Question 1

What is the purpose of the Pairwise Transient Key (PTK) in IEEE 802.11 Authentication and Key Management?

Options :

A :

The PTK is a type of master key used as an input to the GMK, which is used for encrypting multicast data frames.

B : The PTK contains keys that are used to encrypt unicast data frames that traverse the wireless medium.

C : The PTK is XOR'd with the PSK on the Authentication Server to create the AAA key.

D :

The PTK is used to encrypt the Pairwise Master Key (PMK) for distribution to the 802.1X Authenticator prior to the 4-Way Handshake.

Answer: B

Question 2

Given: ABC Company has recently installed a WLAN controller and configured it to support WPA2-Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

Options :

A :

The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

B :

The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.

C :

The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.

D :

The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.

Answer: B

Question 3

Which of the following security attacks cannot be detected by a WIPS solution of any kind? (Choose 2)

Options :

A : Rogue APs

B : DoS

C : Eavesdropping

D : Social engineering

Answer: C,D

Question 4

Given: ABC Company is an Internet Service Provider with thousands of customers. ABC’s customers are given login credentials for network access when they become a customer. ABC uses an LDAP server as the central user credential database. ABC is extending their service toexisting customers in some public access areas and would like to use their existing database for authentication. How can ABC Company use their existing user database for wireless user authentication as they implement a large-scale WPA2-Enterprise WLAN security solution?

Options :

A :

Import all users from the LDAP server into a RADIUS server with an LDAP-to-RADIUS conversion tool.

B : Implement an X.509 compliant Certificate Authority and enable SSL queries on the LDAP server.

C :

Mirror the LDAP server to a RADIUS database within a WLAN controller and perform daily backups to synchronize the user databases.

D : Implement a RADIUS server and query user authentication requests through the LDAP server.

Answer: D

Question 5

Given: ABC Company is deploying an IEEE 802.11-compliant wireless security solution using 802.1X/EAP authentication. According to company policy, the security solution must prevent an eavesdropper from decrypting data frames traversing a wireless connection. What security characteristics and/or components play a role in preventing data decryption? (Choose 2)

Options :

A : Multi-factor authentication

B : 4-Way Handshake

C : PLCP Cyclic Redundancy Check (CRC)

D : Encrypted Passphrase Protocol (EPP)

E : Integrity Check Value (ICV)

F : Group Temporal Keys

Answer: B,F

Confidently Practice Online with Free CWSP-207 Exam Cram

Buying Options: