This page was exported from Free Braindump2go Latest Microsoft Exam Dumps [ http://www.cwnpdumps.com ]
Export date: Mon May 20 12:40:38 2019 / +0000 GMT

Free Download Pass4sure and Lead2pass CWNP PW0-204 Exam Question with PDF & VCE (21-30)



QUESTION 21
What limitations are present with PMK caching (or PMKSA caching) when 802.1X/EAP authentication is in use?

A.    PMK caching may only be supported when the authentication server (SA) is collocated with the
authenticator, as with WLAN controllers using an internal RADIUS server.
B.    PMK caching has a maximum PMKSA storage threshold of five keys, which limits the fast roaming
capability to a mobility group of five APs.
C.    PMK caching allows to fast roaming between APs when they are managed by a single controller, but
it does not support inter-controller handoffs
D.    PMK caching can only retain PMKSAs once they are present, but it can not create new PMKSAs without
a full 802.1X/EAP authentication nor can it distribute an existing PMKSA to other APs.

Answer: C


QUESTION 22
As a primary security engineer for a large corporate network you have been asked to author a new security policy for the wireless network while most clients devices support 802.11X authentication some legacy devices still passphrase.
When writing the 802.11 security policy, what password related items should be addressed?

A.    Password should include a combination of upper and lower case latter, numbers, and special characters.
B.    Certificate should always by recommended instead of passwords for 802.11 client authentication.
C.    Password complexity should be maximized so that the weak IV attacks are prevented.
D.    Password creation process should be defined to maximize the strength of PSK based authentication.
E.    MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2=PSK passphrase.

Answer: AD


QUESTION 23
When opportunistic key caching (OKC) is supported on the wireless network, what steps must occur before a successful roam is completed? (Choose 2)

A.    EAP authentication must be conducted between the supplicant and AS
B.    The AS must be queried for derivation of new PMK
C.    The authenticator must query the RADIUS server to validate the supplicant
D.    New open system authentication must be performed
E.    Supplicant and authenticator must establish a new PTK

Answer: AC


QUESTION 24
What penetative measures are performed by a WIPS against intrusions?

A.    Uses SNMP to disable the switch port to which rogue APs connect
B.    Deauthentication attack against a classified neighbor AP
C.    Evil twin attack against a classified neighbor AP
D.    Evil twin attack against a rogue AP
E.    EAPoL reject frame flood against AP

Answer: AB


QUESTION 25
Choose the statement that explains that why the frame exchanged from Exhibit -1 took more frames than the frames exchanged from Exhibit-2 when both authentication were successful.

image

image
A.    Exhibit-1 and Exhibit -2 are using different EAP types.
B.    Exhibit-2 has transmission of EAP frames.
C.    Exhibit-1 is a TSN, and Exhibit-2 is an RSN
D.    Exhibit-1 is association and Exhibit-2 is an initial association.
E.    Exhibit-1 and Exhibit-2 are using different cipher suits.

Answer: D


QUESTION 26
What TKIP features prevent attacks against the known weaknesses of WEP? (Choose 3)

A.    32 bit ICV (CRC 32)
B.    Sequence counters
C.    Michael
D.    RC5 stream cipher
E.    Block cipher support
F.    Increased IV length

Answer: BCF


QUESTION 27
Given: The ABC corporation currently utilizes a public key infrastructure (PKI) to allow employees to securely access network resources using smart cards. The wireless network will use WPA2- Enterprise as its primary security solution. You have been hired to recommend a Wi-Fi alliance tested EAP method.
What solutions will require the least change inhowusers are currently authenticated and still integrate with there existing PKI?

A.    PEAPv0/EAP-MSCHAPv2
B.    EAP-TLS
C.    EAP-TTLS/MSCHAPv2
D.    PEAPv0/EAP-TLS
E.    LEAP

Answer: D


QUESTION 28
Given:Many travelling business users connect to internet at airports, which often have 802.11g access points with a captive portal for authentication.
While using an airport hot spot with this security solution, to what type of wireless attack is user susceptible? (Choose 2)

A.    IGMP-snooping
B.    Man-in-middle
C.    Wi-Fi ARP poising
D.    Management interface exploits
E.    Wi-Fi phishing

Answer: AE


QUESTION 29
Which of the following stream ciphers is both a block cipher and a product cipher?

A.    RC2
B.    AES
C.    DES
D.    RC4

Answer: C


QUESTION 30
Review the exhibit and answer the following question. When monitoring APs within A LAN using a wireless network management system (WNMS, what secure protocol may be used by the WNMS to issue configuration change toAPs?

image
A.    TFTP
B.    SNMPv3
C.    802.1X/EAP
D.    PPTP
E.    IPSec/ESP

Answer: B

If you want to pass the CWNP PW0-204 exam sucessfully, recommend to read latest CWNP PW0-204 Dumps full version.

 

 


Post date: 2014-03-06 03:36:20
Post date GMT: 2014-03-06 03:36:20
Post modified date: 2014-03-06 03:36:20
Post modified date GMT: 2014-03-06 03:36:20

Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com