[Latest Version] Easily Pass PW0-204 Exam With CertBus Updated CWNP PW0-204 Preparation Materials
As a leading IT exam study material provider, CertBus not only provides you the PW0-204 exam questions and answers but also the most comprehensive knowledge of the whole PW0-204 Certified Wireless Security Professional (CWSP) certifications. We provide our users with the most accurate PW0-204 Certified Wireless Security Professional (CWSP) study material about the PW0-204 exam and the guarantee of pass. We assist you to get well prepared for PW0-204 certification which is regarded valuable the IT sector.
We CertBus has our own expert team. They selected and published the latest PW0-204 preparation materials from CWNP Official Exam-Center: http://www.certgod.com/PW0-204.html
QUESTION NO:5
The following numbered items show the contents of the four frames exchanged during the 4-way
handshake.
Arrange the frames in the correct sequence beginning with the start of the 4-way handshake
A. 3, 4, 1, 2
B. 2, 3, 4, 1
C. 1, 2, 3, 4
D. 4, 3, 1, 2
Answer: A
QUESTION NO:3
What elements should be addressed by a WLAN security policy? (Choose 2)
A. Verification that administrative passwords are unique to each infrastructure device
B. Enabling encryption to prevent MAC addresses from being sent in clear text
C. Security policy details should be safeguarded from non IT employees to prevent vulnerability
exposure
D. End user training for password selection and acceptable network use
E. Social engineering recognition and mitigation technique.
Answer: D,E
Explanation:
A proper password security policy for wireless access should be ensured, and the baseline for
secure password and secret key selection should be enforced.
As part of a more general corporate security policy, users should be informed about social
engineering attacks and not disclosing information about the network to potential attackers.
http://e-articles.info/e/a/title/Wireless-Security-Policy/
QUESTION NO:7
What disadvantage does EAP-TLS have when compared with PEAPvO EAP/MSCHAPv2 as an
802. 11 WLAN security solution?
A. EAP-TLS requires a PKI to create X509 certificates for both the server and client, which
increases administrative overhead.
B. EAP-TLS does not use SSL to establish a secure tunnel for internal EAP authentication.
C. Fast/secure roaming in an 802 11 RSN is significantly longer when EAP-TLS is use.
D. EAP-TLS does not protect the client’s username and password in side an encrypted tunnel.
E. Though more secure EAP-TLS is not widely supported by wireless infrastructure or client
vendors.
F. Initially mobility authentication with EAP-TLS is significantly longer due to X509 certificate
verification.
Answer: A
Explanation: EAP – TLS requires the use of client – side certifi cates in addition to a server certifi
cate.The biggest factor when deciding to implement EAP – TLS is whether an enterprise PKI
infrastructure is already in place. This would usually, and optimally, include
separate servers in a high – availability server cluster.
QUESTION NO:2
Given:A new Access point is connected to an authorized network segment and is detected
wirelessly by a WIPS.
By what method does the WIPS apply a security classification to newly discovered AP?
A. According to the location service profile
B. According to the SNMP MIB table
C. According to the RADIUS rectum attribute
D. According to the site survey template
E. According to the default security policy
Answer: B
Explanation: http://webcache.googleusercontent.com/search?q=cache:E-
xehyw9ijwJ:www.nhbook.com/exam/PW0-
200.pdf A new Access point is connected to an authorized network segment and is detec
ted wirelessly by a WIPS. WIPS uses location service profileandcd=9andhl=enandct=clnkandgl=inands
ource=www.google.co.in
QUESTION NO:11
What one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism in
802.11WLAN?
A. EAP-TTLS does not require the use of PKI.
B. EAP-TTLS does not require an authenticator server.
C. EAP-TTLS sends encrypted supplicant credentials to the authentication server.
D. EAP-TTLS supports mutual authentication between supplicants and authentication servers.
E. EAP-TTLS supports smartcard clients.
Answer: A
Explanation:
EAP-Tunneled Transport Layer Security (EAP-TTLS) is an EAP protocol that extendsTLS. It is
widely supported across platforms; although there is no native OS support for this EAP protocol in
Microsoft Windows, it requires the installation of small extra programs such as SecureW2. EAP-
TTLS offers very good security. The client can but does not have to be authenticated via a CA-
signed PKI certificate to the server. This greatly simplifies the setup procedure, as a certificate
does not need to be installed on every client.
http://www.ucertify.com/article/what-is-eap-ttls.html
QUESTION NO:1
In an effort to optimize WLAN performance ABC Company has already upgraded their
infrastructure from 802 11b/gto802 11n. ABC has always been highly security conscious but they
are concerned with security threats introduced by incompatibilities between 802.11n and
802.11a/g in the past.ABC has performed manual and automated scans with products that were
originally designed for use in 802 11a/g networks.Including laptop-based spectrum and protocol
analyzers as well as an overlay 802 11a/g WIPS solution.ABC has sought your input to
understand and respond to potential security threats.
In ABC’s network environment, what type of devices would be capable of identifying rouge APs
that use HT Greenfield 40 MHZ channels? (Choose 3)
A. 802.11n WPS sensor with a single 2×2 radio
B. The company’s current laptop-based protocol analysis tools
C. WIPS solution that is integrated in the company’s AP infrastructure
D. The company’s current overlay WIPS solution
E. The company’s current laptop-based spectrum analysis tools
Answer: A,B,C
Explanation:
HT GreenfieldThe Greenfield PHY header is not backward compatible with legacy
802.11a/g radios and can only be interpreted by 802.11n HT radios
Laptop Analyzer automatically identifies hundreds of performance problems, such as 11b/g
conflicts, 802.11e problems, and QoS, as well as dozens of wireless intrusions and hacking
strategies, including Rogue devices. With the Laptop Analyzer, users can classify and decode
Non-HT (legacy), HT mixed format and HT greenfield format traffic and identify backward
compatibility issues with legacy 802.11a/b/g devices operating in the same environment.
http://www.njbo.net/tools/Laptop Analyzer – WLAN Monitoring and%
20Troubleshooting Tool – AirMagnet.htm
The HT Greenfi eld PHY header cannot be detected by a WIPS that is using
legacy 802.11a/g sensors. The solution to this problem is to upgrade the WIPS with new
sensors that also have 802.11n HT radios. (the company has already upgraded to 802.11n so
C is correct)
QUESTION NO:8
Exhibit
Given:The illustration shows a WLAN protocol analyzer decoding an 802.11 beacon frame.
What statement about the access points BSSistrue and can be confirmed with this illustration?
A. This is a TSN and stations may use only the TKIP chiper suit.
B. The BSS’s group key chiper will be rotated by the access point after two more beacon frames.
C. The BSS supports both CCMP and TKIP chiper suit simultaneously.
D. There is currently one wireless client associated with the AP using TKIP chiper suit within the
BSS.
E. The BSS is an RSN, but the only chiper suit supported in BSS is TKIP.
Answer: E
QUESTION NO:6
What 802 11 WLAN security problem is addressed by 802.1X/EAP mutual authentication.
A. Disassociation attacks
B. Weak initialization vectors
C. Offline dictionary attacks
D. Weak password policies
E. MAC spoofing
F. Wireless hijacking attacks
Answer: F
Explanation: The only way to prevent a wireless hijacking, man-in-the-middle, and/or Wi-Fi
phishing attack is to use a mutual authentication solution.802.1X/EAP authentication solutions
require that mutual authentication
credentials be exchanged before a user can be authorized.
QUESTION NO:10
Exhibit
Given:The network in this diagram implements an 802.1X/EAP-based wireless security solution.
What device functions as EAP authenticator?
A. Ethernet switch
B. Mobile device
C. LDAP server
D. Access point
E. WLAN controller
F. RADIUS server
Answer: E
Explanation: supplicant is often the laptop or wireless handheld
device trying to access the network
A device that blocks or allows traffi c to pass through its port entity.
Authentication traffi c is normally allowed to pass through the authenticator, while all othertraffi c is
blocked until the identity of the supplicant has been verifi ed. The authenticatormaintains two
virtual ports: anuncontrolled portand acontrolled port. The uncontrolledport allows EAP
authentication traffi c to pass through, while the controlled port blocks allother traffi c until the
supplicant has been authenticated. In a WLAN, the authenticator isusually either an AP or a
WLAN controller.
Theauthenticator plays the role of the intermediary, passing messages between the supplicantand
the authentication server.
In the centralized WLAN
architecture, autonomous APs have been replaced with controller – based access points
alsoknown as thin APs. Acontroller – based APhas minimal intelligence, and functionally is justa
radio card and an antenna. All the intelligence resides in a centralizedWLAN controller,and all the
AP confi guration settings, such as channel and power, are distributed to thecontroller – based APs
from the WLAN controller and stored in the RAM of the controller –
based AP.
In this fig WLAN Controller is used with thin AP therefore the authenticator is WLAN Controller
QUESTION NO:12
Exhibit
In this diagram illustrating an example of IEEE 802.11standard’s4-Way handshake what is the
purpose of ANonce and Snonce?
A. There are values used in the derivation of the pairwise Transient key.
B. The IEEE 802.11 standard requires that all crypto graphic frames contain a nonce for security
purposes.
C. They are used to pad message 1 and message 2 so each frame contains the same number of
bytes.
D. They are added together and used as the GMK, from which the GTK is derived.
E. They allow the participating STAs to avoid sending unicast encryption keys across the wireless
medium
Answer: A
CertBus exam braindumps are pass guaranteed. We guarantee your pass for the PW0-204 exam successfully with our CWNP materials. CertBus Certified Wireless Security Professional (CWSP) exam PDF and VCE are the latest and most accurate. We have the best CWNP in our team to make sure CertBus Certified Wireless Security Professional (CWSP) exam questions and answers are the most valid. CertBus exam Certified Wireless Security Professional (CWSP) exam dumps will help you to be the CWNP specialist, clear your PW0-204 exam and get the final success.
PW0-204 Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mdmtNVk1QTWhUYzg/view?usp=sharing
PW0-204 CWNP exam dumps (100% Pass Guaranteed) from CertBus: http://www.certgod.com/PW0-204.html [100% Exam Pass Guaranteed]
Why select/choose CertBus?
Millions of interested professionals can touch the destination of success in exams by certgod.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.