CWSP Exam 1

1. What are some of the reasons to create a well-defined security policy?
2. Which of the following steps are involved in creating a wireless security policy?
3. Which of the following define the criteria that should be included with the security policy functions?
4. Which of the following solutions should be considered to aid in security policy enforcement for mobile device technology?
5. Security baselines give the minimum configurations that must be deployed when staging a new device
6. Which of the following provides a starting point to work from when striving for wireless network security?
7. One way to work with hardening is to begin by changing default passwords because the default password is going to be known by other people as well
8. Which of the following make social networking vulnerable to potential threats within an organization?
9. To which region’s citizens does the General Data Protection Regulation or GDPR apply?
10. To which type of sensitive information does PCI DSS apply?
11. Which statements describe the guidelines for employee encouragement for security?
12. What topics should be covered in security awareness training?
13. What are elements of a Common Vulnerabilities and Exposures or CVE?
14. Which of the following is a plan for managing important upgrades for all the software and technologies that a company uses internally or distributing to clients?
15. Which of the following can help you aggregate and correlate data from multiple devices?
16. In a Man in the middle attack, an attacker passively captures and examines wireless frames from a victim's network
17. Which of the following is capable of mitigating attacks from rogue access points?
18. Which of the following uses disguised email as a vector and the goal is to trick the recipient into believing that the message is legitimate?
19. Match the penetration testing task with it's description
Discovery
Scan actual systems and discover client's vulnerabilities

Unselect

Prepare and define the work

Unselect

Monitor what is visible

Unselect

Document the findings

Unselect

Report
Scan actual systems and discover client's vulnerabilities

Unselect

Prepare and define the work

Unselect

Monitor what is visible

Unselect

Document the findings

Unselect

Planning
Scan actual systems and discover client's vulnerabilities

Unselect

Prepare and define the work

Unselect

Monitor what is visible

Unselect

Document the findings

Unselect

Attack
Scan actual systems and discover client's vulnerabilities

Unselect

Prepare and define the work

Unselect

Monitor what is visible

Unselect

Document the findings

Unselect

20. Passive scanning tools listen to all packets on a given channel, analyzing those packets, rather than transmitting probe requests
21. The typical wireless intrusion detection system is a client/server model that consists of which of the following two components?
22. What are some of the recommendations that might be made to a customer after a successful WLAN security audit?
23. WLAN protocol analyzers are typically used for Layer 2 auditing and spectrum analyzers are used for Layer 1 auditing
24. The principle of least privilege is to run processes in their lowest level of permission
25. Which of the following system provides the capability of providing the ability to remotely act on client devices?
26. The PCI-DSS regulations that govern hospital patient information policy will have a great impact on wireless security policy
27. Match the labels that a WIPS uses with it's description
Authorized
refers to any client station or access point that is a member of the company's wireless network.

Unselect

refers to any client station or access point that is detected by the WIPS and whose identity is known

Unselect

refers to any client station or access point that is considered a potential threat

Unselect

refers to any new 802.11 radio that has been detected but not classified as a rogue

Unselect

Unauthorized
refers to any client station or access point that is a member of the company's wireless network.

Unselect

refers to any client station or access point that is detected by the WIPS and whose identity is known

Unselect

refers to any client station or access point that is considered a potential threat

Unselect

refers to any new 802.11 radio that has been detected but not classified as a rogue

Unselect

Rogue
refers to any client station or access point that is a member of the company's wireless network.

Unselect

refers to any client station or access point that is detected by the WIPS and whose identity is known

Unselect

refers to any client station or access point that is considered a potential threat

Unselect

refers to any new 802.11 radio that has been detected but not classified as a rogue

Unselect

Neighbor
refers to any client station or access point that is a member of the company's wireless network.

Unselect

refers to any client station or access point that is detected by the WIPS and whose identity is known

Unselect

refers to any client station or access point that is considered a potential threat

Unselect

refers to any new 802.11 radio that has been detected but not classified as a rogue

Unselect

28. Which of the following type of triangulation method uses the variation of arrival times of the same transmitted signal?
29. RF fingerprinting solutions are more costly and require more time to set up and calibrate. Recalibration is required should the RF environment change
30. Which of the following will help detect any type of RF interference that might conflict with your WLAN?
31. What is the difference between WIPS and WIDS?
32. Auditing the WLAN security practices of a stadium that uses wireless Point of Sale terminals refers to which of the following regulation?
33. Which of these types of EAP require a server-side certificate to create an encrypted TLS tunnel?
34. EAP-MD5 and EAP-LEAP protect the supplicant validation exchange within a TLS tunnel and are therefore not susceptible to offline dictionary attacks
35. Which of the following ports are used by RADIUS protocol for authentication and accounting?
36. Which of the following protocols is used to provide user authentication in an 802.1X framework?
37. In digital communications, which of the following is a measure of uncertainty associated with a random variable?
38. Which of the following is considered as a more secure replacement for PSK authentication?
39. The 802.11-2012 standard defines which of the following fast secure roaming mechanisms?
40. Which of the following WPA3-SAE mode is backward compatible for WPA2 devices?
41. Which of the following is the Cisco suggested EAP method to mitigate the offline dictionary attacks?
42. Symmetric key encryption uses two keys. One key is used to encrypt the plaintext, and the other key is used to decrypt the ciphertext.
43. Which of the following features is introduced in WPA3 that protects encrypted data and prevents a future sessions by not exposing the past transmissions?
44. Opportunistic wireless encryption encrypts all wireless traffic by adding a Diffie-Hellman key exchange that creates an unknown PMK used in the 4-way handshake to generate the encryption keys
45. Which of the following tunneling protocol provides data confidentiality, data integrity, and nonrepudiation?
46. Which of the following RSNA authentication mechanisms are specified in the 802.11i standard?
47. The fundamental elements of RADIUS are the supplicant, authenticator, and an applicant
48. Put the authentication and key management key hierarchy in correct order
  • PMK
  • GTK
  • TEK
  • MSK
49. Which of the following documents outlines the audit requirements, deliverables, and timeline that the auditor will execute for a customer?
50. Which of the following frame exchange methods are used by Fast BSS transition?

 

Leave a comment