When implementing a WPA2-Enterprise security solution, what protocol must the selected RADIUS server support?
A. EAP
B. CCMP and TKIP
C. IPSec/ESP
D. LWAPP, GRE, or CAPWAP
E. LDAP
正解:A
質問 2:
What drawbacks initially prevented the widespread acceptance and use of Opportunistic Key Caching (OKC)?
A. Because OKC is not defined by any standards or certification body, client support was delayed and sporadic early on.
B. Key exchanges during fast roams required processor-intensive cryptography, which was prohibitive for legacy devices supporting only TKIP.
C. Sharing cached keys between controllers during inter-controller roaming created vulnerabilities that exposed the keys to attackers.
D. The Wi-Fi Alliance continually delayed the creation of a client certification for OKC, even though it was defined by IEEE 802.11r.
正解:A
質問 3:
Given: ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hot-spot include:
* Cannot access corporate network resources
* Network permissions are limited to Internet access
* All stations must be authenticated
What security controls would you suggest? (Choose the single best answer.)
A. Use a WIPS to deauthenticate guest users when their station tries to associate with the corporate WLAN.
B. Force all guest users to use a common VPN protocol to connect.
C. Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
D. Implement separate controllers for the corporate and guest WLANs.
E. Configure access control lists (ACLs) on the guest WLAN to control data types and destinations.
正解:C
質問 4:
In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?
A. At public hot-spots in which many clients use diverse applications
B. In home networks in which file and printer sharing is enabled
C. In corporate Voice over Wi-Fi networks with push-to-talk multicast capabilities
D. In university environments using multicast video training sourced from professor's laptops
正解:A
質問 5:
You work as the security administrator for your organization. In relation to the WLAN, you are viewing a dashboard that shows security threat, policy compliance and rogue threat charts. What type of system is in view?
A. Wireshark Protocol Analyzer
B. WLAN Emulation System
C. Distributed RF Spectrum Analyzer
D. Wireless VPN Management Systems
E. Wireless Intrusion Prevention System
正解:E
本城** -
このCWSP-207参考書をまずは通して一周読み解いて、本番試験に受験してスムーズに書けて、無事に受かりました。