Browse Exams Pricing

ExamsGAWNQuestions

GAWN Exam Questions

85 real GAWN exam questions with expert-verified answers and explanations. Page 1 of 2.

Question #1
Which attack is MOST directly associated with WEP IV weaknesses?
Question #2
You find an SSID using WPA3-Personal but also advertising "transition mode". What does that imply?
Question #3
A client associates to an evil twin AP with stronger signal and same SSID. Which client-side behavior MOST enables this?
Question #4
Which management frames are protected by PMF when negotiated?
Question #5
Which is the MOST effective audit recommendation to reduce credential theft risk in WPA2- Enterprise?
Question #6
A capture shows EAPOL Message 2/4 includes SNonce and MIC. What does Message 2 primarily prove?
Question #7
Which control BEST mitigates WPS brute-force risk?
Question #8
Which statement about GCMP is MOST accurate?
Question #9
A wireless survey finds large areas at -80 dBm RSSI for the corporate SSID. From an auditor viewpoint, the MOST likely security risk is:
Question #10
Which device is the authoritative source for "who authenticated" in WPA2-Enterprise?
Question #11
An auditor sees EAP method "EAP-MD5" enabled. What is the best classification?
Question #12
Which wireless condition MOST impacts throughput due to contention, not PHY rate?
Question #13
What is the MOST direct mitigation for deauth attacks in legacy WPA2 networks?
Question #14
A capture shows RSN AKM 00-0f-ac:3. What does that indicate?
Question #15
Which is MOST likely to leak a hidden SSID across the air repeatedly?
Question #16
Which attack focuses on manipulating client behavior to join a network by answering probes broadly?
Question #17
A WPA2-Enterprise deployment uses VLAN assignment per user/group. Where is VLAN assignment MOST commonly enforced?
Question #18
Which IEEE amendment is most associated with fast roaming improvements?
Question #19
An auditor sees "Open" security but encrypted frames after association using OWE. What is the best description?
Question #20
Which audit evidence BEST supports a finding of "rogue AP" presence?
Question #21
Which is TRUE about Wi-Fi "transition mode" SSIDs (e.g., WPA2/WPA3)?
Question #22
An auditor sees EAPOL frames but no DHCP/ARP from the client. What phase is MOST likely underway?
Question #23
Which statement about WIPS vs WIDS is MOST accurate?
Question #24
Which AP misconfiguration MOST increases risk of offline cracking?
Question #25
A capture shows the client and AP both advertise PMF capable, but association proceeds without PMF. What is MOST likely?
Question #26
In WPA2, which key encrypts broadcast/multicast traffic?
Question #27
Which is the MOST accurate statement about "client isolation" (AP isolation)?
Question #28
A Wireshark decode shows RSN Capabilities "Replay Counter: 16". What does that primarily relate to?
Question #29
Which is a common indicator of a "honeypot/evil twin" during assessment?
Question #30
A WPA2-Enterprise environment uses EAP-TLS. Which audit weakness is MOST critical?
Question #31
Which U.S. 2.4 GHz channel is NOT permitted for standard Wi-Fi client operation?
Question #32
Which metric BEST represents link quality relative to interference?
Question #33
Which attack is MOST directly associated with TKIP weaknesses (not AES)?
Question #34
A wireless controller shows many authentication failures from unknown MACs across multiple APs. What audit concern is MOST plausible?
Question #35
Which 802.11 frame category includes RTS/CTS/ACK?
Question #36
Which is the BEST practice for preventing users from connecting to rogue enterprise SSIDs?
Question #37
An AP is configured for WPA2-Enterprise, but the client is prompted to "enter a password" instead of selecting a certificate. What is MOST likely?
Question #38
Which is a realistic limitation of relying solely on MAC filtering?
Question #39
Which is MOST likely to be impacted by RF jamming?
Question #40
A site requires strong roaming for VoWiFi. Which standard is MOST relevant?
Question #41
Which observed behavior is MOST consistent with a client performing directed probes for a hidden SSID?
Question #42
A capture includes Group Key Handshake frames. What does that MOST likely indicate?
Question #43
Which is the MOST accurate statement about WPA3-SAE vs WPA2-PSK regarding offline guessing?
Question #44
Which attack uses forced disconnects to increase chance of capturing EAPOL handshakes?
Question #45
Which of the following is the MOST defensible "high severity" wireless finding in an enterprise?
Question #46
A capture shows 802.11 Authentication frames with algorithm "Open System". What does that indicate?
Question #47
What is the MOST accurate audit statement about "hidden SSID + strong WPA2"?
Question #48
Which item is MOST useful to differentiate multiple APs advertising the same SSID?
Question #49
A WLAN uses 802.11r FT over-the-air. Which AKM suite commonly indicates this for PSK-based FT?
Question #50
Which is the MOST accurate statement about "OWE transition mode"?

Page 1 of 2Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.