PW0-200 CWNA Wireless Security Professional

PW0-200 CWNA Wireless Security Professional

http://www.TwPass.com

PW0-200

CWNA

Wireless Security Professional

http://www.twpass.com/twpass.com/exam.aspx?eCode= PW0-200

The PW0-200 practice exam is written and formatted by Certified Senior IT Professionals working in today's prospering companies and data centers all over the world! The PW0-200 Practice Test covers all the exam topics and objectives and will prepare you for success quickly and efficiently.

The PW0-200 exam is very challenging, but with our PW0-200 questions and answers practice exam, you can feel confident in obtaining your success on the PW0-200 exam on your FIRST TRY!

CWNA PW0-200 Exam Features

- Detailed questions and answers for PW0-200 exam

- Try a demo before buying any CWNA exam

- PW0-200 questions and answers, updated regularly

- Verified PW0-200 answers by Experts and bear almost 100% accuracy

- PW0-200 tested and verified before publishing

- PW0-200 exam questions with exhibits

- PW0-200 same questions as real exam with multiple choice options

Acquiring CWNA certifications are becoming a huge task in the field of I.T. More over these exams like PW0-200 exam are now continuously updating and accepting this challenge is itself a task.

This PW0-200 test is an important part of CWNA certifications. We have the resources to prepare you for this. The PW0-200 exam is essential and core part of CWNA certifications and once you clear the exam you will be able to solve the real life problems yourself.Want to take advantage of the Real PW0-200 Test and save time and money while developing your skills to pass

your CWNA PW0-200 Exam? Let us help you climb that ladder of success and pass your PW0-200 now!

PW0-200

QUESTION:

1

What wireless authentication technologies build a TLS-encrypted tunnel between the supplicant and the authentication server before passing client authentication credentials to the authentication server? A - MS-CHAPv2 B - EAP-FAST C - LEAP D - PEAPV1/EAP-GTC

E - EAP-MD5 F - EAP-TTLS

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=1

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

2

How does a wireless network management system (WNMS) discover WLAN usernames? A

- The WNMS rinds the MAC address or the wi reless client device in the authentication database and parses the username from the entry. B - The WNMS polls access points using

SNMP. C - The client device sends the username to the WNMS on port 113 (ident service) after successful authentication. D - The RADIUS server sends the username to the WNMS after the wireless device successfully authenticates. E - The WNMS captures the username by sniffi ng the wireless network during the authentication process.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=2

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

3

What is illustrated by this Wireless Intrusion Prevention System (WIPS)? A - 802.11a access points on channels 34, 38, 42, and 46 B - Wideband RF jamming attack C - Only channels 9,

10, and 11 are enabled on the access point D - An access point on channel 6 E - Use of channels 12-14 is not allowed

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=3

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

4

Given: A university is installing a WLAN switch /controller and one thousand 802.11a/g lightweight access points. In this environment, how should the WLAN switch/controller connect to the Ethernet network? A - The WLAN switch/controller should connect between every Layer 3 distribution Ethernet switch and every Layer 2 access Ether net switch by

having one port in each VLAN. B - The WLAN switch/controller should connect to the core

Layer 3 switch via a gigabit (or raster) Ethernet segment. C - The WLAN switch/controller should be conne cted between the Layer 3 core Ethernet switch/controller and the corporate

Internet firewall using a 100 Mbps connection. D - The WLAN switch/controller should connect to a Layer 3 distribution switch in a wireless VLAN using a gigabit (or faster) connection.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=4

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

5

What type of WLAN attack is illustrated on the 802.11 protocol analyzer screenshot? A -

Man-in-the-middle B - Frame injection C - RF jamming D - Authentication flood E -

Hijacking

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=5

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

6

What policies would prevent peer-to-peer attacks against wirele ss-enabled corporate laptop computers when the laptops are also used on public access networks such as wireless hotspots?

A - Require personal firewall software on each laptop. B - Require secure applications such as

POP3/S, HTTPS, and SSH2. C - Require VPN software for connectivity to the corporate network. D - Require WPA2-Enterprise as the minimal WLAN security solution. E - Require

Port Address Translation (PAT) on each laptop.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=6

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

7

When using a tunneled EAP type, what is protected against clea r text transmission across the wireless medium? A - x.509 certificates B - User Credentials C - Server Credentials D -

EAPoL Keys E - Pairwise Master Keys

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=7

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

8

What four tools are required to hijack a wireless client (at Layer 2 and Layer 3) from the authorized wireless network onto the unauthorized wireless network? (Select two answers that together specify the tour necessary tools) A - Access point software and a narrowband RF jamming device B - A high-gain Yagi antenna and terminal emulation software C - A wireless bridge and a spectrum analyzer D - A wireless PC card and DHCP server software E - MAC spoofing software and data flooding software

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=8

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

9

Given: The ABC Hospital has decided that installing, securing, and maintaining a wireless infrastructure is beyond their IT budget for this calendar year. However, they believe that there are benefits to using wireless Ad Hoc ne tworks in the hospital, especially for meetings. They have decided to use wireless Ad Hoc networks, but are concerned about security. What statements about wireless Ad Hoc network security are true? A - The IEEE 802.11i standard suppor ts an authenticator and authentica tion server on each client device that is part of the wireless Ad Hoc network. B - IPSec client software and personal firewall software on each client provide strong WLAN security for Ad Hoc networks. C - WPA2 passphrases are the most effective, low-cost mechanism for protecting wireless Ad Hoc networks from eavesdropping. D - WPA2-Enterprise allows Ad Hoc networks to scale to a larger number of users than WPA2- Personal.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=9

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

10

Given: The size of your WLAN is growing rapidly. To maintain consistent network security, what WLAN security policy measures must be followed? A - Use Role Based Access

Control (RBAC) to assign security policies to users B - Update the WLAN architecture to support autonomous APs managed by WNMS C - Configure APs to load their firmware from a TFTP server during initialization D - Include the WLAN in a change management program

E - Create and maintain a security checklist for equipment staging

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=10

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

11

Given: ABC Company is an Internet Service Prov ider with thousands of customers. It uses an

LDAP server as the centra l user credential database. How can ABC Company use their existing user data base for wireless user authentication as they implement a large-scale WPA2-

Enterprise WLAN security? solution? A - Import all users from the LDAP server into the

RADIUS server with an LDAP-to-RADIUS conversion tool. B - Implement an x.509 compliant Certificate Authority and enable SSL queries on the LDAP server. C - Install a

TACACS+ server, configure an OD BC connection between the TACACS+ and LDAP servers, and have the TACA CS+ server query the LDAP server. D - Implement a RADIUS server and proxy user authentication requests to the LDAP server.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=11

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

12

What type of WLAN system is illustrated? A - Wireless Intrusion Prevention System B -

Wireless Network Management System C - Wireless Switch Configuration GUI D -

Enterprise Encryption Gateway E - EAP-enabled RADIUS Server

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=12

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

13

Given: John Smith often works from home and wi reless hotspots rather than commuting to the office. His laptop connects to the office network over WLANs. To safeguard his data, what two wireless security policy items should be implemented? A - Use an IPSec VPN for remote connectivity B - Use an HTTPS captive portal C - Use a personal firewall on his laptop D - Use a protocol analyzer on his laptop to sniff WLAN traffic for risks E - Use

802.1X/PEAPv0 to connect to the office network

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=13

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

14

Given: A network security auditor is assessing a wireless network?s exposure to security holes.

What task would save the most time if performed before the audit? A - Identify the IP subnet information for each network segment. B - Identify the wireless security solutions currently in use. C - Identify the skill level of the wirele ss network security administrator(s). D - Identify

the manufacturer of the wireless infrastructure hardware. E - Identify security holes in the wireless security policy.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=14

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

15

Given: You have a laptop computer and a Wi-F i compliant PC card. What statements describe the limited effectiveness of locating rogue access points using WLAN discovery software such as Netstumbler or Kismet? A - Discovery tools like Netstumbler and Kismet cannot determine the authorization status of an access point. B - A laptop computer can only be in one location at a time, even in large enterprise environments. C - When WEP, WPA, or

WPA2 are in use, acce ss points cannot be detected using discovery tools like Netstumbler and Kismet. D - Rogue access points using non-Wi-Fi frequency bands or unpopular modulations are not detected. E - Discovery tools like Netstumbler and Kismet cannot determine if an access point is attached to a wired network.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=15

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

16

Given: ABC Corporation is selecting a security solution for their new WLAN, and a PPTP

VPN is their first consideration because it is included with both server and des ktop operating systems. While the 128-bit encryption of Microsoft?s M PPE is considered strong enough to adhere to corporate security policy. the company is worried about security holes in MS-

CHAPv2 authentication. As a consultant, what do you tell ABC Co rporation about implementing MS-CHAPv2 authentication in a PPTP VPN? A - MS-CHAPv2 is compliant with WPA- Personal, but not WPA2-Enterprise. B - MS-CHAPv2 is subject to offline dictionary attacks. C - MS-CHAPv2 is only secure w hen combined with MAC filters. D -

MS-CHAPv2 is appropriate for WLAN securi ty when used inside a TLS-encrypted tunnel. E

- MS-CHAPv2 uses anonymous Diffie-Hellman authentication, and is therefore secure. F -

MS-CHAPv2 can be replaced with EAP-TLS as the authentication mechanism for PPTP.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=16

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

17

Given: WLAN protocol analyzers can read and re cord many wireless frame parameters. What

parameter is needed to physically locate rogue access points? A - DSSS parameter set

B - P Address C - BSSID D - Signal strength E - Beacons per second

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=17

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

18

Given: The illustrated WLAN software tool can transmit customized 802.11 framers. What are two users for such a tool? A - Altering physical layer frame headers for frame injection attacks B - Auditing the security features of a WIPS C - Modifying a network?s logical topology D - Changing the supported data rates on an AP E - Deauthentication attacks F -

Monitoring for unencrypted passwords as they traverse the WLAN

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=18

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

19

Given: ABC Company has recently implemented lPSec VPN technology using the

Authentication Header (AH) protocol to secure their wireless connections. You are hired as a security auditor to test the security strength of the wireless net work. What statement about this

WLAN security implementation is true? A - AH uses 3DES encryption, causing high latency on half-duplex networks. B - Wireless clients should be configured for NAT transparency, so encrypted frames can traverse gateways. C - AH uses public key cryptography, which is incompatible with the 802.11 protocol. D - The AH protocol does not encrypt the data payload, so the ESP protocol should be used. E - When using AH as a VPN solution, the implementation must incorporate SSH2 tunneling.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=19

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

20

Given: ABC Company has implemented both WPA2-Enterprise and lPSec/ESP security mechanisms to protect their 802.11a connection s. What option specifies the paired layers involved in this security implementation? A - Layer2, Layer3 B - Layer1, Layer2 C -

Layers, Layer7 D - Layer2, Layer7 E - Layer 2, Layer4

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=20

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

21

In a WLAN hijacking attack, what WLAN client device feature works to the advantage of the attacker? A - When the RF signal between a client and an access point is lost for more than a few seconds, the client device will attempt reassociation only with the same access point until the Layer 3 session times out. B - When the RF signal between a client and an access point is significantly disrupted the client will seek to reassociate with another acce ss point with the same SSID and a stronger, higher- quality signal. C - Clients auto-detect Ad Hoc and Infrastructure service sets and will associate to the appropriate network type. D - The

IEEE 802.11 standard specifies that client s using Open System authentication must allow direct client-to-client connections, even in Infrastructure mode.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=21

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

22

Given: The ABC Company 802.11g WLAN has worked perfectly for the last 6 months. One morning, none of the company?s 10 users can connect to the company?s only access point.

When the administrator logs into the access point, t here are hundreds of users associated using

Open System authentication. What is the problem? A - The AP has been the victim of an RF

DoS attack. B - The AP has experienced an AP spoofing attack from a rogue AP. C - The AP firmware has been corrupted and is erroneously reporting the number of users. D - The

AP has experienced an association flood attack.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=22

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

23

In a WLAN environment, what is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism? A - EAP-TTLS sends client credentials thro ugh an encrypted

TLS tunnel to the server. B - EAP-TTLS supports sm art card clients. C - EAP-TTLS is integrated into Microsoft Active Directory and Novell eDirectory. D - EAP-TTLS allows clients to authenticat e to the server using passwords. E - EAP-TTLS uses proven standar dsbased technology, but EAP-TLS is still in draft format. F - EAP-TTLS supports mutual aut hentication between supplicant s and authentication servers.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=23

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

24

Given: The illustration shows a WLAN protocol analyzer decoding an 802.11 Beacon

Management Frame. What statement about the access point?s BSS is tr ue and can be confirmed with this illustration? A - There is currently one wireless client asso ciated with the AP using CCMP within the BSS. B - The only cipher suite support ed in the BSS is WPA-

Personal. C - The BSS Group Key Cipher will be rotated by t he access point after two more beacon frames. D - Data frames within the BSS must have TKIP key rotation set to rotate every 40 minutes. E - The BSS supports both CCMP and TK IP cipher suites simultaneously.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=24

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

25

Given: ABC Company has a single access point, 15 client devices, and uses WPA2-Personal for WLAN security. What statement about ABC Company WLAN security is true? A -

Intruders may obtain the passphrase with an offline dictionary attack and gain network access, but will be una ble to decrypt data traffic. B - Traffic injection attacks are possible becau se the transmitter lacks frame numbering. C - An unauthorized wireless client device cannot associate, but can eavesdrop on some data because WPA2-Personal does not encrypt broadcast traffic. D - An authorized WLAN user with a protocol an alyzer can decode frames captured from the 4- Way Handshake of another authorized user. E - Because WPA2-

Personal uses Shared Key authe ntication followed by a 4-Way Handshake, EAP-Start flood attacks are easily performed.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=25

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

26

In this diagram from the 802.11i amendment, w hat is the purpose of the ANonce and SNonce?

A - They are used to pad Message 1 and Message 2 so there is no empty space in the frame. B

- The IEEE 802.11-1999 (R 2003) standard requires that all unicast frames contain a nonce for security purposes. C - They are added together and used as the GMK, from which the GTK is derived. D - They are random values used in the der ivation of the Pairwise Transient Key.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=26

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

27

What TKIP features prevent attacks against the known weaknesses of WEP? A - 32-bit ICV

(CRC-32) B - Mandatory per-packet keys C - RC5 stream cipher D - Michael E -

Decreased IV length F - Arthur

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=27

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

28

The illustration shows the 802.11 association procedure from the 802.11i amendment. In a

WPA2-Enterprise network, what process immediat ely follows the 802.11 association procedure? A - Group Handshake B - 802.1X/EAP framework process C - STAKey

Handshake D - 4-Way Handshake E - 802.11 authentication process F - Pass-phrase-to- PSK mapping process

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=28

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

29

What happens in a bit flipping attack against a wireless LAN device? A - An attacker captures an encry pted frame, modifies the ciphertext, modifies the ICV to hide the change to the ciphertext, and then transmits th e frame to appear as if it is from the original source. B -

An attacker uses a non-linear Message Integrity Check (MIC) on his or her computer to form a wireless crossover connection with the target computer. C - An attacker sends a custom frame containing all zeros in the POWER-DOWN header field, notifying the access point that it should no l onger accept wireless traffic in preparation for powering down. D - In Ad Hoc mode, an attacker sends each frame with the last bit set to zero, causing the target computer to disable encryption to increase throughput.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=29

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

30

When implementing a WLAN, what password-related items should be included in a security policy? A - Service Set Identifiers (SSlDs) should be configured to the same length and strength requirements as any other administ rative-level password in the enterprise. B -

Passwords should be at least as long as usernames when user authent ication is used instead

of hardware authentication. C - The password policy should be extended to pr ovide guidance on selecting passphrases for security solutions such as WPA2-Personal. D - Certificates should always be used in stead of passwords when securing a WLAN. E - Passwords should contain numbers, special characters, and upper and lower case letters.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=30

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

31

Given: John Smith often telecommutes from a coffee shop near his home. The coffee shop has an 802.llg access point with a capt ive portal for authentication. At this hotspot, John is susceptible to what types of WLAN attacks? A - UDP port redirection B - Wi-Fi phishing C

- Peer-to-peer D - 802.11 reverse ARP E - Eavesdropping/packet reassembly F - Happy AP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=31

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

32

Role-Based Access Control (RBAC) allows a WL AN administrator to perform what network function? A - Provide wireless network access to users through specific access points, based on their 802.11e priority level. B - Allow access to specific files and ap plications based on the user?s IP subnet. C - Allow specific user groups more bandwidth than others. D - Allow simultaneous support of mult iple EAP types on a single access point.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=32

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

33

RFC 3748 specifies that the EAP-response/identity frame must comply with what criteria?

A - The EAP-response/identity frame must contain the user identity. B - When TLS-tunneling mode is active, the EAP-resp onse frame must have a blank user identity. C - The EAPresponse/identity frame must not contain a null identity value. D - The user identity value must be hashed prior to insertion in to the EAP-response identity frame.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=33

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

34

What option specifies how the 802.11i Group Handshake differs from the 4-Way Handshake?

A - The Group Handshake has four messages like the 4-Way Handshake, except when it is performed after a reauthentication when it exhibits only three messages. B - The Group

Handshake is a 4-Way Handsh ake, but does not contain EAPoL Key frames. C - The Group

Handshake requires 6 exchanges, including the TCP 3-Way handshake traffic. D - The Group

Handshake has only two messages instead of four. E - The Group Temporal Key (GTK) is always part of the Group Handshake, but never part of the 4-Way Handshake.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=34

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

35

Once strong authentication and encryption mechani sms are implemented and tested in a

WLAN, what options are needed to maintain a secure WLAN? A - VPN B - Internet firewall C - WIPS D - Personal firewalls E - LDAP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=35

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

36

What protocols allow an administrator to securely transfer a new operating system image to a

WLAN switch/controller? A - SNMPv2c B - HTTPS C - SCP D - TFTP E - FTP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=36

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

37

Given: You manage a wireless netwo rk that services 100 wireless users. Your facility requires

7 access points, and you have installed an 802.11i -compliant implementation of

802.1X/LEAP (TKIP) as an authentication and encryption solution. In this configuration, the wireless networ k is susceptible to what type of attack? A - Man-in-the-middle B - Password dictionary C - Layer 3 peer-to-peer D - WEP cracking E - Session hijacking F -

Eavesdropping

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=37

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

38

Given: Most of today?s light weight (thin) access points support 802.3af and can be placed anywhere in the network infrastructure instead of directly connected to a WLAN switch/controller port. A lightweight access point can make w hat logical connection to its controller? A - LLC port connection B - GRE tunnel C - RSVP protocol connection D -

HTTPS tunnel E - Mobile IP connection

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=38

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

39

Given: ABC Company wants to install an 802.11 g WLAN that supports fast roaming for

802.11 b IP phones. A requirement is the ability to troubleshoo t reassociations that are delayed or dropped during roaming. What is the most cost-effectiv e system ABC Company can implement to meet the troubleshooting requirement? A - WLAN protocol analyzer software on laptop computers B - WLAN switch with integrated WIPS C - WLAN switch with dual lightweight 802.11a/b/g radios D - Autonomous (thick) access points with a

WIDS overlay system E - Hybrid WLAN switch with integrated RF planning tool

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=39

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

40

Given: This network diagram im plements an 802.1X/EAP-based wirele ss security solution.

What device functions as the EAP Authenticator? A - LDAP database B - Client computer

C - Access point D - RADIUS server E - Ethernet switch

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=40

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

41

For WIPS to describe the location of a rogue WLAN device, what requirement must be part of the WIPS installation? A - The predictive site survey results must be imported into the

WIPS. B - A GPS system must be installed including the coordinates of the building?s corners.

C - All authorized AP radios must be placed in RE monitor mode so that the WIPS knows where the authorized APs are in relation to the WIPS sensors. D - A graphical floor plan

diagram must be imported into the WIPS,

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=41

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

42

Given: XYZ Company has recently installed a WLAN switch and RADIUS server and needs to move authenticated wireless users from vari ous departments onto their designated network segments. How should this be accomplished? A - The RADIUS server coordinates with an authenticated DHCP server. B - Manually map each wireless user?s MAC address to a VLAN number in the Ethernet switch. C - Implement multiple 802.1Q VLANs in both the WLAN and Ethernet switches. D - RADIUS will send a return list attribute with the GRE tunnel number to the WLAN switch. E - The WLAN user must contact the network administrator at step 4 of the 802.1X/EAP authentication process to receive a network number.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=42

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

43

Given: The Wi-Fi Alliance implemented TKIP as an upgrade to WEP as part of WPA. The illustration shows an expanded TKIP MPDU. What features were included in TRIP to enhance the security of WEP? A - FCS B - ICV C - MIC D - Extended IV E - Encrypted PDU

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=43

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

44

Given: A new access point is connected to an authorized network segment and is detected by a

WIPS. What does the WIPS apply to the new access point? A - Default security policy B -

FIPS values C - Site survey template D - User property profile E - Updated firmware F -

SNMP MIB

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=44

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

45

Given: Your company has just completed inst allation of a WLAN switch/controller with 10 lightweight (thin) access points. The Chief Se curity Officer has specified 802.11i compliant

PEAPv0/EAP-MSCHAPv2 as the only authorized WL AN authentication an d encryption scheme. Where must the x.509 server certif icate reside in this network? A - Supplicant devices B - LDAP server C - RADIUS server D - WLAN switch/controller E - Lightweight access points

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=45

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

46

During LEAP authentication, what aut hentication credential is passed using clea r text across the wireless medium? A - Password B - x.509 certificate C - Username D - PAC E-

Shared secret

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=46

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

47

The 802.11i Pairwise Transient Key (P TK) is derived from what element? A - Pass-phraseto-PSK mapping algorithm B - Group Master Key (GMK) C - Pairwise Master Key (PMK) D

- AAA Key E - Group Temporal Key (GTK) F - Extended Master Session Key (EMSK)

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=47

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

48

Given: A small company is implementing a single WL AN switch/controller with 6 lightweight

(thin) access points that can authent icate users directly against a Kerberos-based authentication database. The company does not have a RADIUS server.. What device generates new encryption keys as wireless client devices roam between access points? A -

Client device B - WLAN switch/controller C - Kerberos server D - Ethernet switch E -

Lightweight access points

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=48

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

49

Given: A strong security policy is the first step in securing an 802.11 WLAN. What are the appropriate sections for a WLAN security policy? A - Off-site data backups B - Acceptable use and abuse of the network C - Periodic security audits D - Attack classification E -

Application performance standards

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=49

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

50

Given: John Smith has just completed the inst allation of a WLAN switch/controller with 10 lightweight (thin) access points. All VLANs use one RADIUS server. The VLANs are configured as follows: VLAN red (5 access points) - SSID red - Li ghtweight EAP (LEAP) authentication - CCMP cipher suite VLAN blue (5 access points) - SSID blue - EAP-TTLS authentication - CCMP cipher suite John?s computer can successfully authenticat e and browse the Internet when using the red VLAN. John?s computer cannot authenticate when using the blue VLAN. What is the most likely cause of the problem? A - The blue VLAN does not support cert ificate-based authentication traffic. B - The CCMP cipher suite is not a va lid option for EAP-TTLS authentication. C - The clock on John?s computer pre-dates the

RADIUS server?s certificate creation date/time. D - John does not have a valid Kerberos ID on the blue VLAN. E - The WIPS has been configured to perform a DoS attack on blue VLAN

RADIUS packets. F - The Lightweight Access Point Protocol (LWAPP) does not support

EAP-TTLS authentication over lightweight access points.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=50

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

51

What type of attack is prevented when TKIP us es an 8 octet message integrity check (MIC)?

A - Collision attack B - Forgery attack C - RF jamming attack D - Weak-key attack E -

Replay attack

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=51

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

52

Given: A large organization is designing a secure, scalable, and manageable 802.11g WLAN that will support hundreds of users. What feature is LEAST valuable when selecting the type

of WLAN switch/controller to purchase? A - WPA2-Enterprise authentication/encryption B - Internal RADIUS server C - Integrated WIPS D - 802.1Q

VLANs E - SNMPv3 support

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=52

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

53

Given: ABC company is deploying an 802.11i- compliantwireless security solution using

802.1X/EAP authentication. A ccording to company policy, the se curity solution must prevent an eavesdropper from decrypting dat a frames traversing a wireless connection. What security solution feature meets this policy requirement? A - Mutual Authentication B - Encrypted

Passphrase C - Message Integrity Check (MIC) D - 4-WayHandshake E - Integrity Check

Value (ICV)

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=53

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

54

What security protocols can use MS-CHAPv2 or EAP-TLS for wireless client authentication?

A - LEAP B - PPTP C - IPSec D - PEAP E - L2TP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=54

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

55

Given: ABC Company wants to implement a secure VoWLAN system that is compliant with the 802.11i standard and has the fastest roaming capab ility available. What WLAN system type is best suited for ABC Company? A - Wireless VoIP routers B - WLAN mesh routers

C - WLAN switches with lightweight ac cess points D - Autonomous (thick) access points

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=55

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

56

Given: ABC Corporation has a campus with 4 buildings in a hub and spoke topology (point-to-

multipoint). The company wants to connect ea ch spoke building with the hub building using wireless bridges, and they are concerned about security. ABC wants to use their existing VPN hardware to reduce costs, and the VPN hardwar e only supports PPTP VPN technology. They have hired you to evaluate this recommended solution for them. What paired statements accurately describe the use of PPTP in this environment? A - Advantage: PPTP is simple to implement. Disadvantage: PPTP introduces numerous new subnet boundaries. B -

Advantage: PPTP is widely supported. Disadvantage: PPTP does not support multiple protocols. C - Advantage: PPTP provides data encryption support. Disadvantage: PPTP does no t support RADIUS authentication. D - Advantage: PPTP pr ovides AES encryption.

Disadvantage: PPTP is open to network layer peer attacks.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=56

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

57

What WIPS parameter is confi gured to generate notifications? A - EAPoL-start frames: on/off B - 802.11h TPC capacity C - Probe sensitivity levels D - Policy threshold values E -

Social engineering status

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=57

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

58

Given: ABC Company has recently installed a WLAN switch/controller solution that uses

WPA2- Enterprise security. They have co nfigured a security profile on the WLAN switch for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups to receive the correct security profile? A - The WLAN switch retrieves a complete list of authenticated users and groups from a RADIUS server during each user authentication. B - The RADIUS server sends a group name return list attribute to the WLAN switch during every user authentication. C - The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN switch. D - The RADIUS server sends t he list of authenticated users a nd groups to the WLAN switch prior to any user authentication.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=58

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

59

In an 802.11i-compliant WLAN, when is the 802. 1X Controlled Port placed into the unblocked state? A - After a 4-Way Handshake B - After Open System Authentication C -

After any Group Handshake D - After generation of a PMK E - After RADIUS

Authentication

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=59

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

60

Given: The illustration shows the 802.11i amendment?s STAKey handshake. When is this handshake used? A - When a supplicant wishes to receive WMM information from an authenticator B - When two wireless client stations wish to establish a WDS C - When a wireless client station wants to roam to a peer station D - When two client stations want to comm unicate directly while associated to an AP E - When a wireless client station wants to establish a VPN tunnel to a peer station

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=60

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

61

When monitoring access points as illustrated, what secure protocols are used by a wireless network management system? A - IPSec B - HTTPS C - 802.1X/EAP D - SNMPv3

E - PPTP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=61

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

62

Given: ABC Corporation is migrating from W PA-Personal to WPA2-Enterprise for the added security and scalability be nefits. The migration is occurring gradually so the fewest number of users are disrupted simultaneously. What st atements regarding this migration are true? A

- Radio cards that do not support CCMP must be replaced. B - A new, longer passphrase must be given to each user migrating to WPA2-Enterprise. C - The existing WPA-Personal compliant RADIUS server must be upgraded to support WPA2- Enterprise. D - Because multiple cipher suites are in use, the WLAN will only be as secure as the weakest cipher suite. E - Personal firewall software must be installed on each client device to protect against transitional man-in-the-middle attacks.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=62

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

63

What attack cannot be detected by a Wirele ss Intrusion Prevention System (WIPS)? A -

MAC Spooling B - 802.11 eavesdropping C - Netstumbler D - Fake AP E - Deauthentication flood

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=63

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

64

When using a VPN-enabled router as a WLAN se gmentation device, what are the performance- limiting factors? A - Each VPN tunnel must have one x.509 certificate B -

Encrypted throughput of the VPN router C - 802.11e QoS frame tagging support D - The maximum number of tunnel terminations supported by the VPN router E - No support for private (non-rout able) IP addresses inside VPN tunnels

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=64

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

65

802.11a/g Wireless Intrusion Pr evention Systems (WIPS) are used for what purposes? A -

Performance monitoring and troubleshooting B - Enforcing wireless network policy C -

Detecting and defending against eavesdropping attacks D - Security monitoring and notification E - Preventing virtual carrier sens e attacks by 802.11 transmitters F -

Informing nearby access points of a failed access point

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=65

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

66

A WIPS performs what preventative measure against intrusions? A - EAPoL Start frame flood against a rogue AP B - Evil twin attack against a rogue AP C - Disassociation attack against an external AP that is not connected to your network D - NAV attack against an unclassified AP E - Deauthentication attack against an authorized client associating to a rogue

AP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=66

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

67

Given: ABC Corporation has decided to use I PSec VPN technology to secure their wireless connections. To prevent eavesdropping attacks, st rong encryption is a key factor in the security solution. What IPSec protocol is require d when the data payload must be encrypted? A - AH

B - IKE C - L2F D - ESP E - PPP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=67

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

68

Given: ABC Corporation is designing a security solution for their new wireless network. Some client device applications use Layer 3 protocol s other than IP. A consultant has recommended

VPN technology as part of the wireless soluti on, but ABC does not know which VPN protocol should be used. What VPN protocol is appropriate? A - IPSec B - EAP-TTLS C - Kerberos

D - PPTP E - SSH2 F - WPA

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=68

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

69

Given: Mary is troubleshooting an 802.11g netwo rk performance problem using WLAN protocol analyzer software on her 802.11a/g enabled laptop computer. The network is protected with 802.1X/PEAP, and the client devices are authenticating properly . When Mary configures her laptop for PEAP and tries to connect to the wireless network, s he is unsuccessful. What statement indicates why Mary cannot acce ss the network from her laptop computer? A - Mary needs a special security ch ip in her laptop to decode PEAP frames. B -

Mary?s wireless radio card do es not support PEAP frame formatting. C - The protocol analyzer?s PC card driver s do not support the version of PEAP being used. D - The authentication server is currently online. E - Mary must enter the proper PSK to decode PEAP frames.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=69

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

70

Given: A wireless network has recently been s ubjected to numerous Layer 1 and Layer 2

Denial of Service (DoS) attacks. What security so lution can detect and report when and where a DoS attack is occurring? A - Wireless IPS B - WLAN positioning system C - Distributed spectrum analyzers D - WPA2-Enterprise E - Wireless LAN discovery tools with GPS

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=70

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

71

What elements should be addressed by a WLAN security policy? A - Enabling encryption to prevent SSI Ds from being sent in clear text B - Use of rotating encryption key mechanisms as defined in the 802.11 standard C - End user training on security solutions D - Verification that all wireless infrastruc ture devices are attached to the network core E - Social engineering mitigation techniques F - Security policy details should only be known by IT staff to prevent abuse

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=71

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

72

Given: You own a coffee shop and have recently installed a free 802.11g wireless hotspot for the benefit of your customers. For legal reasons, yo u want to prevent spammers from sending bulk email through your Internet connection. What opt ion specifies the best approach to achieve this goal? A - Install WPA2-Personal security on your access point B - Install an

802.11g camera to monitor patron?s activities C - Block TCP port 25 outbound on the Internet router D - Allow only trusted patrons to use the WLAN E - Disable the WLAN during nonbusiness hours F - Use a WLAN protocol analyzer to locate and block malicious WLAN frames

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=72

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

73

What is illustrated on the RF spectrum analyzer? A - A high-power, narrowband si gnal at approximately 2.430 GHz B - A DSSS-based phased array WLAN antenna transmission C -

An OFDM access point operating on channel 6 D - A frequency hopping station transmitting on channel 5 E - A deauthentication frame from a WIPS blocking an AP on channel 5

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=73

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

74

Given: The XYZ Corporation employs 20 data ent ry clerks that use an unencrypted wireless

LAN to access the main network. An intruder is using a laptop running a software access point in an attempt to hijack the wireless users. How can the intruder cause all of these clients to establish Layer 2 connectivity with the software access point? A - WLAN clients can be forced to reassociate if t he intruder laptop uses a WLAN card capable of emitting at least 5 times more power than the authorized access point. B - A higher SSID value programmed into the intruder software access point will take priority over the SSID in the authorized access poi nt, causing the clients to reassociate. C - When the signal between the clients and the authoriz ed access point is temporarily disrupted and the intruder software access point is usi ng the same SSID on a different channel than the authorized access point, the clients will reassociate to the software access point. D - When the signal between the clients and the aut horized access point is permanently disrupted and the intruder software access point is using the same SSID and the same channel as the authorized access point, the clients will reassociate to the software access point.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=74

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

75

Given: A WLAN protocol analyzer captured the illu strated frame trace of an 802.11b client station authenticating to an access point using the 802.1X/LEAP protocol. What level of security is supported by the 802.11 b access point? A - WPA2-Enterprise B - WPA-Personal

C - Shared Key WEP-128 D - 802.1X with Dynamic WEP E - WPA-Enterprise

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=75

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

76

Given: The 802.11i Group Key Handshake is illustrated. When is this procedure used in a

WPA2-Enterprise network? A - When the PSK is regenerated B - When a new GTK is required and a security association already exists between peers C - When any supplicant

disassociates in a BSS D - When a WLAN controller fails over to a backup authentication server E - At the end of the default reassociation key timeout period

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=76

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

77

Given: As a consultant, you are asked to trou bleshoot ABC Corporation new WLAN. Several end users have complained about the following four symptoms: 1. While browsing the

Internet, the connection suddenly stops. 2. Instant messenger sessions get r andomly disconnected from the server. 3. Despite the interruption in signal, the users WL AN utility indicates the wireless connection is good. 4. Users IP addresses change to a different subnet unexpectedly. What wireless network attack produces these symptoms? A - PING sweep

B - Wideband RE jamming C - Eavesdropping D - Hijacking E - Bit-flipping

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=77

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

78

What wireless security protocols provide mutual authentication without using x.509 certificates? A - EAP-FAST B - LEAP C - EAP-TLS D - PEAPv0/EAP-

MSCHAPV2 E - EAP-TTLS F - PEAPv1/EAP-GTC

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=78

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

79

When used as part of a WLAN authenticati on solution, what is the role of LDAP? A - A data retrieval protocol used by an authentication service such as RADIUS B - An X.500 standard compliant database that can be queried by 802.1X compliant devices C - A SQL compliant authentication service capa ble of encryption key generation and distribution D - An EAP compliant port access control mechani sm for blocking connections until users are authenticated

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=79

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

80

What is illustrated on the RF spectrum analyzer? A - There is an 802.11b radio performing a wideband DoS attack on channels 1 through 11. B - A narrowband RF attack is in progress on channel 11, and there is an 802.11b access point on channel 1. C - Two FHSS systems have hopped onto channels 1 and 11 simultaneously. D - There are 802.11g access points on channels 1 and 11 and both are operating normally.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=80

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

81

What security weakness is present in pre- 802.11i systems using 802.1X with dynamic WEP?

A - There is no ability to authenticate individual users. B - The session key is crackable it enough traffic is transmitted using the key. C - All versions of EAP used with dynamic WEP pa ss the username across the wireless medium in clear text. D - APs automatically downgrade the security leve l to standard WEP it the wireless client device does not support dynamic WEP.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=81

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

82

Given: The 802.1X/EAP framew ork described by the 802.11i amendment is illustrated. Why is the 802.1X Controlled Po rt still blocked after the 802. 1X/EAP framework has completed successfully? A - The 802.1X Controlled Port is always blocked, but the Uncontrolled Po rt opens after the EAP authentication process completes. B - The 802.1X Controlled Port remains blocked until a Layer 3 address is obtained by the Supplicant. C - The 4-Way

Handshake must be completed succ essfully before the 802.1X Controlled Port changes to the unblocked state. D - The 802.1X Controlled Port is blocked until V ender Specific

Attributes (VSAs) are exchanged inside a radius packet between t he Authenticator and

Authentication Server.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=82

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

83

Given: ABC Corporation sends extremely sens itive data tiles and email across the wireless network daily. To prevent eavesdropping attacks, the company has decided that unbreakable

standards-based authentication and data encrypti on are needed on their new wireless LAN.

ABC has documented this requirement in their cor porate security policy. You have been hired to implement a wireless security solution that m eets their policy requirements. ABC has

3 access points and 15 users. What wireless LAN security solutions are appropriate?

A - WPA2-Personal with a strong passphrase B - 802.1X/Kerberos C - lPSec/AH VPN with

RBAC D - PPTP/MPPE-128 VPN E - WPA2-Enterprise with EAP-FAST

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=83

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

84

Wireless Intrusion Prevention Systems (WIPS) prov ide integrated protocol analysis engines to troubleshoot what problem? A - PMKSA caching in WLAN controllers B - Cipher suites supported by individual access points C - VoWLAN phones roaming between access points D

- 802.3af Power-over-Ethernet connectivity? E - Access Point CPU overloading

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=84

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

85

Given: Many corporations have guest VLANs on t heir WLAN that allow visitors to have wireless Internet access only. What risk s are associated with implementin g the guest VLAN without any security or control features? A - Intruders can send spam to the Internet through the guest VLAN. B - Peer-to-peer attacks between guest users cannot be prevented. C -

Unauthorized users can perform Internet-based network attacks through the WLAN. D - Guest users can reconfigure APs in the gue st VLAN unless 802.1X/EAP is configured on the APs.

E - Once guest users are associated to the WL AN, they can capture 802.11 frames from the corporate network.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=85

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

86

What protocols allow a network administrator to securely download log tiles from an access point? A - FTP over SSL B - TFTP over SSH2 C - SSH2 D - Telnet E - SNMPv3

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=86

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

87

Given: John Smith drives a forklift for ABC Co mpany. The forklift can reach speeds of 20mph

(32 km/h). The forklift has an 802.11g enabled industri al computer mounted to the frame which John uses to receive warehouse orders. The industrial laptop?s communication with the access point is secured with 802.11i compliant 802.1X/EAP-TTLS. The wareho use application requires reassociation speeds of <50m s, and 802.1X/EAP-TTLS authentication takes approximately 800ms. What is required for the warehouse application to work properly?

A - APs must have a hardware accelerator chip that performs ?fast key generation? after receiving a reauthentication message. B - No changes are needed, because 802.11i co mpliant devices can cache the initial PMK and send it to other APs over the wired network as needed. C - A WLAN controller that can maintain all PMKSAs internally must be installed. D - An x.509 certificate must be installed on the client to redu ce the EAP-TTLS authentication time to <50ms. E - The authentication server must be configured to generate, buffer, and distribute the next four temporal keys as needed.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=87

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

88

Given: XYZ Company has recently installed an 802.11g WLAN. The company needs the ability to control access to network services, such as file shares, intranet web servers, and

Internet access based on an employee?s job duties. What WLAN security solution meets this requirement? A - An autonomous access point with MAC filters B - An Enterprise

Encryption Gateway with LDAP support C - A VPN server with multiple DHCP scopes, one for a each type of user D - A WLAN controller with RBAC features E - A WLAN router with wireless VLAN support

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=88

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

89

After completing the installation of a new over lay WIPS, what baselining function must be performed? A - Approved 802.1X/EAP methods nee d to be selected and configured. B -

Identify the authorized, external, and rogue WLAN devices. C - Wireless Anomaly Detection

(WAD) filter s should be created on the WIPS management server. D - Authorized 802.3af traffic must be identified.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=89

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

90

What WLAN attack can be performed wi th the illustrated software utility? A - Fake AP B -

802.11 deauthentication C - Bit flipping D - MAC address spoofing E - 802.1X EAP Start flood

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=90

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

91

What processes are used to force an authenticated WLAN client?s data traffic into a specific

VLAN on the AP? A - Set the 802.11 q tag on the AP to correspond with the appropriate

VLAN on the Ethernet switch. B - RADIUS sends a return list attribute to the AP assigning the user to a specific VLAN. C - Create a ?data type? filter on t he AP to direct distinct traffic types into specific Ethernet VLANs. D - Create a username-to-VLAN mapping on the AP to di rect data traffic from a specific user to a designated VLAN. E - The AP is configured with manual SSID-to-VLAN mappings, and the user will be assigned to a VLAN according to the

SSID being used.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=91

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

92

Given: The ABC Corporation currently utilizes a Public Key Infrastruc ture (PKI) to allow employees to securely access network resources using smart cards. The wireless segment of the network uses WPA-En terprise as its primary security solution. You have been hired to recommend a Wi-Fi Alliance-a pproved EAP method. What solutions will require the least change in how users are curr ently authenticated and still integrate with their existing

PKI? A - EAP-FAST B - EAP-TLS C - PEAPv1/EAP-GTC D - LEAP E - PEAPv0/EAP-

MSCHAPv2

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=92

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

93

What security hole results from a lack of staging and installation procedures for WLAN infrastructure equipment? A - MAC address filters with mismatched OUls on access points

B - Default QoS priority settings C - Incorrect RADIUS IP address configuration on WLAN switches D - Default usernames and passwords on access points

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=93

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

94

Given: ABC Company will be implementing a WPA2 -Enterprise security so lution that utilizes an existing RADIUS server as part of a new WLAN . What RADIUS server feature is required? A - 802.11d support B - Windows compatibility C - EAP support D - CCMP support E - LDAP support

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=94

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

95

Given: This network diagram implements an 802.1X/EAP-based wireless security solution.

What device functions as the EAP Supplicant? A - LDAP Database B - Wireless Client

Computer C - Access Point D - RADIUS Server E - Ethernet Switch

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=95

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

96

What 802.11 WLAN se curity problem is solved by 802.1X/EAP mutual authentication? A -

Hijacking by rogue access points B - Weak password policies C - MAC spoofing D -

Disassociation attacks E - Offline dictionary attacks F - Weak Initialization Vectors

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=96

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

97

Given: The Marketing department WLAN users need to reach their own server and the

Internet, but should not have access to any other network resources. What WLAN security

feature should be implemented to comply with these requirements? A - Mutual authentication B - Wireless routing C - Captive portal D - Pole-based access control

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=97

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

98

Given: A pass-phrase-to-PSK mapping algorithm is recommended for use wi th Robust

Security Network Associations (RSNAs). Why does the 802.11i-2004 amendment implement this algorithm? A - To enhance the security level of the 4- Way Handshake when WPA2-

Personal is used B - To avoid using 802.1X/EAP authenticati on in independent ba sic service sets C - To eliminate proprietary roaming mechanisms when Preshared Key security is used D

- To encourage users unfamiliar with cryptographic concepts to enable the security features of their WLAN

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=98

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

99

Given: A WLAN protocol analyzer is illustrated sh owing the trace of a client station?s initial authentication onto the wireless network. What security mechanism is being used on the

WLAN? A - WEP-128 B - WPA-Personal C - IPSec/ESP D - WPA2-Enterprise E -

802.1X/LEAP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=99

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

100

Given: The ABC Hospital IT staff has agreed that an Enterprise Encryption Gateway (EEG) using a strong, proprietary, Layer 2 encryption techniqu e meets their corporate wireless security policy requirements. The access points are locat ed on the encrypted segment of the network. What option indicates what is required to manage the access points from a management workstation located on the network backbone? A - The access points must support AES encryption. B - The EEG must be configured to allow destinatio n-specific unencrypted traffic to traverse the encrypted segment. C - A proxy client must be located on the encrypted segment and configured to relay management traffic from the management station to each access point. D - This management technique is not possible. Access points on the encrypted side of an EEG can only be managed from the encrypted segment.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=100

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

101

In the 802.11i amendment, what is the pu rpose of the 802.1X Uncontrolled Port? A -

To allow authentication PDUs to flow bet ween the Supplicant and Authentication Server B -

To block authentication traffic until the 4-Way Handshake completes C - To pass general data traffic after the completion of 802.11i AKM D - To block unencrypted PDUs after a 4-Way

Handshake completes

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=101

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

102

What is the purpose of the Pairwise Transient Key (PTK) in 802.11i Authentication and Key

Management? A - The GMK, used for encrypting multicast data frames, is derived from the

PTK. B - The PTK is used to encrypt unicast data frames that traverse the wireless medium.

C - The PTK is XOR?d with the PSK on the Authentication server to create the AM key. D -

The PTK is used to encrypt the Pairwise Ma ster Key (PMK) for distribution to the 802.1X

Authenticator during the 802.11i 4-Way Handshake. E - The PTK is combined with a nonce during t he 802.11i 4-Way Handshake to create the GMK.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=102

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

103

What is the purpose of the 802.11i STAKey Handshake in a WLAN BSS? A - Initiating an

802.11r handoff, allowing ac cess points to use the IAPP protocol B - Producing keys for securing data frames directly between stations while associated with an access point C -

Initiates 802.11e client prioritization, ensuring two stations can control the medium until a data exchange is complete D - Producing Group Transient Keys (GTKs) for en crypting multicast and broadcast frames in a BSS E - Allows client stations to securely authenticate to a repeater access point F - Allows supplicants to roam across access points they have not prev iously associated to without using the 802.1X/EAP authentication process

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=103

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

104

When a rogue access point is discovered on a net work, what should be the immediate response of the network administrative staff? A - Immediately dispose of the rogue access point and notify management. B - Shut down the entire network until an investi gation can be completed and the logs reviewed. C - Call the police and lock everyone inside the facility. D - Make a list of everyone who was near the ac cess point at the time of its discovery. E - Detach the access point from the wired netwo rk and follow the organization response policy. F - Inform the security guard staff to begin parking lot patrols immediately.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=104

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

105

What WLAN security functions can be pe rformed by the illustrated software utility? A -

Generating strong passwords for WLAN infrastructure equipment logins B - Generating strong passwords for 802 .11i-compliant 802.1X/EAP-TLS systems C - Generating strong passwords for protecting a RADIUS server from application layer WLAN attacks D - Generating strong passwords for WLAN systems secured with WPA2-Personal E - Generating random

EAP-TTLS session keys

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=105

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

106

Given: John Smith uses a coffee shop?s Internet hotspot to transfer funds between his checking and savings accounts at his bank?s website. T he bank website uses the HTTPS protocol to protect sensitive account information. A hacker wa s able to obtain John bank account user ID and password and transfer all of John money to another account. How did the hacker obtain

John bank account user ID and password? A - John?s bank is using an expired x.509 certific ate on their web server. The certificate is on John?s Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted. B - John uses the same username and password for banking that he does for email. John used a POP3 email client at the wireless hotspot to check his email, and the user ID and password were not encrypted. C -

John uses the same username and password for banking that he does for his IPSec VPN software. John accessed his corporate network with his IPSec VPN software at the wireless hotspot. An IPSec VPN only encrypts data. T he user ID and password are sent in clear text. D

- The bank web server is using an x.509 certificat e that is not signed by a root CA and is also using an expired public key, causing t he user ID and password to be sent unencrypted.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=106

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

107

When using a Wireless Network Management System (WNMS), how are rogue access points discovered? A - Access points report all BSSID values they can hear to the WNMS via

SNMP. The BSSID values are compared against an authorized access point list. B -

Authorized access points detect unauthoriz ed RF fluctuations on channels where rogue access points are deployed. These fluc tuations are reported via SNMP to the WNMS. C - An open source finder tool is deployed by all WNMS vendors. This tool probes the RF channels for rogue access points and reports to the WNMS. D - Dedicated sensor access points are deployed throughout the coverage area. E- Proprietary detection protocols run on the 802.

11a/g access points and report all discovered access points to the WNMS analytics engine.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=107

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

108

What option specifies the similarity of an RF jamming attack and a wireless hijacking attack?

A - Both can be detected by wireless intrusion prevention systems. B - Both can be deterred by appropriate client security solutions. C - Both can be averted through the use of FHSS technology. D - Both can be blocked through the use of lockable enclosures for all access points. E - Both can be prevented through the use of 802.1X/EAP solutions.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=108

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

109

Exhibit 1 Exhibit 2 What system types are illustrated? A - WLAN switch device monitors B - Wireless VPN management systems C - WIPS dashboards D - RF spectrum scanners E - WNMS access point monitors

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=109

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

110

Given: ABC University has an Information Technol ogy (IT) building where the Active

Directory server is located. They are inst alling a small WLAN switch and a sm all RADIUS server in each of 20 campus buildings. WLAN encryption keys are generated by the RADI

US servers. Each RADIUS server will proxy user aut hentication to the Active Direct ory server in the IT building. What AAA model is described? A - Single site deployment B -

Distributed autonomous sites C - Distributed sites, centraliz ed authentication and security D -

Distributed sites and security, centralized authentication

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=110

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

111

Exhibit 1 Exhibit 2 Exhibit 3 What is the purpose of the illu strated

WLAN software utilities? A - Cracking TKIP encryption in real-time B - WLAN location and identification C - Performing offline dictionary attacks D - Capturing and decoding

802.11 frames E - Injecting 802.11 frames into a WLAN

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=111

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

112

What advantage does 802. 1X/EAP-TLS have over an IPSec/ESP VPN as a WLAN security solution when both are designed to use cli ent-side and server-side x.509 certificates? A -

EAP-TLS has less protocol ov erhead and therefore higher thro ughput at the same data rate. B

- EAP-TLS protects the client ?s username and password inside an encrypted tunnel, but IPSec does not. C - EAP-TLS is based on HTTPS, allowing Layer 2 encryption keys to be exchanged inside a secure tunnel. D - A data frame protected with EAP-TLS encrypt ion has two privacy fields in the header, providing two layers of security.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=112

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

113

As a part of a large organization security polic y, how should a wireless security professional address the problem of rogue access points? A - Use a WPA2-Enterprise compliant security so lution with strong authentication and encryption. B - Hide the SSID of all access points on the net work so that intruders don?t know how to configure rogue APs. C - Reduce the

power of all access point s on the network so that rogues stand out. D - Install and monitor a

WIPS by a trained employee.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=113

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

114

What statement accurately describes the f unctionality of the IEEE 802.1X-2004 standard? A

- Port access control with EAPoL support for 802.3 and 802.11 LANs B - Port access control with encrypt ion key management and distribution C - Port access control with support for authenticated-user VLANs only D - Port access control with support for EAP-MD5 authentication and RC4 encryption only

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=114

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

115

TKIP uses a per-MPDU TKIP sequence counter (T SC) to prevent what type or WLAN attack?

A - Weak-IV B - Forgery C - Replay D - Bit-flipping E - Session hijacking

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=115

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

116

Given: The ABC Corporation has not implem ented a WLAN due to constant standards development and changes within the industry. As th e lead network administrator, you inform the IT staff that with the ratification of the 802. 11i amendment, most vendors have submitted their equipment for WPA2 interoperability testing. While most of the staff seems encouraged, one of the administrators is skeptical concerning whethe r the WPA2 certification adds value to the equipment. What statement addresses this concern? A - WPA2-certified equipment can support RSNAs and Shared Key WEP sessions simultaneously. B - WPA2-certified equipment can use TKIP for backwards compatibility with WPA-certified equipment. C -

WPA2-certified equipment supports both layer 2 and layer 3 security mechanisms, unlike

WPA. D - WPA2-certified equipment supports all secu rity features found in the 802.11i amendment.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=116

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

117

What is the most effective defense against an RF jamming attack? A - Installing all access points in lockable enclosures B - Virtual Private Network technology C - Higher gain on access point antenna s and higher output power on access points D - Physical security of the premises E - Multi-factor authentication on the wireless network F - Surrounding access points with RF barriers

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=117

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

118

Given: ABC Company uses their 802.11a/g WLAN ex tensively to move general data traffic,

VoWLAN traffic, and guest access Internet-only data. What is the best approach to achieve the high est level of security and QoS for each data type while minimizing troubleshooting complexity across the entire WLAN? A - Each QoS and security level should have its own SSID B - 802.11h should be implemented for Q0S and 802.11i should be implemented for security. This is true for 802.11a and 802.11g. C - Each data type should be on a separate VLAN. D - Implement DiffServ bit detection and transference for QoS and security. E - Guest access should use 802.11g and all other traffic should use 802.11a.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=118

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

119

What valid method is used by lightweight (t hin) access points to locate their WLAN switch/controller? A - The access points can use the Dynamic Thin Access Point Protocol

(DTAPP) to identify and communicate with a controller. B - Controllers contain unique

Radio Frequency Identifier (RFID) tags that can be located and tracked by lightweight access points. C - Lightweight access points are programmed with the DNS name of the controller. They receive an IP address and the address of a DNS server from a DHCP server.

D - Lightweight access points identify their controll er by the LOCN field in the controller?s beacon frames. E - Controllers use the Address Resolution Protocol (ARP) to map Layer 3

IP addresses to the MAC addresses of the access points. F - Lightweight access points use

SNMP to det ermine the host name and IP address of the controller.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=119

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

120

Given: The 802.11i amendments 4- Way Handshake is illustrated. What statement regarding the Nonces used in the 4-Way Handshake is true? A - Both Nonces are used by the

Supplicant and Authenticator in the derivation of a single PTK. B - The Supplicant uses the

ANonce to derive it s unique PTK, and the Authenticator uses the SNonce to derive its unique PTK. C - Nonces are the secret keys that are combined to unblock the 802.1X controlled port. D - The SNonce and ANonce are combined at t he Supplicant and

Authenticator to create unique PTKs for each device. E - The Nonces are created by mixing the MAC addresses of the Supplicant and the Authenticator.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=120

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

121

A. End-user buy in. B. Executive sponsorship. C. Technical thoroughness. D. Accurate assessments.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=121

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

122

What does the term SPAM refer to?

A. Sending worm viruses via email

B. Sending unsolicited bulk email.

C. Sending trojan horse email viruses

D. Uploading pornographic material to a company website

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=122

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

123

What is the term that refers to the actions a hacker takes immediately after intruding into a system to open up more security holes in the system?

A. Unauthorized access

B. Opening the front door.

C. Hijacking

D. Spy lining

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=123

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

124

Which of the following is the least effective manner of enforcing end-user compliance with corporate wireless security policy?

A. Small group accountability

B. Financial incentives

C. Restricting network use

D. Periodic spot checks

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=124

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

125

Which of the following items is NOT a security risk a network administrator can spot using a wireless packet analyzer?

A. oversized RF cells

B. missing security patches.

C. exposed Network Layer information

D. unencrypted wireless traffic

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=125

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

126

Concerning RADIUS, what term refers to the desig n capability that allows multiple servers to run as a single computer, where each shares in the workload of the application? A.

Shred documents prior to throwing them away. B. End-user verifies support center iden tity before giving password information. C. Positively identify person calling help desk. D. Use established, secure channels for passing security information.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=126

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

127

Which of the following Layer 2 security soluti ons provides for unique and changing encryption keys so an intruder will never be able to collect enough data to crack the keys?

A. Dynamic WEP

B. TKIP

C. Static WEP

D. 802.lx/EAP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=127

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

128

What purpose does eliminating availability of some services from a wireless segment of a network serve?

A. Speeds email communications

B. Creates more bandwidth for file sharing

C. Reduces security risk to the entire network

D. Forces end-users to comp ly with security program

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=128

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

129

Your company has not installed an intrusion dete ction system on your network. Which of the following actions would reduce the effectiveness of your manual network scan for rogue devices?

A. Search in the 2.4-2.5 GHz band.

B. Use a wireless packet analyzer for the scan.

C. Search all physical locations of the company.

D. Use an up-to-date listing of the MAC addr esses and SSIDs of all authorized devices.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=129

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

130

Which encryption mode has been selected for use in IEEE 802.11i?

A. RC6

B. 3DES

C. PSK

D. AES-CCMP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=130

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

131

Which IEEE standard provides an authentication framework for 802 -based LANs. It is not a

purely wireless standard, and its users are identified by individual user credentials rather than hardware identifiers? A. 802.lx B. 802.11b C. 802.11i D. 802.11f

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=131

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

132

During the interim phase of WPA, with some pha ses of IEEE 802.11i in place, what is a major consideration a network administrator must have about using TKIP?

A. Lost message integrity checks

B. Possibility of weak-key attacks

C. Possibility of replay attacks

D. Lack of interoper ability between vendors

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=132

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

133

What benefit does Windows 2000 service pack 3, called SysKey, provide for network security?

A. Prevents peer file sharing.

B. Prevents decryption of the WEP key.

C. Offers better virus protection.

D. Prevents password capture by LOphtCrack.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=133

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

134

Proprietary protocols are sometimes used for add ed security. Which of the following would not be considered a security advantage of using a proprietary protocol?

A. Uses per packet authentication

B. Entire communication process strongly encrypted

C. Uses features not yet available on the market

D. Uses leading-edge encryption algorithms

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=134

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

135

Which of the following is a network design flaw with respect to redundancy?

A. Multiple frequency bands are used

B. AP co-location used

C. All AP s on same VLAN behind a router

D. AP s installed with hot/cold failover switches

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=135

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

136

Which of the following terms refers to the process a hacker may use to discover open wireless

LANs.

A. War Driving

B. War Chalking

C. Trace Routing

D. Search Engines

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=136

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

137

Public Key Authentication is one of the most secu re methods used to authenticate secure shell.

What is the range of bit lengths for each key?

A. 128 to 256 bits

B. 64 to 128 bits

C. 1024 to 2048 bits

D. 512 to 1024 bits

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=137

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

138

Because its bit strength is greater, providing be tter security with only a slight increase in overhead, which of the following data integrity mechanisms is recommended for use with

IPSec?

A. SHA-1

B. MD5

C. DES

D. RC4

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=138

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

139

Which statement is true of the Tran sport and Tunnel modes of IPSec?

A. Tunnel mode encrypts only the payload (data).

B. Transport mode encrypts both the header and payload.

C. Transport mode encrypts only the payload (data).

D. Both modes encrypt both the header and payload.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=139

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

140

What type of information gathering is used by an intruder to determine usage levels of parts of a LAN, peak activity periods, and w here data is headed on the network?

A. LAN Mapping

B. Trace Routing

C. Target Profiling

D. Traffic Pattern Analysis

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=140

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

141

In a hijack to create a denial of service in a wire less LAN, what is the focal point of the hijack?

A. Layer 2

B. Layer 3

C. DHCP File Server

D. Authorized Access Point

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=141

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

142

A self-replicating and self-prolif erating virus often delivered in email is called a what?

A. Rogue

B. Spyware

C. Trojan Horse

D. Worm

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=142

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

143

Which of the following is not true concerning a typical Kerberos implementation?

A. Dynamic encryption key distribution

B. New keys generated at start of every session

C. Mutual authentication

D. Clear text password entry and transmission

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=143

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

144

Before the inclusion of authenticat ion protocols, DHCP was susceptible to hijacking. An attack would normally begin by jamming a particular channel. What system response created the security hole?

A. Clients would be forced to roam, and would be unable to reconnect with the network.

B. Clients would be forced to roam, and t hen release their network IP addresses.

C. Clients would become saturated a nd would cease transmission of data.

D. Clients would be forced to roam, and then leas e an IP address from a rogue DHCP server.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=144

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

145

What is the term used for a system that insp ects inbound and outbound traffic and attempts to identify suspicious activity?

A. Firewall

B. VPN Concentrator

C. Intrusion Detection System

D. Authentication Server

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=145

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

146

Which of the following actions would not represent a good baseline security action to be taken with SSIDs?

A. Keep SSID code settings confidential.

B. Change the default SSID setting to something cryptic

C. Change the SSID setting to the department name

D. Change the SSID setting to closed system

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=146

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

147

What type of device can be deployed on an enterpr ise class access point that will alert system management of a packet flooding type of denial of service attack?

A. Auto dialer

B. SNMP trap

C. Signal generator

D. RF antenna

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=147

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

148

A scenario where a hacker intrudes on one network to send malicious data, like SPAM or viruses, to another network is referred to as what?

A. Malicious data insertion

B. Hijacking

C. Illegal transmission

D. Third path attack

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=148

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

149

Which of the following issues is not one that mu st be addressed by a company s wireless security plan?

A. Capacity

B. Intrusion

C. Privacy

D. Resources

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=149

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

150

How does installing software that generates fake ac cess points help to reduce the effectiveness of discovery tools like Netstumbler and Kismet?

A. Forces the programs to channel hop.

B. Jams data transmission with multiple probe response frames.

C. Fools the programs into believing there ar e hundreds of access points on the network.

D. Overloads the discovery program with data.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=150

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

151

Which type of attack against WEP is performed by capturing encrypted packets, changing some of the data within them, and then resending the packets?

A. Replay

B. Weak-key

C. Collision

D. Forgery

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=151

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

152

What method would an intruder use to force lo cal client devices to roam, or to introduce interference to examine stability?

A. RF Jamming

B. Port Scanning

C. Operating System Fingerprinting

D. War walking

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=152

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

153

Which of the following actions will no t enhance outdoor br idge link security?

A. Utilize strong encryption and authentication

B. Enable client connectivity at the bridge

C. Change the bridge default settings

D. Use 802.1x/EAP authentication.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=153

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

154

Which of the following statements is true conc erning the authentication processes of PPTP and L2TP?

A. Their authentication processes are virtually the same.

B. PPTP authentication process is encrypted, where L2TP is not.

C. PPTP requires two levels of authentication; L2TP requires only one.

D. L2TP requires two levels of aut hentication; PPTP requires only one.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=154

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

155

What does an intruder need to have to attack a network using network management tools like

Hyena and LANBrowser?

A. Administrative Access.

B. Email Server

C. Wireless Card.

D. Application Layer Analyzer

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=155

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

156

You decide to utilize RBAC for your wireless VPN. Which of the following is not an advantage of this arrangement?

A. Reduces administrative overhead.

B. PPTP

C. SSH2

D. IPSec

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=156

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

157

Which VPN protocol is described by: supports multiple encapsulated protocols, authentication and encryption, and uses a c lient/server architecture?

A. PPTP

B. L2TP

C. SSH2

D. IPSec

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=157

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

158

Which type of segmentation device is described by : intelligent, but slow, uses security that is equivalent to a strong set of access control lists?

A. Firewall

B. Router

C. Layer 3 switch

D. VPN Concentrator

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=158

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

159

Which type of segmentation device is describe d by: used to filter between networks, can be designed as all-purpose or for specific filtering functions?

A. Router

B. Firewall

C. VPN Concentrator

D. Enterprise Encryption Gateway

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=159

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

160

Which EAP authentication type is characterized by: one-way authenticat ion, password-based protocol, and does not use WEP keys?

A. EAP-TTLS

B. LEAP

C. EAP-TLS

D. EAP-MD5

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=160

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

161

Which EAP authentication type is characterized by the creation of an en crypted tunnel between the supplicant and the authentication server?

A. EAP-TTLS

B. LEAP

C. PEAP

D. EAP-TLS

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=161

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

162

An access point using an EAP protocol.A c lient device sends it an EAP-start message. What is the FIRST action the access point takes?

A. AP enables port to authorized state.

B. AP detects client.

C. AP sends identity request to client.

D. AP enables port to unauthorized state.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=162

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

163

Which EAP authentication type is characterized by: based on Secure Socket Layer protocol and used both server-side and client-side certificates?

A. EAP-MD5

B. LEAP

C. EAP-TTLS

D. EAP-TLS

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=163

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

164

Which of the following Layer 2 security soluti ons provides for unique and changing encryption keys with the addition of a flexible authentication protocol, and adds broadcast key rotation in some implementations?

A. 802.1x/EAP

B. Dynamic WEP

C. Static WEP

D. TKIP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=164

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

165

Which of the following Layer 2 security soluti ons provides for unique and changing encryption keys so an intruder will never be able to collect enough data to crack the keys?

A. Dynamic WEP

B. TKIP

C. Static WEP

D. 802.1x/EAP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=165

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

166

Which EAP authentication type is characterized by : any kind of supplicant credentials can be used; mutual authentication but only server-side digital certificates?

A. EAP-TLS

B. LEAP

C. PEAP

D. EAP-TTLS

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=166

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

167

Which of the following is not correct concerning Authenticated Host Configuration Protocols?

A. Provide a framework for passing configurat ion information to hosts on a

TCP/IPnetwork.

B. Software keeps track of IP addresses

C. Computers added to network without manually assigning an IP address

D. Servers are able to authenticate clients.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=167

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

168

A network is configured with an EWG performi ng NAPT with a RADIUS server doing portbased access control. Which of the following is NO T an additional configuration step a network administrator needs to take in order to effectively manage this arrangement?

A. During RADIUS server configuratio n, give each NAS entry an IP address

B. Configure access points with gateway addresses

C. Configure EWG to do 1:1 static NAT mappings

D. Enable port mapping to manage access points.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=168

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

169

What is the term for the sequence of bits used as a key in a stream cipher?

A. keystream

B. bitwise XOR

C. self-synchronous

D. symmetric algorithm

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=169

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

170

Which type of segmentation device is described by: support RADIUS or ACS authentication, do not perform routing, is a Layer 2 encryption dev ice that also may do Layer 4 port filtering?

A. Enterprise Encryption Gateway

B. Router

C. VPN Concentrator

D. Firewall

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=170

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

171

Which VPN protocol is described by: A collectio n of IETF standards that include specifics on key management protocols as well as the encrypted packet formats/protocols?

A. L2TP

B. IPSec

C. SSH2

D. PPTP

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=171

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

172

Which VPN protocol is described by: An open standar d that is guided by the IETF, it provides a cryptographically secure TCP/IP tunnel between two computers with aut hentication, encryption occurs at the transport layer?

A. IPSec

B. PPTP

C. L2TP

D. SSH2

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=172

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

173

A wireless VPN client device is used to dial in to a VPN server, which is wired into a network.

What type of VPN connection is this?

A. Remote access

B. Peer-to-peer

C. Enterprise wireless gateway

D. Network

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=173

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

174

What portion of an IDS monitors network segment s and compares their current status to the normal baseline?

A. Vulnerability detection

B. Misuse detection

C. Anomaly detection

D. Performance monitoring

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=174

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

175

What portion of an IDS analyzes gathered in formation and monitors business rules for the wireless LAN, acting almost like a traditional management system?

A. Misuse detection

B. Vulnerability detection

C. Anomaly detection

D. Performance monitoring

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=175

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

176

A network administration team gets minimum, ma ximum, and average values from baseline data and uses it for setting alarms on their IDS softwar e. Which type of traffic baselining is this?

A. Reference

B. Performance

C. Security

D. Emergent

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=176

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

177

A network administration team installs a new segment of a wireless LAN, then monitors its performance over the next several days, collecti ng data on all facets of its operation. Which type of traffic baselining is this?

A. Reference

B. Performance

C. Security

D. Emergent

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=177

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

178

Which type of wireless LAN authentication prot ocol features user-based authentication and accounting service, and either uses an in ternal or external database of users?

A. Kerberos

B. RADIUS

C. LDAP

D. Multi-factor Authentication

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=178

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

179

Which type of encryption is a va riable length stream cipher, is used by WEP, TKIP, MPPE,

SSL and TLS security protocols, and is considered to be moderately secure?

A. AES

B. DES/3DES

C. RC5

D. RC4

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=179

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

180

Which encryption scheme is both a block cipher and a product cipher, and is widely used by

the financial services industry?

A. DES/3DES

B. AES

C. RC2

D. RC4

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=180

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

181

IPSec uses a security protocol called Encapsul ating Security Payload. How is this achieved?

A. A keyed one-way hash function is applied to the datagram to create a message digest.

B. An encrypted authentication code is transmitted as a message digest.

C. Performing encryption at the IP layer.

D. A shared code is mutually transmitted between stations.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=181

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

182

Which IEEE standard addresses wireless LAN se curity, and specifies the use of TKIP and

802.1x/EAP with mutual authentication as possible security solutions.

A. 802.1x

B. WPA

C. 802.11f

D. 802.11i

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=182

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

183

Which of the following is not an advantage of 802.1x? It supports many encryption protocols such as DES, 3DES and AES. In a reconfiguration attack of a wireless network

, a hacker may set up a virtual server. What is this?

A. Redirected port mappings that a llow internal hosting of services.

B. Network management utilities like Solarwinds and SNMPc.

C. A software application that enables Telnet.

D. A type of rogue device.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=183

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

184

In a reconfiguration attack of a wireless network , a hacker may set up a virtual server. What is this?

A. Redirected port mappings that a llow internal hosting of services.

B. Network management utilities like Solarwinds and SNMPc.

C. A software application that enables Telnet.

D. A type of rogue device.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=184

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

185

RADIUS has been overwhelmingly adopted as the preferred authentication process for

WLAN S using 802.1x based security solutions. Which of t he reasons for this listed below is not correct?

A. Authentication based on hardware

B. Hardware theft does not compromise security because user authorization is required

C. RADIUS already in heavy use in wired LAN s

D. Accounting and auditing are available, allowing usage auditing and intrusion alarms.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=PW0-200&qno=185

-------------------------------------------------------------------------------------------------------------------------------------

TwPass Certification Exam Features;

- TwPass offers over

2500

Certification exams for professionals.

- More than

98,800

Satisfied Customers Worldwide.

- Average

99.8%

Success Rate.

- Over

120

Global Certification Vendors Covered.

- Services of Professional & Certified Experts available via support.

- Free 90 days updates to match real exam scenarios.

- Instant Download Access!

No Setup required.

- Price as low as $19, which is 80% more cost effective than others.

- Verified answers researched by industry experts.

- Study Material

updated

on regular basis.

- Questions / Answers are downloadable in

PDF

format.

- Mobile Device Supported (Android, iPhone, iPod, iPad)

-

No authorization

code required to open exam.

-

Portable

anywhere.

-

Guaranteed Success

.

- Fast, helpful support 24x7.

View list of All Exams (AE);

http://www.twpass.com/twpass.com/vendors.aspx

Download Any Certication Exam DEMO.

http://www.twpass.com/twpass.com/vendors.aspx

To purchase Full version of exam click below; http://www.TwPass.com/

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement