最新なCWNP CWSP-207問題集（122題）、真実試験の問題を全部にカバー！

質問 1：
Given: In XYZ's small business, two autonomous 802.11ac APs and 12 client devices are in use with WPA2-Personal.
What statement about the WLAN security of this company is true?
A. Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be unable to decrypt the data traffic of other users.
B. An unauthorized WLAN user with a protocol analyzer can decode data frames of authorized users if he captures the BSSID, client MAC address, and a user's 4-Way Handshake.
C. An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt multicast or broadcast traffic.
D. A successful attack against all unicast traffic on the network would require a weak passphrase dictionary attack and the capture of the latest 4-Way Handshake for each client.
E. Because WPA2-Personal uses Open System authentication followed by a 4-Way Handshake, hijacking attacks are easily performed.
正解：D

質問 2：
What is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism in an 802.11 WLAN?
A. EAP-TTLS does not require the use of a certificate for each STA as authentication credentials, but EAP-TLS does.
B. EAP-TTLS sends encrypted supplicant credentials to the authentication server, but EAP-TLS uses unencrypted user credentials.
C. EAP-TTLS does not require an authentication server, but EAP-TLS does.
D. EAP-TTLS supports client certificates, but EAP-TLS does not.
正解：A

質問 3：
When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?
A. Server credentials
B. RADIUS shared secret
C. X.509 certificates
D. User credentials
正解：D

質問 4：
ABC Company has deployed a Single Channel Architecture (SCA) solution to help overcome some of the common problems with client roaming. In such a network, all APs are configured with the same channel and BSSID. PEAPv0/EAP-MSCHAPv2 is the only supported authentication mechanism.
As the Voice over Wi-Fi (STA-1) client moves throughout this network, what events are occurring?
A. The WLAN controller controls the AP to which STA-1 is associated and transparently moves this association in accordance with the physical location of STA-1.
B. STA-1 initiates open authentication and 802.11 association with each AP prior to roaming.
C. The WLAN controller is querying the RADIUS server for authentication before the association of STA-1 is moved from one AP to the next.
D. STA-1 controls when and where to roam by using signal and performance metrics in accordance with the chipset drivers and 802.11k.
正解：A

質問 5：
ABC Company requires the ability to identify and quickly locate rogue devices. ABC has chosen an overlay WIPS solution with sensors that use dipole antennas to perform this task. Use your knowledge of location tracking techniques to answer the question.
In what ways can this 802.11-based WIPS platform determine the location of rogue laptops or APs? (Choose
3)
A. Time Difference of Arrival (TDoA)
B. GPS Positioning
C. Trilateration of RSSI measurements
D. RF Fingerprinting
E. Angle of Arrival (AoA)
正解：A,C,D