1. Home
  2. CWNP
  3. CWSP-206 Exam Syllabus

CWNP CWSP-206 Exam Syllabus

CWNP CWSP-206 Exam

Certified Wireless Security Professional (CWSP) Exam

Total Questions: 60

What is Included in the CWNP CWSP-206 Exam?

Authentic information about the syllabus and an effective study guide is essential to go through the CWNP CWSP-206 exam in the first attempt. The study guide of Study4Exam provides you with comprehensive information about the syllabus of the CWNP CWSP-206 exam. You should get this information at the start of your preparation because it helps you make an effective study plan. We have designed this CWNP Certified Wireless Security Professional certification exam preparation guide to give the exam overview, practice questions, practice test, prerequisites, and information about exam topics that help to go through the CWNP Certified Wireless Security Professional (CWSP) Exam (2021) exam. We recommend you to the preparation material mentioned in this study guide to cover the entire CWNP CWSP-206 syllabus. Study4Exam offers 3 formats of CWNP CWSP-206 exam preparation material. Each format provides new practice questions in PDF format, web-based and desktop practice exams to get passing marks in the first attempt.

CWNP CWSP-206 Exam Overview :

Exam Name Certified Wireless Security Professional (CWSP) Exam
Exam Code CWSP-206
Official Information https://www.cwnp.com/uploads/cwsp-206-objectives-2019.pdf
See Expected Questions CWNP CWSP-206 Expected Questions in Actual Exam
Take Self-Assessment Use CWNP CWSP-206 Practice Test to Assess your preparation - Save Time and Reduce Chances of Failure

CWNP CWSP-206 Exam Topics :

Section Weight Objectives
1.0 Security Policy – 10% 1.1  Define WLAN security Requirements
    1.1.1 Evaluate and incorporate business, technical, and applicable regulatory policies (for example, PCI-DSS, HIPAA, GPDR, etc.)
    1.1.2 Involve appropriate stakeholders
    1.1.3 Review client devices and applications
    1.1.4 Review WLAN infrastructure devices
 
1.2  Develop WLAN security policies
    1.2.1 Translate security requirements to high-level policy statements
    1.2.2 Write policies conforming to common practices including definitions of enforcement and constraint specification
    1.2.3 Ensure appropriate approval and support for all policies
    1.2.4 Implement security policy lifecycle management
 
1.3  Ensure proper training is administered for all stakeholders related to security policies and ongoing security awareness
2.0 Vulnerabilities, Threats, and Attacks – 30% 2.1  Identify potential vulnerabilities and threats to determine the impact on the WLAN and supporting systems and verify, mitigate, and remediate them
     2.1.1 Use information sources to identify the latest vulnerabilities related to a WLAN including online repositories containing CVEs
    2.1.2 Determine the risk and impact of identified vulnerabilities
    2.1.3 Select appropriate actions to mitigate threats exposed by vulnerabilities
    • Review and adjust device configurations to ensure conformance with security policy
    • Implement appropriate code modifications, patches and upgrades
    • Quarantine unrepaired/compromised systems
    • Examine logs and network traffic where applicable
    2.1.4 Describe and detect possible, common WLAN attacks including eavesdropping, man-in-the-middle, cracking, phishing, and social engineering attacks
    2.1.5 Implement penetration testing procedures to identify weaknesses in the WLAN
    • Use appropriate penetration testing processes including scope definition, information gathering, scanning, attack, and documentation procedures
    • Select and use penetration testing tools including project documentation, scanners, hardware tools, Kali Linux, protocol analyzers, WLAN auditing tools (software and hardware)
    2.1.6 Implement network monitoring to identify attacks and potential vulnerabilities
    • Use appropriate tools for network monitoring including centralized monitoring, distributed monitoring, and Security Information Event Management (SIEM) systems
    • Implement mobile (temporary), integrated and overlay WIPS solutions to monitor security events
 
2.2  Describe and perform risk analysis and risk mitigation procedures
     2.2.1 Asset management  
    2.2.2 Risk Ratings
    2.2.3 Loss expectancy calculations
    2.2.4 Develop risk management plans for WLANs
3.0 WLAN Security Design and Architecture – 45% 3.1  Select the appropriate security solution for a given implementation and ensure it is installed and configured according to policy requirements
    3.1.1 Select and implement appropriate authentication solutions
    • WPA/WPA2-Personal (Pre-Shared Key)
    • WPA/WPA2-Enterprise
    • WPA3-SAE and 192-Bit enterprise security
    • 802.1X/EAP
    • Understand the capabilities of EAP methods including EAP-TLS, EAP-TTLS, PEAP, EAP-FAST, EAP-SIM, and EAP-GTC
    • Guest access authentication
    3.1.2 Select and implement appropriate encryption solutions
    • Encryption methods and concepts
    • TKIP/RC4
    • CCMP/AES
    • SAE and 192-bit security
    • OWE
    • Virtual Private Network (VPN)
    3.1.3 Select and implement wireless monitoring solutions
    • Wireless Intrusion Prevention System (WIPS) - overlay and integrated
    • Laptop-based monitoring with protocol and spectrum analyzers
    3.1.4 Understand and explain 802.11 Authentication and Key Management (AKM) components and processes
    • Encryption keys and key hierarchies
    • Handshakes and exchanges (4-way, SAE, OWE)
    • Pre-shared keys
    • Pre-RSNA security (WEP and 802.11 Shared Key authentication)
    • TSN security
    • RSN security
    • WPA, WPA2, and WPA3
 
3.2  Implement or recommend appropriate wired security configurations to support the WLAN
    3.2.1 Physical port security in Ethernet switches
    3.2.2 Network segmentation, VLANs, and layered security solutions
    3.2.3 Tunneling protocols and connections
    3.2.4 Access Control Lists (ACLs)
    3.2.5 Firewalls
 
3.3  Implement authentication and security services
    3.3.1 Role-Based Access Control (RBAC)
    3.3.2 Certificate Authorities (CAs)
    3.3.3 AAA Servers
    3.3.4 Client onboarding
    3.3.5 Network Access Control (NAC)
    3.3.6 BYOD and MDM
 
3.4  Implement secure transitioning (roaming) solutions
    3.4.1 802.11r Fast BSS Transition (FT)
    3.4.2 Opportunistic Key Caching (OKC)
    3.4.3 Pre-Shared Key (PSK) - standard and per-user

3.5  Secure public access and/or open networks
    3.5.1 Guest access
    3.5.2 Peer-to-peer connectivity
    3.5.3 Captive portals
    3.5.4 Hotspot 2.0/Passpoint
 
3.6  Implement preventative measures required for common vulnerabilities associated with wireless infrastructure devices and avoid weak security solutions
    3.6.1 Weak/default passwords
    3.6.2 Misconfiguration  
    3.6.3 Firmware/software updates
    3.6.4 HTTP-based administration interface access
    3.6.5 Telnet-based administration interface access
    3.6.6 Older SNMP protocols such as SNMPv1 and SNMPv2
4.0 Security Lifecycle Management – 15% 4.1  Understand and implement management within the security lifecycle of identify, assess, protect, and monitor
    4.1.1 Identify technologies being introduced to the WLAN
    4.1.2 Assess security requirements for new technologies
    4.1.3 Implement appropriate protective measures for new technologies and validate the security of the measures
    4.1.4 Monitor and audit the new technologies for security compliance (Security Information Event Management (SIEM), portable audits, intrastructure-based audits, WIPS/WIDS)
 
4.2  Use effective change management procedures including documentation, approval, and notifications
 
4.3  Use information from monitoring solutions for load observation and forecasting of future requirements to comply with security policy
 
4.4  Implement appropriate maintenance procedures including license management, sofware/code upgrades, and configuration management
 
4.5  Implement effective auditing procedures to perform audits, analyze results, and generate reports
    4.5.1 User interviews
    4.5.2 Vulnerability scans
    4.5.3 Reviewing access controls
    4.5.4 Penetration testing
    4.5.5 System log analysis
    4.5.6 Report findings to management and support professionals as appropriate

Updates in the CWNP CWSP-206 Exam Syllabus:

CWNP CWSP-206 exam questions and practice test are the best ways to get fully prepared. Study4exam's trusted preparation material consists of both practice questions and practice test. To pass the actual Certified Wireless Security Professional CWSP-206 exam on the first attempt, you need to put in hard work on these CWNP CWSP-206 questions that provide updated information about the entire exam syllabus. Besides studying actual questions, you should take the CWNP CWSP-206 practice test for self-assessment and actual exam simulation. Revise actual exam questions and remove your mistakes with the Certified Wireless Security Professional (CWSP) Exam CWSP-206 exam practice test. Online and windows-based formats of the CWSP-206 exam practice test are available for self-assessment.

 

CWSP-206 Exam Details

Free CWSP-206 Questions