CWNP CWSP-207 Exam - Topic 1 Question 33 Discussion

Actual exam question for CWNP's CWSP-207 exam

Question #: 33
Topic #: 1

Given: John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website. The bank's website uses the HTTPS protocol to protect sensitive account information. While John was using the hot-spot, a hacker was able to obtain John's bank account user ID and password and exploit this information.

What likely scenario could have allowed the hacker to obtain John's bank account user ID and password?

AJohn's bank is using an expired X.509 certificate on their web server. The certificate is on John's Certificate Revocation List (CRL), causing the user ID and password to be sent unencrypted.

BJohn uses the same username and password for banking that he does for email. John used a POP3 email client at the wireless hot-spot to check his email, and the user ID and password were not encrypted.

CJohn accessed his corporate network with his IPSec VPN software at the wireless hot-spot. An IPSec VPN only encrypts data, so the user ID and password were sent in clear text. John uses the same username and password for banking that he does for his IPSec VPN software.

DThe bank's web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

EBefore connecting to the bank's website, John's association to the AP was hijacked. The attacker intercepted the HTTPS public encryption key from the bank's web server and has decrypted John's login credentials in near real-time.

Show Suggested Answer

Suggested Answer: B

by Arminda at Nov 21, 2025, 12:40 PM

Limited Time Offer

25%

Off

Get Premium CWSP-207 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Sue

9 hours ago

John was using an unencrypted hot-spot, so any of these could be a risk!

upvoted 0 times

...

Felix

6 days ago

D is definitely not it. A valid root CA is crucial for secure connections.

upvoted 0 times

...

Ivette

11 days ago

Wait, can a hacker really intercept HTTPS keys like that? Seems too easy.

upvoted 0 times

...

Alesia

16 days ago

I think E is more plausible. That hijacking stuff is pretty wild!

upvoted 0 times

...

Glendora

21 days ago

Sounds like B is the most likely scenario. Same password for everything is a bad idea!

upvoted 0 times

...

Florencia

26 days ago

E is a bit far-fetched. Intercepting the HTTPS key in real-time is not a trivial task.

upvoted 0 times

...

Cristina

1 month ago

D seems plausible too. An untrusted certificate could lead to unencrypted communication.

upvoted 0 times

...

Ivette

1 month ago

B is the correct answer. John's reuse of the same credentials across different services is the likely cause of the breach.

upvoted 0 times

...

Mertie

1 month ago

I’m a bit confused about option A. I thought HTTPS would still protect the data even if the certificate was expired, but maybe I’m wrong?

upvoted 0 times

...

Katina

2 months ago

I feel like option E could be a possibility too, especially with how attackers can hijack connections at public hotspots.

upvoted 0 times

...

Judy

2 months ago

I think option B makes sense because using the same credentials for email and banking is risky, especially if the email isn't encrypted.

upvoted 0 times

...

Sophia

2 months ago

Okay, I think I've got it. The key here is that John was using an unencrypted connection at the wireless hotspot, which allowed the hacker to intercept his login credentials. So the most likely scenario is option B, where he used the same username and password for his bank account and his email, and the hacker was able to grab those credentials when he checked his email over the unsecured connection.

upvoted 0 times

...

Gearldine

2 months ago

I think option B makes the most sense. Same username and password for email? That's risky.

upvoted 0 times

...

Cherrie

2 months ago

Hmm, this is a tricky one. I'm leaning towards option B as well, since it seems the most straightforward way for the hacker to have intercepted the unencrypted login credentials. But I'm also curious about the other options, like the expired certificate or the VPN issue. I'll make sure to read through each one thoroughly before making my final decision.

upvoted 0 times

...

Estrella

2 months ago

I remember studying about the risks of using public Wi-Fi, but I'm not sure how that relates to the specific options here.

upvoted 0 times

...

Whitney

3 months ago

I bet John was checking his Facebook at the coffee shop too. Rookie mistake!

upvoted 0 times

...

Josphine

3 months ago

Haha, John should have used a VPN. That would have kept the hackers away!

upvoted 0 times

...

Earleen

3 months ago

I'm a bit confused by this question. It seems like there are a few different ways the hacker could have obtained John's login credentials, but I'm not sure which one is the most likely scenario. I'll have to think through each of the options carefully.

upvoted 0 times

...

Rachael

3 months ago

I'm pretty sure the answer is B. The question mentions that John used the same username and password for his bank account as he did for his email, and he accessed his email using an unencrypted POP3 connection at the wireless hotspot. That seems like the most likely way the hacker could have obtained his login credentials.

upvoted 0 times

...