Free Download Pass4sure and Lead2pass CWNP PW0-204 Exam Question with PDF & VCE (21-30)

What limitations are present with PMK caching (or PMKSA caching) when 802.1X/EAP authentication is in use?

A.    PMK caching may only be supported when the authentication server (SA) is collocated with the
authenticator, as with WLAN controllers using an internal RADIUS server.
B.    PMK caching has a maximum PMKSA storage threshold of five keys, which limits the fast roaming
capability to a mobility group of five APs.
C.    PMK caching allows to fast roaming between APs when they are managed by a single controller, but
it does not support inter-controller handoffs
D.    PMK caching can only retain PMKSAs once they are present, but it can not create new PMKSAs without
a full 802.1X/EAP authentication nor can it distribute an existing PMKSA to other APs.

Answer: C

As a primary security engineer for a large corporate network you have been asked to author a new security policy for the wireless network while most clients devices support 802.11X authentication some legacy devices still passphrase.
When writing the 802.11 security policy, what password related items should be addressed?

A.    Password should include a combination of upper and lower case latter, numbers, and special characters.
B.    Certificate should always by recommended instead of passwords for 802.11 client authentication.
C.    Password complexity should be maximized so that the weak IV attacks are prevented.
D.    Password creation process should be defined to maximize the strength of PSK based authentication.
E.    MSCHAPv2 passwords used with EAP/PEAPv0 should be stronger than typical WPA2=PSK passphrase.

Answer: AD

When opportunistic key caching (OKC) is supported on the wireless network, what steps must occur before a successful roam is completed? (Choose 2)

A.    EAP authentication must be conducted between the supplicant and AS
B.    The AS must be queried for derivation of new PMK
C.    The authenticator must query the RADIUS server to validate the supplicant
D.    New open system authentication must be performed
E.    Supplicant and authenticator must establish a new PTK

Answer: AC

What penetative measures are performed by a WIPS against intrusions?

A.    Uses SNMP to disable the switch port to which rogue APs connect
B.    Deauthentication attack against a classified neighbor AP
C.    Evil twin attack against a classified neighbor AP
D.    Evil twin attack against a rogue AP
E.    EAPoL reject frame flood against AP

Answer: AB

Choose the statement that explains that why the frame exchanged from Exhibit -1 took more frames than the frames exchanged from Exhibit-2 when both authentication were successful.


A.    Exhibit-1 and Exhibit -2 are using different EAP types.
B.    Exhibit-2 has transmission of EAP frames.
C.    Exhibit-1 is a TSN, and Exhibit-2 is an RSN
D.    Exhibit-1 is association and Exhibit-2 is an initial association.
E.    Exhibit-1 and Exhibit-2 are using different cipher suits.

Answer: D

What TKIP features prevent attacks against the known weaknesses of WEP? (Choose 3)

A.    32 bit ICV (CRC 32)
B.    Sequence counters
C.    Michael
D.    RC5 stream cipher
E.    Block cipher support
F.    Increased IV length

Answer: BCF

Given: The ABC corporation currently utilizes a public key infrastructure (PKI) to allow employees to securely access network resources using smart cards. The wireless network will use WPA2- Enterprise as its primary security solution. You have been hired to recommend a Wi-Fi alliance tested EAP method.
What solutions will require the least change inhowusers are currently authenticated and still integrate with there existing PKI?

E.    LEAP

Answer: D

Given:Many travelling business users connect to internet at airports, which often have 802.11g access points with a captive portal for authentication.
While using an airport hot spot with this security solution, to what type of wireless attack is user susceptible? (Choose 2)

A.    IGMP-snooping
B.    Man-in-middle
C.    Wi-Fi ARP poising
D.    Management interface exploits
E.    Wi-Fi phishing

Answer: AE

Which of the following stream ciphers is both a block cipher and a product cipher?

A.    RC2
B.    AES
C.    DES
D.    RC4

Answer: C

Review the exhibit and answer the following question. When monitoring APs within A LAN using a wireless network management system (WNMS, what secure protocol may be used by the WNMS to issue configuration change toAPs?

A.    TFTP
B.    SNMPv3
C.    802.1X/EAP
D.    PPTP
E.    IPSec/ESP

Answer: B

If you want to pass the CWNP PW0-204 exam sucessfully, recommend to read latest CWNP PW0-204 Dumps full version.