CWSP-208 : BUNDLE PACK LEARNING TOOLS INCLUDED

CWSP Exam Summary:
Exam Number: CWSP-207
Cost:  - Exam Voucher
Availability: Testing Centers
Duration: 90 Minutes
Questions: 60 multiple choice
Language: English

Secure new opportunities. Do you know how to assess the vulnerability of a network and help prevent attacks before they happen? Do you know how to perform WLAN security audits and implement compliance monitoring solutions? Do you have experience setting up Wireless Intrusion Prevention Systems (WIPS)?

Today’s wireless network security professionals need to have a deep understanding of the latest software, tools, trends and technologies available. Security professionals are often counted on to advise on security policies (i.e. password and acceptable use). Plus, these experts are responsible for configuring an entire network’s Security Design and Architecture.

Measure your skills and knowledge with this professional-level certification and get on track toward ultimately earning your Certified Wireless Network Expert (CWNE) certification. Those that pass the CWSP exam earn credit towards a CWNE certification.

What it takes to become a CWSP:
The CWSP certification is a professional level wireless LAN certification for the CWNP Program. To earn a CWSP certification, you must hold a current and valid CWNA credential. You must take the CWSP exam at a Prometric Testing Center and pass with a 70% or higher. Instructors must pass with a 80% or higher. However you choose to prepare for the CWSP exam, you should start with the exam objectives, which cover the full list of skills tested on the exam. The CWSP certification is valid for three (3) years. To recertify, you must have a current CWNA credential and pass the current CWSP exam. By passing the CWSP exam, your CWNA certificate will be renewed for another three years.

Main areas covered by CWSP
WLAN Discovery Techniques
Intrusion and Attack Techniques
802.11 Protocol Analysis
Wireless Intrusion Prevention Systems (WIPS) Implementation
Layer 2 and 3 VPNs used over 802.11 networks
Enterprise/SMB/SOHO/Public-Network Security design models
Managed Endpoint Security Systems802.11 Authentication and Key
CWSP-206 Exam Objectives 2019 (CWSP-206 Exam will expire June 30, 2023)
CWSP-207 Exam Objectives 2022 (CWSP-207 Exam will be available in mid-February)

Management Protocols
Enterprise/SMB/SOHO/Public-Network Security Solution Implementation
Building Robust Security Networks from the ground up
Fast BSS Transition (aka. Fast/Secure Roaming) Techniques
Thorough coverage of all 802.1X/EAP types used in WLANs
Wireless LAN Management Systems (WNMS)
Authentication Infrastructure Design Models
Using Secure Applications
802.11 Design Architectures
Implementing a Thorough Wireless Security Policy

Everything you need to prepare is right here:
Official Wi-Fi Security Self-Study Kit (including a Study Guide, Practice Test and Exam Voucher)

Wi-Fi Security eLearning
Live Network Certification Training Class

Sample Question and Answers

QUESTION 1
Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer
funds between his checking and savings accounts at his bank's website. The banks website uses the
HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker
was able to obtain John’s bank account user ID and password and exploit this information.
What likely scenario could have allowed the hacker to obtain John’s bank account user ID and password?

A. John's bank is using an expired X.509 certificate on their web server. The certificate is on John's
Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted.
B. John uses the same username and password for banking that he does for email. John used a POP3
email client at the wireless hot-spot to check his email, and the user ID and password were not encrypted.
C. John accessed his corporate network with his IPSec VPN software at the wireless hot-spot. An
IPSec VPN only encrypts data, so the user ID and password were sent in clear text. John uses the
same username and password for banking that he does for his IPSec VPN software.
D. The bank’s web server is using an X.509 certificate that is not signed by a root CA, causing the user
ID and password to be sent unencrypted.
E. Before connecting to the bank’s website, John’s association to the AP was hijacked. The attacker
intercepted the HTTPS public encryption key from the bank’s web server and has decrypted John’s
login credentials in near real-time.

Answer: B

QUESTION 2
What type of WLAN attack is prevented with the use of a per-MPDU TKIP sequence counter (TSC)?

A. Weak-IV
B. Forgery
C. Replay
D. Bit-flipping
E. Session hijacking

Answer: C

QUESTION 3
What 802.11 WLAN security problem is directly addressed by mutual authentication?

A. Wireless hijacking attacks
B. Weak password policies
C. MAC spoofing
D. Disassociation attacks
E. Offline dictionary attacks
F. Weak Initialization Vectors

Answer: A

QUESTION 4
ABC Company uses the wireless network for highly sensitive network traffic. For that reason, they
intend to protect their network in all possible ways. They are continually researching new network
threats and new preventative measures. They are interested in the security benefits of 802.11w, but
would like to know its limitations.
What types of wireless attacks are protected by 802.11w? (Choose 2)

A. RF DoS attacks
B. Layer 2 Disassociation attacks
C. Robust management frame replay attacks
D. Social engineering attacks

Answer: B, C

QUESTION 5
You are configuring seven APs to prevent common security attacks. The APs are to be installed in a
small business and to reduce costs, the company decided to install all consumer-grade wireless routers.
The wireless routers will connect to a switch, which connects directly to the Internet
connection providing 50 Mbps of Internet bandwidth that will be shared among 53 wireless clients and 17 wired clients.
To ensure the wireless network is as secure as possible from common attacks, what security measure
can you implement given only the hardware referenced?

A. WPA-Enterprise
B. 802.1X/EAP-PEAP
C. WPA2-Enterprise
D. WPA2-Personal

Answer: D