Implementing Advanced Cisco Unified Wireless Security v2.0 v9.0

Page:    1 / 14   
Exam contains 206 questions

Employees are allowed to start bringing their own wireless devices to work for use on the
802.11a/b/g/n WLAN when using their existing credentials. However, they are experiencing issues. Which two items are the most probable cause of these issues? (Choose two.)

  • A. incorrect IP address
  • B. supplicant or driver
  • C. incorrect user name
  • D. wrong wireless band
  • E. application issues


Answer : B,E

Which three Cisco WLC v7.0 CLI family of commands would be appropriate to troubleshoot a wireless client failure for connection to an AP? (Choose three.)

  • A. debug capwap
  • B. debug mac addr
  • C. debug ccxdiag
  • D. debug dhcp
  • E. debug ap
  • F. debug dtls
  • G. debug aaa


Answer : B,D,G

Clients are failing EAP authentication. A debug shows that an EAPOL start is sent and the clients are then de-authenticated. Which two issues can cause this problem? (Choose two.)

  • A. The WLC certificate has changed.
  • B. The WLAN is not configured for the correct EAP supplicant type.
  • C. The shared secret of the WLC and RADIUS server do not match.
  • D. The WLC has not been added to the RADIUS server as a client.
  • E. The clients are configured for machine authentication, but the RADIUS server is configured for user authentication.


Answer : C,D

An engineer is adding client entries with the controller addresses to ACS. What IP address format would be used to add the class C network 192.168.1.0 in a single entry?

  • A. 192.168.1.0/24
  • B. 192.168.1.0 255.255.255.0
  • C. 192.168.1.*
  • D. 192.168.1.0-255
  • E. 192.168.1.0-192.168.1.255


Answer : C

Employees are allowed to starting bringing their own laptops to work. Which option can help provide a temporal user device vulnerability check when using the Java applet or
ActiveX?

  • A. Cisco NAC Server
  • B. Cisco NAC Guest Server
  • C. Cisco NAC Manager
  • D. Cisco NAC Windows Agent
  • E. Cisco NAC Web Agent
  • F. Cisco ACS


Answer : E

An engineer enabled client exclusion in the WLAN, but still sees a client failing EAP authentication every few seconds in the log. What other setting must be enabled for the exclusion to function?

  • A. Excessive 802.11 Association Failures
  • B. Excessive 802.11 Authentication Failures
  • C. Excessive 802.1X Authentication Failures
  • D. IP Theft or IP Reuse
  • E. Excessive Web Authentication Failures


Answer : C

Which three products are required to produce Cisco Clean Air Security reports? (Choose three.)

  • A. WLC v7.0
  • B. WCS v7.0
  • C. MSE v7.0
  • D. Spectrum Expert v4.0
  • E. 1260 AP
  • F. 3500 AP


Answer : A,B,F

The customer requires the use of the data, voice, barcode scanner, and guest WLANs.
How many VLANs does Cisco recommend to be used?

  • A. 1
  • B. 2
  • C. 3
  • D. 4
  • E. 5


Answer : D

Which feature should an engineer select to implement the use of VLAN tagging, QoS, and
ACLs to clients based on RADIUS attributes?

  • A. per-WLAN RADIUS source support
  • B. client profiling
  • C. AAA override
  • D. captive bypassing
  • E. identity-based networking


Answer : C

What two settings must be selected under the wireless properties security tab to configure
EAP-TLS on a Microsoft Windows client? (Choose two.)

  • A. 802.1X
  • B. Shared
  • C. WPA2-Personal
  • D. WPA2-Enterprise
  • E. Network Security Key
  • F. Smart Card or other certificate
  • G. Protected EAP


Answer : D,F

An engineer is changing the encryption method of a wireless network from PEAP-MS-
CHAP V2 to EAP-TLS. Which two changes are necessary? (Choose two.)

  • A. The authentication server requires a new certificate.
  • B. All authentication clients require their own certificates.
  • C. The users require the Cisco AnyConnect client.
  • D. A new certificate is required for each authenticated user.
  • E. A Cisco NAC server is required.
  • F. Cisco Secure ACS is required.


Answer : A,B

Which two statements describe the use of NAM by the Cisco AnyConnect v3.0? (Choose two.)

  • A. removes Cisco Secure Services Client v5.X but retains the configuration for NAM
  • B. removes Cisco Secure Services Client v5.X software and configuration for a clean install
  • C. installs on Windows, Mac, and Linux
  • D. installs on Windows only
  • E. requires a license
  • F. requires a profile editor to allow a user to add WLANs


Answer : A,D

Which two firewall ports must be opened for the anchor controller to operate properly with a foreign controller for guest access? (Choose two.)

  • A. ports 16666 and 16667 for controller traffic
  • B. port 97 for EoIP traffic
  • C. port 80 for HTTP traffic
  • D. port 69 for TFTP traffic


Answer : A,B

The Cisco Unified Wireless Network solution, which is based on version 7.0, provides which three wired-side tracing techniques? (Choose three.)

  • A. switch port tracing
  • B. adaptive wIPS
  • C. RLDP
  • D. autocontainment
  • E. rogue detector
  • F. H-REAP


Answer : A,C,E

Which four tasks are needed to configure a new Cisco CAM? (Choose four.)

  • A. Create an OOB management profile in the Cisco CAS for the controller.
  • B. Configure the Cisco CAM as the authentication server for the controller.
  • C. Configure the controller as an OOB management device in the Cisco CAM.
  • D. Create a managed subnet for the Cisco CAM from the Cisco CAS.
  • E. Create VLAN mapping in the Cisco CAS from the Cisco CAM.
  • F. Verify that the controller hardware and software are supported by the Cisco CAM.
  • G. Create local user accounts and verify them on the Cisco CAM.
  • H. Configure the Cisco CAM as an OOB virtual gateway.


Answer : C,E,F,G

Page:    1 / 14   
Exam contains 206 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.