CWNP-Certified Wireless Security Professional (CWSP)2 Set 1

1.

Which option is the prerequisite for creating a bridge domain in Cisco APIC?

802.11n WPS sensor with a single 2x2 radio The company's current laptop-based protocol analysis tools WIPS solution that is integrated in the company's AP infrastructure The company's current overlay WIPS solution The company's current laptop-based spectrum analysis tools

2.

Your company security policy states that FTP traffic to web servers is never permitted. Which ACI construct can be used to ensure that FTP traffic is dropped even if a contract that permits FTP is applied to the web server EPG?

According to the location service profile According to the SNMP MIB table According to the RADIUS rectum attribute According to the site survey template According to the default security policy

3.

You must create a bridge domain that has one subnet. The supported IP address range should be 10.12.10.0 through 10.12.11.254. The default gateway should be 10.12.11.100. Which configuration is correct?

Verification that administrative passwords are unique to each infrastructure device Enabling encryption to prevent MAC addresses from being sent in clear text Security policy details should be safeguarded from non IT employees to prevent vulnerabilityexposure End user training for password selection and acceptable network use Social engineering recognition and mitigation technique.

4.

Which description of OpFlex is true?

Allows access to specific files and applications based on the user's WMM AC. Provide admission control to VoWiFi clients on selected access points. Allows one user group to access an internet gateway while denying internet access gateway toanother group Provide differing levels of management access to a WLAN controller based on the useraccount. Allow simultaneous support of multiple EAP types on a single Access point.

5.

Which counters are updated in an EPG-to-EPG policy where both EPGs are local to the same leaf switch?

3, 4, 1, 2 2, 3, 4, 1 1, 2, 3, 4 4, 3, 1, 2

6.

A custom-developed script is failing due to a code 403 "token was invalid" error message. Which action corrects the problem?

Wireless hijacking attacks Weak initialization vectors Offline dictionary attacks Weak password policies MAC spoofing

7.

Which protocol is needed to synchronize the fabric to make use of atomic counters?

EAP-TLS requires a PKI to create X509 certificates for both the server and client, which increases
administrative overhead. EAP-TLS does not use SSL to establish a secure tunnel for internal EAP authentication. Fast/secure roaming in an 802 11 RSN is significantly longer when EAP-TLS is use. EAP-TLS does not protect the client's username and password in side an encrypted tunnel. Though more secure EAP-TLS is not widely supported by wireless infrastructure or client vendors.

8.

Which class or DN would you query in the Cisco APIC Visore interface to return the in-band and out-of-band IP addresses of the Cisco APIC cluster?

Eavesdropping Offline dictionary Layer 1 DoS Session hijacking Man-in-the-middle

9.

If you see "CiscoAVPair" in the Cisco APIC API Inspector, which Cisco APIC main menu was clicked?

EAP-TTLS does not require the use of PKI. EAP-TTLS does not require an authenticator server. EAP-TTLS sends encrypted supplicant credentials to the authentication server. EAP-TTLS supports mutual authentication between supplicants and authenticationservers. EAP-TTLS supports smartcard clients.

10.

Which filter must be enabled in the Cisco APIC API Inspector to view API calls?

Allow only trusted patrons to use the WLAN Use a WIPS to deauthenticate the malicious stations Require clients STAs to have updated firewall and antivirus software Disable the WLAN during non business hours Use the captive portal to force users to agree to an acceptable use disclaimer

CWNP-Certified Wireless Security Professional (CWSP)2 Set 1

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

COMPANY

Products

OTHERS

Partner

CWNP-Certified Wireless Security Professional (CWSP)2 Set 1

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner