Certified Wireless Security Professional (CWSP)
Last Update Oct 2, 2025
Total Questions : 119
We are offering FREE CWSP-208 CWNP exam questions. All you do is to just go and sign up. Give your details, prepare CWSP-208 free exam questions and then go for complete pool of Certified Wireless Security Professional (CWSP) test questions that will help you more.
Given: AAA is an architectural framework used to provide three separate security components in a network. Listed below are three phrases that each describe one aspect of the AAA framework.
Option-1 — This AAA function is performed first and validates user identify prior to determining the network resources to which they will be granted access.
Option-2 — This function is used for monitoring and auditing purposes and includes the collection of data that identifies what a user has done while connected.
Option-3 — This function is used to designate permissions to a particular user.
What answer correctly pairs the AAA component with the descriptions provided above?
What security benefits are provided by endpoint security solution software? (Choose 3)
The IEEE 802.11 Pairwise Transient Key (PTK) is derived from what cryptographic element?
What policy would help mitigate the impact of peer-to-peer attacks against wireless-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hot-spots?
As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.
When writing the 802.11 security policy, what password-related items should be addressed?
In what deployment scenarios would it be desirable to enable peer-to-peer traffic blocking?
Given: ABC Hospital wishes to create a strong security policy as a first step in securing their 802.11 WLAN.
Before creating the WLAN security policy, what should you ensure you possess?
As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?
Given: Mary has just finished troubleshooting an 802.11g network performance problem using a laptop-based WLAN protocol analyzer. The wireless network implements 802.1X/PEAP and the client devices are authenticating properly. When Mary disables the WLAN protocol analyzer, configures her laptop for PEAP authentication, and then tries to connect to the wireless network, she is unsuccessful. Before using the WLAN protocol analyzer, Mary’s laptop connected to the network without any problems.
What statement indicates why Mary cannot access the network from her laptop computer?
Given: WLAN protocol analyzers can read and record many wireless frame parameters.
What parameter is needed to physically locate rogue APs with a protocol analyzer?
Given: You view a protocol analyzer capture decode with the following protocol frames listed in the following order (excluding the ACK frames):
1) 802.11 Probe Request and 802.11 Probe Response
2) 802.11 Auth and another 802.11 Auth
2) 802.11 Assoc Req and 802.11 Assoc Rsp
4) EAPOL-Start
5) EAP Request and EAP Response
6) EAP Request and EAP Response
7) EAP Request and EAP Response
8) EAP Request and EAP Response
9) EAP Request and EAP Response
10) EAP Success
19) EAPOL-Key (4 frames in a row)
What are you seeing in the capture file? (Choose 4)
You are implementing an 802.11ac WLAN and a WIPS at the same time. You must choose between integrated and overlay WIPS solutions. Which of the following statements is true regarding integrated WIPS solutions?
You work as the security administrator for your organization. In relation to the WLAN, you are viewing a dashboard that shows security threat, policy compliance and rogue threat charts. What type of system is in view?
Select the answer option that arranges the numbered events in the correct time sequence (first to last) for a client associating to a BSS using EAP-PEAPv0/MSCHAPv2.
1. Installation of PTK
2. Initiation of 4-way handshake
3. Open system authentication
4. 802.11 association
5. 802.1X controlled port is opened for data traffic
6. Client validates server certificate
7. AS validates client credentials
What attack cannot be detected by a Wireless Intrusion Prevention System (WIPS)?
Given: You have implemented strong authentication and encryption mechanisms for your enterprise 802.11 WLAN using 802.1X/EAP with AES-CCMP.
For users connecting within the headquarters office, what other security solution will provide continuous monitoring of both clients and APs with 802.11-specific tracking?
What 802.11 WLAN security problem is directly addressed by mutual authentication?
Wireless Intrusion Prevention Systems (WIPS) are used for what purposes? (Choose 3)
What type of WLAN attack is prevented with the use of a per-MPDU TKIP sequence counter (TSC)?
Given: Many computer users connect to the Internet at airports, which often have 802.11n access points with a captive portal for authentication.
While using an airport hot-spot with this security solution, to what type of wireless attack is a user susceptible? (Choose 2)
A WLAN is implemented using WPA-Personal and MAC filtering.
To what common wireless network attacks is this network potentially vulnerable? (Choose 3)
What software and hardware tools are used together to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network? (Choose 2)
What WLAN client device behavior is exploited by an attacker during a hijacking attack?
Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website. The bank’s website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain John’s bank account user ID and password and exploit this information.
What likely scenario could have allowed the hacker to obtain John’s bank account user ID and password?
Given: You manage a wireless network that services 200 wireless users. Your facility requires 20 access points, and you have installed an IEEE 802.11-compliant implementation of 802.1X/LEAP with AES-CCMP as an authentication and encryption solution.
In this configuration, the wireless network is initially susceptible to what type of attacks? (Choose 2)
In order to acquire credentials of a valid user on a public hot-spot network, what attacks may be conducted? Choose the single completely correct answer.
TESTED 02 Oct 2025
