support WPA2-Enterprise security. The administrator has configured a security profile on the WLAN controller for each groupwithin the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

• A. The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.
• B. The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.
• C. The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a
  4-Way Handshake prior to user authentication.
• D. The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

正解：B

質問 # 47
Which of the following types of attacks is performed by Adam?

• A. Man-in-the-middle attack
• B. DoS attack that involves crashing a network or system
• C. DDoS attack that involves flooding a network or system
• D. Reverse social engineering attack

正解：B

質問 # 48
Which of the following wireless security protocols is defined in IEEE 802.11 pre-RSNA security?

• A. EAP
• B. CCMP
• C. TKIP
• D. WEP

正解：D

質問 # 49
In order to acquire credentials of a valid user on a public hotspot network, what attacks may be conducted? Choose the single completely correct answer.

• A. MAC denial of service and/or physical theft
• B. Authentication cracking and/or RF DoS
• C. RF DoS and/or physical theft
• D. Social engineering and/or eavesdropping
• E. Code injection and/or XSS

正解：D

質問 # 50
The following numbered items show some of the contents of each of the four frames exchanged during the
4-way handshake.
* Encrypted GTK sent
* Confirmation of temporal key installation
* ANonce sent from authenticator to supplicant
* SNonce sent from supplicant to authenticator, MIC included
Arrange the frames in the correct sequence beginning with the start of the 4-way handshake.

• A. 1, 2, 3, 4
• B. 3, 4, 1, 2
• C. 2, 3, 4, 1
• D. 4, 3, 1, 2

正解：B

質問 # 51
You have a Windows laptop computer with an integrated, dual-band, Wi-Fi compliant adapter. Your laptop computer has protocol analyzer softwareinstalled that is capable of capturing and decoding 802.11ac data.
What statement best describes the likely ability to capture 802.11ac frames for security testing purposes?

• A. Integrated 802.11ac adapters are not typically compatible with protocol analyzers in Windows laptops. It is often best to use a USB adapter or carefully select a laptop with an integrated adapter that will work.
• B. The only method available to capture 802.11ac frames is to perform a remote capture with a compatible access point.
• C. Only Wireshark can be used tocapture 802.11ac frames as no other protocol analyzer has implemented the proper frame decodes.
• D. Laptops cannot be used to capture 802.11ac frames because they do not support MU-MIMO.
• E. All integrated 802.11ac adapters will work with most protocol analyzers for frame capture, including the Radio Tap Header.

正解：A

質問 # 52
ABC Corporation is evaluating the security solution for their existing WLAN. Two of their supported solutions include a PPTP VPN and 802.1X/LEAP. They have used PPTP VPNs because of their wide support in server and desktop operating systems. While both PPTP and LEAP adhere to the minimum requirements of the corporate security policy, some individuals have raised concerns about MS-CHAPv2 (and similar) authentication and the known fact that MS-CHAPv2 has proven vulnerable in improper implementations. As a consultant, what do you tell ABC Corporation about implementing MS-CHAPv2 authentication?

• A. MS-CHAPv2 uses AES authentication, and is therefore secure.
• B. LEAP's use of MS-CHAPv2 is only secure when combined with WEP.
• C. When implemented with AES-CCMP encryption, MS-CHAPv2 is very secure.
• D. MS-CHAPv2 is only appropriate for WLAN security when used inside a TLS-encrypted tunnel.
• E. MS-CHAPv2 is compliant with WPA-Personal, but not WPA2-Enterprise.

正解：D

解説：
Explanation/Reference:

質問 # 53
Which of the following types of attacks entices a user to disclose personal information such as social security number, bank account details, or credit card number?

• A. Phishing
• B. Spoofing
• C. Replay attack
• D. Password guessing attack

正解：A

質問 # 54
Which of the following provides the best protection against a man-in-the-middle attack?

• A. Firewall
• B. Fiber-optic cable
• C. Strong encryption
• D. Strong password

正解：C

質問 # 55
When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?

• A. Server credentials
• B. User credentials
• C. RADIUS shared secret
• D. X.509 certificates

正解：B

質問 # 56
Which of the following protocols is designed to provide more secure encryption than the weak wired encryption privacy?

• A. PEAP
• B. LEAP
• C. CCMP
• D. TKIP

正解：D

質問 # 57
Which of the following attacks is used to obtain a user's authentication credentials?

• A. Teardrop attack
• B. Brute force attack
• C. Phishing attack
• D. Bonk attack

正解：B

質問 # 58
A WLAN consultant has just finished installing a WLAN controller with 15 controller-based APs.
Two SSIDs with separate VLANs are configured for this network, and both VLANs are configured to use the same RADIUS server. The SSIDs are configured as follows:
1. SSID Blue - VLAN 10 - Lightweight EAP (LEAP) authentication - CCMP
cipher suite
2. SSID Red - VLAN 20 - PEAPv0/EAP-TLS authentication - TKIP cipher
suite
The consultant's computer can successfully authenticate and browse the Internet when using the Blue SSID. The same computer cannot authenticate when using the Red SSID. What is a possible cause of the problem?

• A. The TKIP cipher suite is not a valid option for PEAPv0 authentication.
• B. The consultant does not have a valid Kerberos ID on the Blue VLAN.
• C. The client does not have a proper certificate installed for the tunneled authentication within the established TLS tunnel.
• D. The Red VLAN does not use server certificate, but the client requires one.

正解：C

質問 # 59
Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?

• A. PEAP
• B. EAP
• C. EAP-TLS
• D. CHAP

正解：D

質問 # 60
Which of the following is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for computers to connect and use a network service?

• A. RADIUS
• B. IPSec
• C. SSL
• D. HTTP

正解：A

質問 # 61
XYZ Hospital plans to improve the security and performance of their Voice over Wi-Fi implementation and will be upgrading to 802.11n phones with 802.1X/EAP authentication. XYZ would like to support fast secure roaming for the phones and will require the ability to troubleshoot reassociations that are delayed or dropped during inter-channel roaming. What portable solution would be recommended for XYZ to troubleshoot roaming problems?

• A. WIPS sensor software installed on a laptop computer.
• B. Spectrum analyzer software installed on a laptop computer.
• C. An autonomous AP mounted on a mobile cart and configured to operate in monitor mode.
• D. Laptop-based protocol analyzer with multiple 802.11n adapters.

正解：D

質問 # 62
For which one of the following purposes would aWIPS not be a good solution?

• A. Enforcing wireless network security policy.
• B. Performance monitoring and troubleshooting.
• C. Detecting and defending against eavesdropping attacks.
• D. Security monitoring and notification.

正解：C

質問 # 63
......

CWNP CWSP-206（CWSP Certified Wireless Security Professional）試験は、ワイヤレスネットワークを扱う専門家の知識とスキルをテストするために設計されています。この認定は、エンタープライズレベルのワイヤレスネットワークでワイヤレスセキュリティを設計、実装、および管理する候補者の能力を検証するように設計されています。 CWSP-206試験では、セキュリティプロトコル、侵入検知と予防、ネットワーク監視など、幅広いトピックをカバーしています。

 

試験問題解答ブレーン問題集でCWSP-206試験問題集PDF問題：https://www.jpntest.com/shiken/CWSP-206-mondaishu