This page was exported from Free Braindump2go Latest Microsoft Exam Dumps [ http://www.cwnpdumps.com ] Export date:Mon May 20 12:51:04 2019 / +0000 GMT ___________________________________________________ Title: Free Download Pass4sure and Lead2pass CWNP PW0-204 Exam Question with PDF & VCE (21-30) --------------------------------------------------- QUESTION 21What limitations are present with PMK caching (or PMKSA caching) when 802.1X/EAP authentication is in use?A.    PMK caching may only be supported when the authentication server (SA) is collocated with the authenticator, as with WLAN controllers using an internal RADIUS server.B.    PMK caching has a maximum PMKSA storage threshold of five keys, which limits the fast roaming capability to a mobility group of five APs.C.    PMK caching allows to fast roaming between APs when they are managed by a single controller, but it does not support inter-controller handoffsD.    PMK caching can only retain PMKSAs once they are present, but it can not create new PMKSAs without a full 802.1X/EAP authentication nor can it distribute an existing PMKSA to other APs. Answer: C QUESTION 22As a primary security engineer for a large corporate network you have been asked to author a new security policy for the wireless network while most clients devices support 802.11X authentication some legacy devices still passphrase.When writing the 802.11 security policy, what password related items should be addressed? A.    Password should include a combination of upper and lower case latter, numbers, and special characters.B.    Certificate should always by recommended instead of passwords for 802.11 client authentication.C.    Password complexity should be maximized so that the weak IV attacks are prevented.D.    Password creation process should be defined to maximize the strength of PSK based authentication.E.    MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2=PSK passphrase. Answer: AD QUESTION 23When opportunistic key caching (OKC) is supported on the wireless network, what steps must occur before a successful roam is completed? (Choose 2) A.    EAP authentication must be conducted between the supplicant and ASB.    The AS must be queried for derivation of new PMKC.    The authenticator must query the RADIUS server to validate the supplicantD.    New open system authentication must be performedE.    Supplicant and authenticator must establish a new PTK Answer: AC QUESTION 24What penetative measures are performed by a WIPS against intrusions? A.    Uses SNMP to disable the switch port to which rogue APs connectB.    Deauthentication attack against a classified neighbor APC.    Evil twin attack against a classified neighbor APD.    Evil twin attack against a rogue APE.    EAPoL reject frame flood against AP Answer: AB QUESTION 25Choose the statement that explains that why the frame exchanged from Exhibit -1 took more frames than the frames exchanged from Exhibit-2 when both authentication were successful. A.    Exhibit-1 and Exhibit -2 are using different EAP types.B.    Exhibit-2 has transmission of EAP frames.C.    Exhibit-1 is a TSN, and Exhibit-2 is an RSND.    Exhibit-1 is association and Exhibit-2 is an initial association.E.    Exhibit-1 and Exhibit-2 are using different cipher suits. Answer: D QUESTION 26What TKIP features prevent attacks against the known weaknesses of WEP? (Choose 3) A.    32 bit ICV (CRC 32)B.    Sequence countersC.    MichaelD.    RC5 stream cipherE.    Block cipher supportF.    Increased IV length Answer: BCF QUESTION 27Given: The ABC corporation currently utilizes a public key infrastructure (PKI) to allow employees to securely access network resources using smart cards. The wireless network will use WPA2- Enterprise as its primary security solution. You have been hired to recommend a Wi-Fi alliance tested EAP method.What solutions will require the least change inhowusers are currently authenticated and still integrate with there existing PKI? A.    PEAPv0/EAP-MSCHAPv2B.    EAP-TLSC.    EAP-TTLS/MSCHAPv2D.    PEAPv0/EAP-TLSE.    LEAP Answer: D QUESTION 28Given:Many travelling business users connect to internet at airports, which often have 802.11g access points with a captive portal for authentication.While using an airport hot spot with this security solution, to what type of wireless attack is user susceptible? (Choose 2) A.    IGMP-snoopingB.    Man-in-middleC.    Wi-Fi ARP poisingD.    Management interface exploitsE.    Wi-Fi phishing Answer: AE QUESTION 29Which of the following stream ciphers is both a block cipher and a product cipher? A.    RC2B.    AESC.    DESD.    RC4 Answer: C QUESTION 30Review the exhibit and answer the following question. When monitoring APs within A LAN using a wireless network management system (WNMS, what secure protocol may be used by the WNMS to issue configuration change toAPs? A.    TFTPB.    SNMPv3C.    802.1X/EAPD.    PPTPE.    IPSec/ESP Answer: B If you want to pass the CWNP PW0-204 exam sucessfully, recommend to read latest CWNP PW0-204 Dumps full version. --------------------------------------------------- Images: http://examgod.com/geimages/Free-Download-Pass4sure-and-Lead2pass-CW_A671/image.png http://examgod.com/geimages/Free-Download-Pass4sure-and-Lead2pass-CW_A671/image_3.png http://examgod.com/geimages/Free-Download-Pass4sure-and-Lead2pass-CW_A671/image_5.png --------------------------------------------------- --------------------------------------------------- Post date: 2014-03-06 03:36:20 Post date GMT: 2014-03-06 03:36:20 Post modified date: 2014-03-06 03:36:20 Post modified date GMT: 2014-03-06 03:36:20 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com