Wireless Security Professional
Answers, Braindumps (PW0-200)
I passed it with
good score, but you need to study and remember a lot
of the information. I used www.4exam.com for my test.
Here are the questions what I remember.
Given: The size of your WLAN is growing rapidly. To
maintain consistent network security, what WLAN security
policy measures must be followed?
A. Use Role Based Access Control (RBAC) to assign
security policies to users
B. Update the WLAN architecture to support autonomous
APs managed by WNMS
C. Configure APs to load their firmware from a TFTP
server during initialization
D. Include the WLAN in a change management program
E. Create and maintain a security checklist for equipment
Given: The Marketing department WLAN users need to
reach their own server and the Internet, but should
not have access to any other network resources. What
WLAN security feature should be implemented to comply
with these requirements?
A. Mutual authentication
B. Wireless routing
C. Captive portal
D. Role-based access control
Given: Abc .com wants to install an 802.11g WLAN that
supports fast roaming for 802.11b IP phones. A requirement
is the ability to troubleshoot reassociations that
are delayed or dropped during roaming. What is the
most cost-effective system Abc .com can implement
to meet the troubleshooting requirement?
A. WLAN protocol analyzer software on laptop computers
B. WLAN switch with integrated WIPS
C. WLAN switch with dual lightweight 802.11a/b/g radios
D. Autonomous (thick) access points with a WIDS overlay
E. Hybrid WLAN switch with integrated RF planning
Given: Most of today's lightweight (thin) access points
support 802.3af and can be placed anywhere in the
network infrastructure instead of directly connected
to a WLAN switch/controller port. A lightweight access
point can make what logical connection to its controller?
A. LLC port connection
B. GRE tunnel
C. RSVP protocol connection
D. HTTPS tunnel
E. Mobile IP connection
CKIP uses a per-MPDU CKIP sequence counter (TSC) to
prevent what type of WLAN attack?
E. Session hijacking
As a part of a large organization security policy,
how should a wireless security professional address
the problem of rogue access points?
A. Use a WPA2-Enterprise compliant security solution
with strong authentication and encryption.
B. Hide the SSID of all access points on the network
so that intruders don't know how to configure rogue
C. Reduce the power of all access points on the network
so that rogues stand out.
D. Install and monitor a WIPS by a trained employee.
What is the purpose of the 802.11i STAKey Handshake
in a WLAN BSS?
A. Initiating an 802.11r handoff, allowing access
points to use the IAPP protocol
B. Producing keys for securing data frames directly
between stations while associated with an access point
C. Initiates 802.11e client prioritization, ensuring
two stations can control the medium until a data exchange
D. Producing Group Transient Keys (GCKs) for encrypting
multicast and broadcast frames in a BSS
E. Allows client stations to securely authenticate
to a repeater access point
F. Allows supplicants to roam across access points
they have not previously associated to without using
the 802.1X/EAP authentication process
Given: Abc .com has implemented both WPA2-Enterprise
and IPSec/ESP security mechanisms to protect their
802.11a connections. What option specifies the paired
layers involved in this security implementation?
A. Layer 2, Layer 3
B. Layer 1, Layer 2
C. Layer 3, Layer 7
D. Layer 2, Layer 7
E. Layer 2, Layer 4
Given: Jack Bill often works from home and wireless
hotspots rather than commuting to the office. Her
laptop connects to the office network over WLANs.
To safeguard his data, what two wireless security
policy items should be implemented?
A. Use an IPSec VPN for remote connectivity
B. Use an HTTPS captive portal
C. Use a personal firewall on his laptop
D. Use a protocol analyzer on his laptop to sniff
WLAN traffic for risks
E. Use 802.1X/PEAPv0 to connect to the office network
Given: Abc .com has just completed installation of
a WLAN switch/controller with 10 lightweight (thin)
access points. The Chief Security Officer has specified
802.11i compliant PEAPv0/EAP-MSCHAPv2 as the only
authorized WLAN authentication and encryption scheme.
Where must the x.509 server certificate reside in
A. Supplicant devices
B. LDAP server
C. RADIUS server
D. WLAN switch/controller
E. Lightweight access points