990 お客様のコメント
質問 1:
Which of the following policies are considered as a good starting point while designing a wireless security policy document? Each correct answer represents a complete solution. Choose all that apply.
A. Functional security policy
B. Rogue AP policy
C. General security policy
D. Protocol policy
正解:A,B,C
質問 2:
In order to acquire credentials of a valid user on a public hotspot network, what attacks may be conducted? Choose the single completely correct answer.
A. Code injection and/or XSS
B. RF DoS and/or physical theft
C. Social engineering and/or eavesdropping
D. Authentication cracking and/or RF DoS
E. MAC denial of service and/or physical theft
正解:C
質問 3:
ABC Company has recently installed a WLAN controller and configured it to support WPA2- Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?
A. The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.
B. The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.
C. The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.
D. The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.
正解:A
質問 4:
You are installing 6 APs on the outside of your facility. They will be mounted at a height of 6 feet.
What must you do to implement these APs in a secure manner beyond the normal indoor AP implementations? (Choose the single best answer.)
A. Power the APs using PoE.
B. Ensure proper physical and environmental security using outdoor ruggedized APs or enclosures.
C. Use external antennas.
D. Use internal antennas.
正解:B
質問 5:
In an IEEE 802.11-compliant WLAN, when is the 802.1X Controlled Port placed into the unblocked state?
A. After the 4-Way Handshake
B. After EAP authentication is successful
C. After Open System authentication
D. After any Group Handshake
正解:B
質問 6:
The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions. Which one of the following would not be a suitable penetration testing action taken with this tool?
A. Cracking the authentication or encryption processes implemented poorly in some WLANs.
B. Probing the RADIUS server and authenticator to expose the RADIUS shared secret.
C. Auditing the configuration and functionality of a WIPS by simulating common attack sequences.
D. Transmitting a deauthentication frame to disconnect a user from the AP.
正解:B
質問 7:
What WLAN client device behavior is exploited by an attacker during a hijacking attack?
A. As specified by the Wi-Fi Alliance, clients using Open System authentication must allow direct client-to-client connections, even in an infrastructure BSS.
B. After the initial association and 4-way handshake, client stations and access points do not need to perform another 4-way handshake, even if connectivity is lost.
C. When the RF signal between a client and an access point is disrupted for more than a few seconds, the client device will attempt to associate to an access point with better signal quality.
D. When the RF signal between a client and an access point is lost, the client will not seek to reassociate with another access point until the 120 second hold down timer has expired.
E. Client drivers scan for and connect to access point in the 2.4 GHz band before scanning the 5 GHz band.
正解:C
質問 8:
You are the WLAN administrator in your organization and you are required to monitor the network and ensure all active WLANs are providing RSNs. You have a laptop protocol analyzer configured. In what frame could you see the existence or non-existence of proper RSN configuration parameters for each BSS through the RSN IE?
A. Beacon
B. Data frames
C. Probe request
D. CTS
E. RTS
正解:A
Which of the following policies are considered as a good starting point while designing a wireless security policy document? Each correct answer represents a complete solution. Choose all that apply.
A. Functional security policy
B. Rogue AP policy
C. General security policy
D. Protocol policy
正解:A,B,C
質問 2:
In order to acquire credentials of a valid user on a public hotspot network, what attacks may be conducted? Choose the single completely correct answer.
A. Code injection and/or XSS
B. RF DoS and/or physical theft
C. Social engineering and/or eavesdropping
D. Authentication cracking and/or RF DoS
E. MAC denial of service and/or physical theft
正解:C
質問 3:
ABC Company has recently installed a WLAN controller and configured it to support WPA2- Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?
A. The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.
B. The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.
C. The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.
D. The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.
正解:A
質問 4:
You are installing 6 APs on the outside of your facility. They will be mounted at a height of 6 feet.
What must you do to implement these APs in a secure manner beyond the normal indoor AP implementations? (Choose the single best answer.)
A. Power the APs using PoE.
B. Ensure proper physical and environmental security using outdoor ruggedized APs or enclosures.
C. Use external antennas.
D. Use internal antennas.
正解:B
質問 5:
In an IEEE 802.11-compliant WLAN, when is the 802.1X Controlled Port placed into the unblocked state?
A. After the 4-Way Handshake
B. After EAP authentication is successful
C. After Open System authentication
D. After any Group Handshake
正解:B
質問 6:
The Aircrack-ng WLAN software tool can capture and transmit modified 802.11 frames over the wireless network. It comes pre-installed on Kali Linux and some other Linux distributions. Which one of the following would not be a suitable penetration testing action taken with this tool?
A. Cracking the authentication or encryption processes implemented poorly in some WLANs.
B. Probing the RADIUS server and authenticator to expose the RADIUS shared secret.
C. Auditing the configuration and functionality of a WIPS by simulating common attack sequences.
D. Transmitting a deauthentication frame to disconnect a user from the AP.
正解:B
質問 7:
What WLAN client device behavior is exploited by an attacker during a hijacking attack?
A. As specified by the Wi-Fi Alliance, clients using Open System authentication must allow direct client-to-client connections, even in an infrastructure BSS.
B. After the initial association and 4-way handshake, client stations and access points do not need to perform another 4-way handshake, even if connectivity is lost.
C. When the RF signal between a client and an access point is disrupted for more than a few seconds, the client device will attempt to associate to an access point with better signal quality.
D. When the RF signal between a client and an access point is lost, the client will not seek to reassociate with another access point until the 120 second hold down timer has expired.
E. Client drivers scan for and connect to access point in the 2.4 GHz band before scanning the 5 GHz band.
正解:C
質問 8:
You are the WLAN administrator in your organization and you are required to monitor the network and ensure all active WLANs are providing RSNs. You have a laptop protocol analyzer configured. In what frame could you see the existence or non-existence of proper RSN configuration parameters for each BSS through the RSN IE?
A. Beacon
B. Data frames
C. Probe request
D. CTS
E. RTS
正解:A
Nishio -
Pass4Testいちばんやさしい、とうたうだけあって、丁寧に解説されています。
効率的にまとまっているCWSP-206参考書だと思います。