CWNP Updated CWDP-305 Exam Questions and Answers by harlie

The IEEE 802.11y amendment introduced support for operation in the 3.65–3.7 GHz frequency band, allowing for higher power transmissions up to 20 watts Equivalent Isotropically Radiated Power (EIRP).This enhancement was designed to improve wireless coverage and performance, especially in environments requiring extended range and penetration.

The increased power and frequency range provided by 802.11y facilitate better service in areas where traditional Wi-Fi bands may be congested or less effective.

A Wireless Intrusion Prevention System (WIPS) is a network security solution that monitors wireless LANs for unauthorized or malicious activity and provides real-time or automated responses. WIPS can perform a wide array of functions as outlined below:

A. Distributed protocol analysis:

WIPS sensors continuously scan wireless traffic and analyze frames to detect anomalies or policy violations in real time.

C. Performance monitoring and response:

WIPS can identify degradation in WLAN performance due to interference, misconfiguration, or rogue activity and alert administrators or take corrective action.

D. Data forensics and analysis:

WIPS platforms often include historical logging and reporting features that allow administrators to review past events and understand the timeline and impact of wireless threats.

E. Automated threat mitigation:

WIPS can automatically respond to threats by sending deauthentication frames, blocking MAC addresses, or disabling ports to mitigate rogue devices or attacks.

Note:

B. Client access to the distribution system is not a function of WIPS; it refers to client functionality in a WLAN, not a security service offered by WIPS.

“A WIPS performs functions such as rogue detection and mitigation, threat classification, forensic logging, and real-time protocol analysis. It can provide both historical analytics and proactive security enforcement.”

— CWDP-305 Study Guide, Chapter on Post-Design ValidationandTroubleshooting

In wired networks, VLANs (Virtual Local Area Networks) are used to segment network traffic into separate broadcast domains, effectively isolating traffic for security and performance purposes.Each VLAN operates as its own distinct network segment.

In wireless networks, while VLANs are used to segregate traffic once it reaches the wired infrastructure, the wireless medium itself is inherently a shared medium.This means that, over the air, all wireless clients share the same RF space, and broadcasts are received by all clients regardless of VLAN assignment.Therefore, VLANs in wireless networks do not inherently provide the same level of broadcast domain separation as in wired networks.

A coverage-based wireless network design focuses on providing signal coverage over a large area using fewer APs operating at higher power levels. This approach aims to ensure that the entire area has basic connectivity. However, it may not support high client densities or bandwidth-intensive applications effectively. In contrast, a capacity-based design would involve deploying more APs at lower power levels to handle a higher number of clients and provide better performance.