Practice CWSP-208 Exam Online

Question 1

What preventative measures are performed by a WIPS against intrusions?

A : EAPoL Reject frame flood against a rogue AP

B : Evil twin attack against a rogue AP

C : Deauthentication attack against a classified neighbor AP

D : ASLEAP attack against a rogue AP

E : Uses SNMP to disable the switch port to which rogue APs connect

Answer: E

Question 2

As a part of a large organization’s security policy, how should a wireless security professional address the problem of rogue access points?

A :

Use a WPA2-Enterprise compliant security solution with strong mutual authentication and encryption for network access of corporate devices.

B :

Hide the SSID of all legitimate APs on the network so that intruders cannot copy this parameter on rogue APs.

C : Conduct thorough manual facility scans with spectrum analyzers to detect rogue AP RF signatures.

D : A trained employee should install and configure a WIPS for rogue detection and response measures.

E : Enable port security on Ethernet switch ports with a maximum of only 3 MAC addresses on each port.

Answer: D

Question 3

You are using a protocol analyzer for random checks of activity on the WLAN. In the process, you notice two different EAP authentication processes. One process (STA1) used seven EAP frames (excluding ACK frames) before the 4-way handshake and the other (STA2) used 11 EAP frames (excluding ACK frames) before the 4-way handshake. Which statement explains why the frame exchange from one STA required more frames than the frame exchange from another STA when both authentications were successful? (Choose the single most probable answer given a stable WLAN.)

A : STA1 and STA2 are using different cipher suites.

B : STA2 has retransmissions of EAP frames.

C : STA1 is a reassociation and STA2 is an initial association.

D : STA1 is a TSN, and STA2 is an RSN.

E : STA1 and STA2 are using different EAP types.

Answer: E

Question 4

Given: ABC Company has recently installed a WLAN controller and configured it to support WPA2-Enterprise security. The administrator has configured a security profile on the WLAN controller for each group within the company (Marketing, Sales, and Engineering). How are authenticated users assigned to groups so that they receive the correct security profile within the WLAN controller?

A :

The WLAN controller polls the RADIUS server for a complete list of authenticated users and groups after each user authentication.

B :

The RADIUS server sends a group name return list attribute to the WLAN controller during every successful user authentication.

C :

The RADIUS server forwards the request for a group attribute to an LDAP database service, and LDAP sends the group attribute to the WLAN controller.

D :

The RADIUS server sends the list of authenticated users and groups to the WLAN controller as part of a 4-Way Handshake prior to user authentication.

Answer: B

Question 5

What software and hardware tools are used together to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network? (Choose 2)

A : RF jamming device and a wireless radio card

B : A low-gain patch antenna and terminal emulation software

C : DHCP server software and access point software

D : MAC spoofing software and MAC DoS software

Answer: A,C

Name:	Certified Wireless Security Professional
Exam Code:	CWSP-208
Certification:	CWSP
Vendor:	CWNP
Total Questions:	121
Last Updated:	Apr 02, 2026

CWNP CWSP-208 Answers