NEW QUESTION 1
Refer to the exhibit.


Your colleague a junior network engineer is struggling to enable DHCP option 82 in the layer 3 switch which is in the DMZ for a mobile client under a guest anchor Cisco wireless LAN controller deployment . What is your answer.?

• A. DHCP proxy must be enabled for DHCP option 82 to operate correctly . All Cisco WLCsthat will be in the setup must have the same DHCP proxy setting.
• B. DHCP option 82 must be enabled on the dynamic interface with which theWLANis associated
• C. DHCP option 82 is not supported when it is used with auto-anchor mobility
• D. The mobility tunnel datapath control path or both between the anchor cisco WLC and foreign WLC are down.

Answer: C

NEW QUESTION 2
Refer to the exhibit.

You enabled NAT to make sure that your WLC is publicly reachable If other NAT parameters are left to default which statement is true?

• A. The AP WLC discovery fails for APs in local mode using 209.165.200.44
• B. The AP WLC discovery succeeds for OEAPs joining the WLC using 192.168.3.44.
• C. The AP WLC discovery fails for APs in local mode using 192.168.3.44.
• D. The AP WLC discovery succeeds for OEAPs joining the WLC using 192.168.3.44 or 209.165.200.44.

Answer: A

NEW QUESTION 3
Which two IETF RADIUS attributes sent by the Cisco WLC can be used to differentiate authentication requests based on the user location? (Choose two )

• A. RADIUS attribute [95] NAS-IPv6-Address
• B. RADIUS attribute [32] NAS-Identifier
• C. RADIUS attribute [303] Source-IP
• D. RADIUS attribute [31] Calling-Station-Id
• E. RADIUS attribute [4] NAS-IP-Address
• F. RADIUS attribute [30] Called-Station-id

Answer: BD

NEW QUESTION 4
Refer to the exhibit.

In cloud deployments the hyper-threading feature is often enabled for higher virtual machine scale per compute node Is the hyper-threading feature enabled and what is the maximum number of core CPUs?

• A. Hyper-threading is enabled and the maximum number of core CPUs is 80
• B. Hyper-threading is enabled and the maximum number of core CPUs 40.
• C. Hyper-threading is disabled and the maximum number of core CPUs is 39
• D. Hyper-threading is disabled and the maximum number of core CPUs is 20.

Answer: A

NEW QUESTION 5
Refer to the exhibit. Which WLAN IDs will be advertised by an out-of-the-box AP that joins the WLC for the first time?

• A. 5,8,12,15
• B. 5,8,15
• C. 8,15
• D. 17,512
• E. 8,15,17,512
• F. 5,8,15,17,512

Answer: F

NEW QUESTION 6
You are the network administrator for ACME corporation. Your organization has deployed a single Cisco 5500 Series Wireless Controller with 100 Cisco Aironet 3500 Series Aps. A new IT member is worried that most of these Aps are working at a power Ievel3 on the 5GHz radio specially. As this power level setting is causing issues in your wireless network. Which option describes the likely cause of this behavior?

• A. The WLC has been recently rebooted, which causes the TPC algorithm to set power level 3 on all APs for 90 seconds.
• B. The controller TPC algorithm seems to have a proble
• C. It might have been set to work in TPCv2 mode instead of TPCvl.
• D. The WLC is misconfigured because the static power of level 3 has been set for all the APs under TPC settings.
• E. Cisco 7925 wireless IP Phones are in use and the DTPC feature is enabled on the 5 GHz radi

Answer: D

Explanation:
Tx Power
Num Of Supported Power Levels 5
Tx Power Level 1 .......................... 18 dBm
Tx Power Level 2 .......................... 15 dBm
Tx Power Level 3........................... 12 dBm
Tx Power Level 4 .......................... 9 dBm
Tx Power Level 5 .......................... 6 dBm
https://supportforums.cisco.com/discussion/11635606/power-level-wlc

NEW QUESTION 7
DRAG DROP

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 8
Which two statements about 802.11are true? (Choose two}

• A. MIC is appended for robust management frame.
• B. IGTK is used to protect robust broadcast and multicast management frames
• C. Association and disassociation frames are protected.
• D. PKC is used to protect robust unicast management frames .
• E. Association responses are not protected

Answer: BE

NEW QUESTION 9
You are the network administrator of a Cisco Autonomous AP deployment. You want to stop a client with MAC address 5057.a89e.b1f7 and IP address 10.0.0.2 from
associating to your APs. Which configuration do you use?

• A. access-list 700 permit 5057.a89e.b1f7 0000.0000.0000!dot11 association mac-list 700
• B. ip access-list 25 deny host 10.0.0.2!interface Dot11Radio0 ip access-group 25 out!interface Dot11Radio1 ip access-group 25 out
• C. ip access-list 25 deny host 10.0.0.2!interface Dot11Radio0 ip access-group 25 in!interface Dot11Radio1 ip access-group 25 in
• D. access-list 700 deny 5057.a89e.b1f7 0000.0000.0000!dot11 association on mac-list 700

Answer: D

Explanation:

NEW QUESTION 10

Refer to the exhibit. You have been asked to troubleshoot why VTP is not distributing new VLANs to a VTP client switch. Which option is the most likely root cause of this VTP problem.

• A. The VTP password is not set to level 15 on the client switch.
• B. The VTP password encryption level is not set on the client switch.
• C. The VTP encryption level does not match on the client switch.
• D. The VTP password is incorrect on the client switch.
• E. The client switch is set to transparent mod
• F. Which ignores VLAN configuration updates from VTP servers.

Answer: D

Explanation:
From:
Each sw, and issue the command:
No vtp password

https://www.packet6.com/configuring-vtp-on-cisco-switches/ http://www.sunpenguin.net/?p=283

NEW QUESTION 11
DRAG DROP

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 12
Which description is correct with regard to the operation of an access point in Rogue Location discovery Protocol Mode?

• A. The AP uses the existing wireless infrastructure in order to scan for rogue AP'
• B. Once discovered, these rogues are added to a local list that includes the rogue's BSSIDs, MAC addresses and any discovered security provisions (WPA, WEP etc)
• C. The AP moves to the rogue channel and attempts to connect to the rogue as a clien
• D. The AP then tries to obtain an IP address and forwards a UDP packet to the controller through the rogu
• E. If the controller receives this packet, the network administrator is notified that a rogue AP has been discovered on the wired network
• F. The AP detects a rogue client and then the network administrator is able to contain both the rogue AP and the rogue client
• G. This can be achieved because 802.11 deauthentication packets are sent to clients that are associated to rogue APs so threats such as holes are mitigated
• H. The AP determines whether or not a rogue access point is on a trusted networ
• I. It does not provide RF service of any kind but rather receives periodic rogue access point reports from thecontroller and sniffs all ARP packet
• J. If it finds a match between an ARP request and a MAC address it receives from the controlle
• K. It generates a rogue access point alert to the controller

Answer: B

NEW QUESTION 13
Which three steps are required during the intial configuration of a Cisco Converged Access controller so that the access points can join? (Choose three)

• A. The Cisco 5760 controller that acts as a mobility controller can support up to 10000APs.
• B. Ensure that an active license is enabled with the proper AP count.
• C. Ensure that the wireless management interface is correctly configured.
• D. In a Converged Access deployment, the APs must be on the same VLAN as the wireless management interface.
• E. To enable wireless services, the Cisco 3850 switch must run an ipservices or ipbase license.
• F. Network connectivity is not necessary because all the APs connect directly to the Converged Access controller.

Answer: BCE

NEW QUESTION 14
Which two statements about deploying a mesh network by MAPs and RAPs are true on AireOS 8.0?(Choose two.)

• A. The backhaul client access feature cannot be enabled on a RAP that is, a RAP does not allow clients on its 302.11a radio.
• B. The three main types of mesh type under the neighbor information are neighbor, parent, and chil
• C. For types default neighbor, default parent, and default child, default is used when the neighborBGN is not known or different from the current AP BGN if the strict matching BGN feature is disabled.
• D. A MAP/RAP must be authorized by either PSK or EAP before joining a controller in bridge mode
• E. RADIUS and Local authentications are supported with both PSK and EA
• F. VLAN tags are always forwarded across Mesh links.
• G. VLAN tags are always forwarded across Mesh link

Answer: BD

Explanation:

shows a simple mesh network deployment made up of mesh APs, WLCs, and a WCS. In this example deployment, there are three mesh APs connected to the wired network. These APs are designated as roof-top APs (RAPs); all other APs in the mesh network are known simply as mesh APs (MAPs). All mesh APs, both MAP and RAP, can provide WLAN client access, however in most cases because of the RAPs location it is not well suited for providing client access. In the following example the RAPs are located on the roof of each of the buildings and are connected to the network at each location. Some of the buildings have WLCs located at them to terminate LWAPP sessions from the mesh APs, but it is not necessary for every building to have a WLC. LWAPP sessions can be back hauled across the WAN if needed to other locations where a WLC resides.
Note PSK may be used in place of EAP if configured on the WLC.
Cisco Wireless LAN Controller Configuration Guide, Release 5.2 - Chapter 8 - Controlling Mesh Access
Points [Cisco 4400 Series Wireless LAN Controllers] - Cisco http://www.cisco.com/c/en/us/td/docs/wireless/controller/5-2/configuration/guide/Controller52CG/c52mesh.html#wp1542630 http://www.cisco.com/c/en/us/td/docs/wireless/controller/5-2/configuration/guide/Controller52CG/c52mesh.html#wp1474800 http://www.cisco.com/c/en/us/td/docs/wireless/technology/mesh/8-1/design/guide/b_mesh_81/Connecting_the_Cisco_1500_Series_Mesh_Access_Points_to_the.pdf
http://www.cisco.com/c/en/us/td/docs/wireless/technology/mesh/8-0/design/guide/mesh80/Mesh_Network_Components.html

NEW QUESTION 15
In order to provide end-to-end QoS, how to send traffic classification information between the LWAPP AP and the WLAN Controller?

• A. LWAPP APs map the WMM CoS values of the client traffic to the Ethernet frames and the CoS value of the Ethernet frames sent to the AP to the WMM access categor
• B. The switch upstream from the AP is responsible for converting between 802.1D classification and DSCP
• C. LWAPP packets from the controller and the AP are marked by DSCP based on the DSCP of the tunneled traffi
• D. This DSCP is converted to a CoS by a table in the A
• E. The access category used for each frame depends on the table CoS and QoS profile of the WLAN
• F. There is no end-to-end QoS, only WMM on the WLA
• G. This is all that is required, because campus networks typically have greater than 1 Gb/s backbones and WLANs operate at only 11 or 54 Mb/s
• H. The WMM CoS values are carried within the LWAPP tunnels and translated from CoS to DSCP to ensure that the correct priority is given to different LWAPP packets

Answer: B

NEW QUESTION 16
VLAN Trunking Protocol is a Cisco proprietary protocol that propagates the definition of VLANs over the local area network. Which two statements are true?(Choose two.)

• A. VTP requires access mode interfaces to propagate.
• B. VTP requires trunk mode interfaces to propagate.
• C. VTP transparent mode forwards VTP packets and can act as a client or a server.
• D. VTP config revision increases base on switch uptime.
• E. When Cisco switches are started from scratch, they are in server mode and their domain is set to null.

Answer: BE

NEW QUESTION 17
DRAG DROP
Drag and drop the AVC configuration feature on the left to their respective function on the right.?

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/primeinfrastructure/ solution_overview_c22-728972.html
http://mrncciew.com/2013/02/13/who-really-support-wlc-netflow/ http://mrncciew.com/2013/10/07/3850-filexible-netflow/ http://docwiki.cisco.com/wiki/AVC:AVC_Tech_Overview https://en.wikipedia.org/wiki/NetFlow

http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7- 5/AVC_dg7point5.html#pgfId-50665

NEW QUESTION 18
The IT department has completed the installation and configuration of the wireless network in their campus. They have a tot of access points and

• A. controllers to support the huge volume of Wi-Fi devices They have enabled load balancing but they cannot see this function work Which root of the problem is true?
• B. Access points must be on the same controller to load balance wireless clients
• C. Band steering is disabled so load balancing cannot work properly
• D. Load balancing is a client decision and some of the client devices may not support this feature
• E. Controllers must have the same virtual interface IP address to load balance wireless clients

Answer: B

NEW QUESTION 19
Refer to the exhibit. It belongs to a Cisco IOS AP with just one radio. This portion of configuration refers to a multiple SSID/VLAN configuration. Which statement is correct?

Refer to the exhibit. It belongs to a Cisco IOS AP with just one radio. This portion of configuration refers to a multiple SSID/WLAN configuration. Which statement is correct?

• A. The configuration does not allow for non-corporate clients to connect to any SSID Guesttraffic.There fore will not allowed.
• B. 'mbssid guest-mode' is used to allow broad cat of multiple SSIDs on the radio interfac
• C. No other 'mbssid" commands are needed to achieve this functionality.
• D. The AP must have subinterfaces 80,81,and 82 configured on the Radio 0 and Ethernet interfaces.
• E. The SSID "EAP" will allow clients to connect to it using any EAP authentication method such as EAP-TLS.

Answer: C

Explanation:

Consider the association process of a wireless client to an SSID. Drag and drop the client actions from the left into the correct order of operation on the right.
Left:
802.11 probe request 802.11 association request EAPol key message 2 802.11 authentication request EAP identity response
Right:
Step1 -------------Step1 802.11 probe request
Step2 -------------Step2 802.11 authentication request
Step3 -------------Step3 802.11 association request
Step4 -------------Step4 EAP identity response
Step5 -------------Step5 EAPol key message 2

NEW QUESTION 20
In a Cisco ACI environment, which option best describes "contracts"?

• A. a set of interaction rules between endpoint groups
• B. a Layer 3 forwarding domain
• C. to determine endpoint group membership status
• D. named groups of related endpoints

Answer: AC

NEW QUESTION 21
You are conducting a site survey for a customer that is about to deploy Cisco wireless phones.
Which three recommendations apply? (Choose three.)

• A. Minimum SNR should be 15 dB.
• B. The minimum recommended wireless signal strength for voice applications is -71 dBm.
• C. Minimum SNR should be 25 dB.
• D. Wireless cell overlap should be 20 percent.
• E. Minimum SNR should be 35 dB.
• F. The minimum recommended wireless signal strength for voice applications is -57 dBm.
• G. Wireless cell overlap should be 10 percent.
• H. The minimum recommended wireless signal strength for voice applications is -67 dB

Answer: ADF

NEW QUESTION 22
What are the three components that are used within the authentication process on an 802.1x/EAPenabled WLAN? (Choose three.)

• A. wireless web server
• B. supplicant
• C. authenticator
• D. Cisco WCS
• E. authentication server
• F. key management server

Answer: DEF

NEW QUESTION 23
Which two statements about 802.11 ac wireless LAN technology are true? (Choose two.)

• A. Antenna design does have to change because 802.11ac occupies different spectrum as 802.11a and802.11n at 5 GHz
• B. The 802.11ac IEEE standard allows for theoretical speeds up to 6.9 Gbps in the 5 GHz band, which is 11,5 times those of 802.11n
• C. The 802.11ac standard defines downlink and uplink MU-MIMO, which is for the access point sending to multiple clients concurrently and for multiple clients coordinating to transmit separate packets to the access point at the same time
• D. The 802.11ac Wave 2 standard limits itself to communicating with a maximum of four clients at a time,using up to a total of eight spatial streams (for all clients) or a maximum of four spatial streams per client in a MU-MIMO transmission
• E. Client MU-MIMO (802.11ac Wave 2)

Answer: BC

NEW QUESTION 24
What are the three fundamental properties that are provided by the antenna of an AP? (Choose three.)

• A. frequency
• B. gain
• C. dB loss
• D. polarization
• E. direction
• F. modulation

Answer: BDF

NEW QUESTION 25
Why would you enable the RFC 3578 option when adding a new RADIUS authentication server to a WLC?

• A. you want to run both RADIUS and TACACS
• B. to support Disconnect and Change of Authorization
• C. to encrypt communications between the WLC and the RADIUS server
• D. to support RADIUS key wrapping

Answer: B

Explanation:
If you are configuring a new RADIUS authentication server, choose Enabled from the Support for RFC 3576 drop-down list to enable RFC 3576, which is an extension to the RADIUS protocol that allows dynamic changes to a user session, or choose Disabled to disable this feature. The default value is Enabled. RFC 3576 includes support for disconnecting users and changing authorizations applicable to a user session and supports disconnect and change-of-authorization (CoA) messages. Disconnect messages cause a user session to be terminated immediately where CoA messages modify session authorization attributes such as data filters.

NEW QUESTION 26
Refer to the exhibit.

While troubleshooting a central web authentication issue with Cisco ISE 2 0 or above, you see this message on the Cisco WLC Which statement about this message is true"?

• A. This message is not accepted by WLC because it is using an invalid TLV.
• B. This is a standard CoA message from ISE and the WLC does not send a dissociation frame on air to the client.
• C. This message is valid only for clients with CCX version 3 or above.
• D. This message results in WLC sending a dissociation frame to the client on ai

Answer: B

NEW QUESTION 27
......