Online Access Free CWSP-206 Exam Questions

Which of the following are secure device management protocols? Each correct answer represents a complete solution. Choose all that apply.

• A.SNMPv3
• B.HTTPS
• C.SSH
• D.HTTP

As the primary security engineer for a large corporate network, you have been asked to author a new security policy for the wireless network. While most client devices support 802.1X authentication, some legacy devices still only support passphrase/PSK-based security methods.
When writing the 802.11 security policy, what password-related items should be addressed?

• A.MS-CHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2-PSK passphrases.
• B.EAP-TLS must be implemented in such scenarios.
• C.Password complexity should be maximized so that weak WEP IV attacks are prevented.
• D.Static passwords should be changed on a regular basis to minimize the vulnerabilities of a PSK- based authentication.
• E.Certificates should always be recommended instead of passwords for 802.11 client authentication.

Which of the following is a valid reason to avoid the use of EAP-MD5 in production WLANs?

• A.It does not support mutual authentication.
• B.It does not support the outer identity.
• C.It is not a valid EAP type.
• D.It does not support a RADIUS server.

When using a tunneled EAP type, such as PEAP, what component is protected inside the TLS tunnel so that it is not sent in clear text across the wireless medium?

• A.Server credentials
• B.User credentials
• C.RADIUS shared secret
• D.X.509 certificates

Which of the following would be the most help against Denial of Service (DOS) attacks?

• A.Stateful Packet Inspection (SPI) firewall
• B.Honey pot
• C.Packet filtering firewall
• D.Network surveys.