Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

CWSP-208 CWNP Certified Wireless Security Professional (CWSP) Free Practice Exam Questions (2025 Updated)

Prepare effectively for your CWNP CWSP-208 Certified Wireless Security Professional (CWSP) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

CWNP CWSP-208 Premium Access     Download Demo    
Page: 2 / 2
Total 119 questions

Given: ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN.

Before creating the WLAN security policy, what should you ensure you possess?

A.

Awareness of the exact vendor devices being installed

B.

Management support for the process

C.

End-user training manuals for the policies to be created

D.

Security policy generation software

As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.

When writing the 802.11 security policy, what password-related items should be addressed?

A.

MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.

B.

Password complexity should be maximized so that weak WEP IV attacks are prevented.

C.

Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK-based authentication.

D.

Certificates should always be recommended instead of passwords for 802.11 client authentication.

E.

EAP-TLS must be implemented in such scenarios.

What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hot-spots?

A.

Require Port Address Translation (PAT) on each laptop.

B.

Require secure applications such as POP, HTTP, and SSH.

C.

Require VPN software for connectivity to the corporate network.

D.

Require WPA2-Enterprise as the minimal WLAN security solution.

What elements should be addressed by a WLAN security policy? (Choose 2)

A.

Enabling encryption to prevent MAC addresses from being sent in clear text

B.

How to prevent non-IT employees from learning about and reading the user security policy

C.

End-user training for password selection and acceptable network use

D.

The exact passwords to be used for administration interfaces on infrastructure devices

E.

Social engineering recognition and mitigation techniques

What protocols allow a network administrator to securely manage the configuration of WLAN controllers and access points? (Choose 2)

A.

SNMPv1

B.

HTTPS

C.

Telnet

D.

TFTP

E.

FTP

F.

SSHv2

You have an AP implemented that functions only using 802.11-2012 standard methods for the WLAN communications on the RF side and implementing multiple SSIDs and profiles on the management side configured as follows:

1. SSID: Guest – VLAN 90 – Security: Open with captive portal authentication – 2 current clients

2. SSID: ABCData – VLAN 10 – Security: PEAPv0/EAP-MSCHAPv2 with AES-CCMP – 5 current clients

3. SSID: ABCVoice – VLAN 60 – Security: WPA2-Personal – 2 current clients

Two client STAs are connected to ABCData and can access a media server that requires authentication at the Application Layer and is used to stream multicast video streams to the clients.

What client stations possess the keys that are necessary to decrypt the multicast data packets carrying these videos?

A.

Only the members of the executive team that are part of the multicast group configured on the media server

B.

All clients that are associated to the AP using the ABCData SSID

C.

All clients that are associated to the AP using any SSID

D.

All clients that are associated to the AP with a shared GTK, which includes ABCData and ABCVoice.

Given: You support a coffee shop and have recently installed a free 802.11ac wireless hot-spot for the benefit of your customers. You want to minimize legal risk in the event that the hot-spot is used for illegal Internet activity.

What option specifies the best approach to minimize legal risk at this public hot-spot while maintaining an open venue for customer Internet access?

A.

Configure WPA2-Enterprise security on the access point

B.

Block TCP port 25 and 80 outbound on the Internet router

C.

Require client STAs to have updated firewall and antivirus software

D.

Allow only trusted patrons to use the WLAN

E.

Use a WIPS to monitor all traffic and deauthenticate malicious stations

F.

Implement a captive portal with an acceptable use disclaimer

CWNP CWSP-208 Premium Access     Download Demo    
Page: 2 / 2
Total 119 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved