Implementing Advanced Cisco Unified Wireless Security v2.0 v9.0

Page:    1 / 14   
Exam contains 206 questions

Employees are allowed to start bringing their own wireless devices to work for use on the
802.11a/b/g/n WLAN when using their existing credentials. However, they are experiencing issues. Which two items are the most probable cause of these issues? (Choose two.)

  • A. incorrect IP address
  • B. supplicant or driver
  • C. incorrect user name
  • D. wrong wireless band
  • E. application issues


Answer : B,E

Which three Cisco WLC v7.0 CLI family of commands would be appropriate to troubleshoot a wireless client failure for connection to an AP? (Choose three.)

  • A. debug capwap
  • B. debug mac addr
  • C. debug ccxdiag
  • D. debug dhcp
  • E. debug ap
  • F. debug dtls
  • G. debug aaa


Answer : B,D,G

Clients are failing EAP authentication. A debug shows that an EAPOL start is sent and the clients are then de-authenticated. Which two issues can cause this problem? (Choose two.)

  • A. The WLC certificate has changed.
  • B. The WLAN is not configured for the correct EAP supplicant type.
  • C. The shared secret of the WLC and RADIUS server do not match.
  • D. The WLC has not been added to the RADIUS server as a client.
  • E. The clients are configured for machine authentication, but the RADIUS server is configured for user authentication.


Answer : C,D

An engineer is adding client entries with the controller addresses to ACS. What IP address format would be used to add the class C network 192.168.1.0 in a single entry?

  • A. 192.168.1.0/24
  • B. 192.168.1.0 255.255.255.0
  • C. 192.168.1.*
  • D. 192.168.1.0-255
  • E. 192.168.1.0-192.168.1.255


Answer : C

Employees are allowed to starting bringing their own laptops to work. Which option can help provide a temporal user device vulnerability check when using the Java applet or
ActiveX?

  • A. Cisco NAC Server
  • B. Cisco NAC Guest Server
  • C. Cisco NAC Manager
  • D. Cisco NAC Windows Agent
  • E. Cisco NAC Web Agent
  • F. Cisco ACS


Answer : E

An engineer enabled client exclusion in the WLAN, but still sees a client failing EAP authentication every few seconds in the log. What other setting must be enabled for the exclusion to function?

  • A. Excessive 802.11 Association Failures
  • B. Excessive 802.11 Authentication Failures
  • C. Excessive 802.1X Authentication Failures
  • D. IP Theft or IP Reuse
  • E. Excessive Web Authentication Failures


Answer : C

Which three products are required to produce Cisco Clean Air Security reports? (Choose three.)

  • A. WLC v7.0
  • B. WCS v7.0
  • C. MSE v7.0
  • D. Spectrum Expert v4.0
  • E. 1260 AP
  • F. 3500 AP


Answer : A,B,F

The customer requires the use of the data, voice, barcode scanner, and guest WLANs.
How many VLANs does Cisco recommend to be used?

  • A. 1
  • B. 2
  • C. 3
  • D. 4
  • E. 5


Answer : D

Which feature should an engineer select to implement the use of VLAN tagging, QoS, and
ACLs to clients based on RADIUS attributes?

  • A. per-WLAN RADIUS source support
  • B. client profiling
  • C. AAA override
  • D. captive bypassing
  • E. identity-based networking


Answer : C

What two settings must be selected under the wireless properties security tab to configure
EAP-TLS on a Microsoft Windows client? (Choose two.)

  • A. 802.1X
  • B. Shared
  • C. WPA2-Personal
  • D. WPA2-Enterprise
  • E. Network Security Key
  • F. Smart Card or other certificate
  • G. Protected EAP


Answer : D,F

An engineer is changing the encryption method of a wireless network from PEAP-MS-
CHAP V2 to EAP-TLS. Which two changes are necessary? (Choose two.)

  • A. The authentication server requires a new certificate.
  • B. All authentication clients require their own certificates.
  • C. The users require the Cisco AnyConnect client.
  • D. A new certificate is required for each authenticated user.
  • E. A Cisco NAC server is required.
  • F. Cisco Secure ACS is required.


Answer : A,B

Which two statements describe the use of NAM by the Cisco AnyConnect v3.0? (Choose two.)

  • A. removes Cisco Secure Services Client v5.X but retains the configuration for NAM
  • B. removes Cisco Secure Services Client v5.X software and configuration for a clean install
  • C. installs on Windows, Mac, and Linux
  • D. installs on Windows only
  • E. requires a license
  • F. requires a profile editor to allow a user to add WLANs


Answer : A,D

Which two firewall ports must be opened for the anchor controller to operate properly with a foreign controller for guest access? (Choose two.)

  • A. ports 16666 and 16667 for controller traffic
  • B. port 97 for EoIP traffic
  • C. port 80 for HTTP traffic
  • D. port 69 for TFTP traffic


Answer : A,B

The Cisco Unified Wireless Network solution, which is based on version 7.0, provides which three wired-side tracing techniques? (Choose three.)

  • A. switch port tracing
  • B. adaptive wIPS
  • C. RLDP
  • D. autocontainment
  • E. rogue detector
  • F. H-REAP


Answer : A,C,E

Which four tasks are needed to configure a new Cisco CAM? (Choose four.)

  • A. Create an OOB management profile in the Cisco CAS for the controller.
  • B. Configure the Cisco CAM as the authentication server for the controller.
  • C. Configure the controller as an OOB management device in the Cisco CAM.
  • D. Create a managed subnet for the Cisco CAM from the Cisco CAS.
  • E. Create VLAN mapping in the Cisco CAS from the Cisco CAM.
  • F. Verify that the controller hardware and software are supported by the Cisco CAM.
  • G. Create local user accounts and verify them on the Cisco CAM.
  • H. Configure the Cisco CAM as an OOB virtual gateway.


Answer : C,E,F,G

Page:    1 / 14   
Exam contains 206 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us