CCIE Wireless Beta Written Exam Questions and Resources

Exam Name: Exam Type: Exam Code:
CCIE Wireless Beta Written Exam Cisco 350-050
Total Questions
240
Question: 1 Which two options are correct according to debug output presented in the following exhibit? (Choose two.)
Page 1 of 70
Total Questions
240
A. The wireless client uses a static IP address, so "0.0.0.0 START (0)" can be found in the logs. B. The wireless client has been successfully authenticated. Reauthentication is set to occur on an extremely aggressive schedule (every five seconds). C. The wireless client "hangs" in probes (does not proceed with 802.11 authentication and association). It is likely that the "encryption" or "key-management" advertised in the probe response does not match. D. Since the AP receives a probe request from the wireless client, the Access Point Functions state for the machine changes from "Idle" to "Probe." Answer: C, D Question: 2 Lightweight Access Point Protocol or LWAPP is the name of a protocol that can control multiple Wi-Fi wireless access points at once. How does the Cisco WCS know what has happened in an LWAPP system when an AP's interface goes down and then comes up again? A. The Cisco WCS polls the APs and when the AP is unreachable, reports "Max retransmissions reached on AP <name>". B. The AP sends a linkDown then linkUp trap to the Cisco WCS; these are two of the six traps defined in RFC 1215, A Convention for Defining Traps for use with the SNMP. C. The AP cannot send a linkDown trap, as per RFC 1215, because the link is down; when the link comes back up, the AP sends a linkup trap to the Cisco WLC, which then forwards the trap to the Cisco WCS. D. The Cisco WLC sends a trap to the Cisco WCS when it detects that an AP is down. Answer: D Question: 3 When using the enterprise-based authentication method for WPA2, a bidirectional handshake exchange occurs between the client and the authenticator. Which five options will be the results of that exchange by use of controller based network? (Choose five.) A. proof that each side is alive B. creation of the Pairwise Transient Key C. distribution of the Group Transient Key D. binding of a Pairwise Master Key at the client and the controller E. distribution of the Pairwise Master key for caching at the access point F. a bidirectional exchange of a nonce used for key generation Answer: A, B, C, D, F Question: 4 You can click on the buttons at the bottom of the screen to access resources associated with this item. The following resources are available to you: show run - show run on AP-1 debug logs - Logs/debugs on AP-1 Radius sniffer trace taken betwen AP-1 and AAA-Server. packet-overview frame-1 frame-2 frame-3 frame-4 Given:
Page 2 of 70
Total Questions
240
Wireless-Client (CB21) configured for SSID "CCIE-2" Standalone AP (autonomous), configured with 3 SSID's and 3 Data-Vlan plus the native VLAN. AAA server configured for LEAP and EAP-FAST authentication and dynamic VLAN assignment. Question: Why is this wireless client not able to associate to the network?
Answer: Pending Question: 5 According to the troubleshooting actions, choose proper troubleshooting process order. 1. Create a testing action plan based on the information gathered. 2. Clearly define the trouble reported. 3. If the problem has not been solved, change vanables and repeat process. 4. Collect data to isolate possible causes. 5. Analyze the results. 6. Execute tests to identify the actual source of the problem. I.Step1 II.Step2 III.Step3 IV.Step4 V.Step5 VI.Step6 A. I-2,II-4,III-1,IV-5,V-6,VI-3 B. I-2,II-4,III-1,IV-5,V-3,VI-6 C. I-2,II-4,III-1,IV-3,V-6,VI-5 D. I-2,II-4,III-1,IV-3,V-5,VI-6 Answer: A Question: 6 Study the exhibit carefully. You are deploying a site survey for a new implementation and see this information in Cisco Spectrum Expert. Which option is true?
Page 3 of 70
Total Questions
240
A. The capture shows radar. It is most probably military radar because of the frequency hopping in the "Swept Spectrogram." The workaround is to disable DFS on the AP. B. There is general background noise of -70dBm, which is not an issue at all for an 802.11b/g deployment. C. The location of this capture is most likely near a kitchen, because it is clear that there is a microwave oven disrupting channel 1-13. There will be some packet loss while cooking, which is not a problem, because employees will not be working during lunch time. D. This is a typical Bluetooth pattern. The source needs to be identified and eliminated because it will affect an 802.11b/g deployment. Answer: D Question: 7 ETSI produces globally-applicable standards for Information and Communications Technologies (ICT). What does the current European Telecommunications Standards Institute rule state is the 2.4-GHz maximum transmitter output power for point-to-point installations? A. 20 dBm B. 17 dBm C. 30 dBm D. 16 dBm Answer: B Question: 8 Which three statements best describe the communication between the Cisco Catalyst 6500 Series Supervisor Engine and the Cisco WiSM module? (Choose three.)
Page 4 of 70
Total Questions
240
A. The communication between the Catalyst Supervisor Engine and Cisco WiSM goes to the service port on the Cisco WiSM. B. WLCCP is used to communicate between the Cisco WiSM and Catalyst Supervisor Engine. C. WCP runs on UDP/IP port 10000. D. WCP is used to communicate between the Cisco WiSM and Catalyst Supervisor Engine. Answer: A, C, D Question: 9 How to apply WMM access categories in an autonomous AP? A. The autonomous AP automatically converts the DSCP values of the incoming packets based on a conversion table in the AP. B. Policy maps are used on the autonomous AP to apply CoS values to frames coming into the AP, based on the ACLs associated with the policy MAP. If no policy maps are applied, the AP will use the incoming frame's CoS to map the frame to the appropriate WMM access category. C. AP policy maps allow the DSCP to be set for packets to and from the autonomous AP. These DSCP values are translated to CoS values by the upstream switch. D. Autonomous APs do not support WMM access categories. Answer: B Question: 10 Key Encryption Key is used for the group key handshake to send to the Group Transient Key, so it can be delivered securely to the client. A. True B. False Answer: A Question: 11 The office is now operational using one 2106 WLAN controller with six 1131 APs and one 526 WLAN controller with three 521 APs. When the 526 loses power, the 521 APs do not build up a connection with the 2106 WLAN controller. What will most likely cause this problem? A. The 2106 controller and 526 controller do not share the same mobility group name. B. The 521 APs were not configured with the 2106 controller as the secondary controller. C. The 2106 controller and 526 controller were not configured correctly using the sysname and MAC address for a mobility group. D. The 2106 controller does not support the 521 APs. Answer: D Question: 12 You have been called to a customer's site to troubleshoot an EAP-FAST deployment by use of a Cisco 7921G wireless IP phone within the Cisco Unified Wireless Network. After examining the logs, you discover the following error: [SECURITY] 1x_auth_pae.c 2417: Reached Max EAP-Identity Request retries (#) for STA ##:##:##:##:##:##: Which command is the best solution to this problem? A. config advanced eap identity-request-timeout 0 B. config advanced eap request-retries 20
Page 5 of 70
Total Questions
240
C. config advanced eap identity-request-timeout 20 D. config advanced eap request-retries 0 Answer: B Question: 13 You work as a network engineer .If the WLAN interfaces configured on the different controllers are on different IP subnets (Layer 3 inter-controller roaming), can you telle me what will happen when a client roams from one controller (controller A) to a new controller (controller B)? A. Controller A will mark the client's entry in its client database as an anchor, controller B will not update its client database because of the anchored entry in controller A, and all ingress and egress traffic will flow through controller A. B. Controller A will mark the client with an anchor entry in its client database, the database, and the database entry will be copied to controller B and marked with a foreign entry. C. Controller A will mark the client's entry in its client database as foreign, controller B will update its client database, all ingress traffic will flow through controller A, and egress traffic will flow through controller B when symmetric tunneling is disabled. D. Controller B will update its client database and all client ingress and egress traffic will transition to the new controller. Answer: B Question: 14 The P4S company has a WLC at 192.168.1.3 on network 192.168.1.0/24 with a default gateway of 192.168.1.1. It also has a network 10.1.1.0/24 with a default gateway of 10.1.1.1. There is a GRE tunnel on the WAN between the two default gateways. Which ACL would allow encrypted management of the WLC from host 10.1.1.3 on the 10.1.1.0/24 network, but deny other traffic when applied inbound on the 10.1.1.1 interface? A. access-list 101 permit gre host 10.1.1.3 host 192.168.1.3 B. access-list 101 permit tcp host 10.1.1.3 eq 443 host 192.168.1.3 C. access-list 101 permit tcp host 10.1.1.3 host 192.168.1.3 eq 443 access-list 101 permit tcp host 10.1.1.3 host 192.168.1.3 eq 22 D. access-list 101 permit tcp host 10.1.1.3 host 192.168.1.3 eq 80 Answer: C Question: 15 The Wi-Fi Alliance develops testing and certification programs to help ensure the best user experience with Wi-Fi technology. Which three options are correct? (Choose three.) A. WPA2 includes interoperability tests of WEP, TKIP, and AES-CCMP functionality B. WPA2-Enterprise uses 802.1X and does not include EAP interoperability tests C. WPA2-Personal uses pre-shared keys D. WPA2-Enterprise uses 802.1X and includes EAP interoperability tests Answer: A, C, D Question: 16 Which two attributes are used to characterize antenna performance? (Choose two.) A. harmony B. gain C. beamwidth
Page 6 of 70
Total Questions
240
D. attenuation Answer: B, C Question: 17 Which components are required to generate a visual diagram such as the exhibit below?
A. Cisco WCS with a location license and a controller B. Cisco WCS with base license, Cisco 2700 Series Wireless Location Appliance, and a controller C. Cisco 2700 Series Wireless Location Appliance and a controller D. Cisco WCS with a location license, Cisco 2700 Series Wireless Location Appliance, and a controller Answer: D Question: 18 Which is the most likely cause that an autonomous AP does not have IP connectivity? A. no IP address on the BVI interface B. all radio interfaces are shut down C. no IP address on the Fast Ethernet interface D. no IP address on the radio interface Answer: A Question: 19 The WLAN controller in the Split-MAC architecture can handle which four functions?
Page 7 of 70
Total Questions
240
A. 802.1X B. key management C. 802.11e resource reservation D. association and disassociation messages Answer: A, B, C, D Question: 20 Which statement is true about the procedure for a lightweight AP to successfully establish a connection to a controller? A. AP sends its certificate to the RADIUS server. AP then authenticates the controller certificate as valid. B. AP sends its certificate to the controller. AP then authenticates the received Cisco WLC certificate as valid. C. AP sends its certificate to the RADIUS server. AP then authenticates the RADIUS certificate as valid. D. AP authenticates the received Cisco WLC certificate as valid. AP then sends its certificate to the controller. Answer: B Question: 21 One of your Cisco WLCs is on a segment separated from all other devices on the network by a firewall. You see the following error message on the Cisco WLC when the AP is trying to join: Thu Feb 3 03:20:47 2028: 00:0B:85:68:F4:F0 is trying to join: LWAPP Join-Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:0b:85:68:f4:f0. Thu Feb 3 03:20:47 2028: Unable to free public key for AP 00:0B:85:68:F4:F0. What causes this error? A. Probably a firewall is blocking udp/123 traffic, or there is an incorrect clock setting on the Cisco WLC. B. The DHCP server on the AP segment is including the Cisco WLC's AP Manager interface in DHCP option 43. Therefore, the IP address from the certificate does not match. C. The DHCP server has the incorrect value for option 60. Therefore, the AP is not finding the virtual IP address from the Cisco WLC. D. Probably a firewall is allowing the discovery on UDP port 12222, but is blocking UDP port 12223. Therefore, the second fragment from the certificate is not arriving on the controller. Answer: A Question: 22 You work as a network administrator for Company A. This company has a network with multiple controllers and wants to have the most cost-effective controller redundancy. In order to accomplish this, which option will you recommend? A. 1+1 B. N+1 C. N+N D. N+N+1 Answer: B Question: 23
Page 8 of 70
Total Questions
240
You are running the initial configuration of a particular AP in a Cisco WLC on menu Wireless > Access Points > 802.11B/G Radio. The Cisco WLC has three SSIDs: A, B, and C. How to use the WLAN override option on this Cisco WLC? A. If the AP is part of a group of APs, WLAN override will allow you to configure a particular interface associated with the SSID. B. If WLAN override is selected for SSID A, only SSID A will send beacons. The other SSIDs, B and C, will respond to probes and allow associations, but there will be no beacons. C. If WLAN override is selected for SSID A, SSID A will be operational on that AP but the other SSIDs will not be. D. If all three SSIDs are configured but disabled globally, by choosing 'WLAN override' for SSID A, you can make SSID A operational on this AP, as well as any other AP where WLAN override for SSID A has been chosen. Answer: C Question: 24 You work as a network technician at certways.com, read this subject carefully ,then answer the question. The existing Cisco Unified Wireless Controller is running v5.0 code for both the controllers and the Cisco WCS. A controller has been configured with an appropriate rogue rule condition to report discovered APs to the Cisco WCS. What default alarm level is used to display all rogue APs in the Alarm Summary? A. Major B. Critical C. Flash D. Minor Answer: D Question: 25 What is the reason that wireless analog video signals that are operating in the 2.4-GHz band are particularly harmful to Wi-Fi service? A. Analog Video modulation is the same as Wi-Fi and causes interference. B. Analog video is a constant signal with 100% duty cycle. C. Analog video is a strong signal and increases the SNR. D. Analog video signals are slow frequency hopping and tend to affect the entire band. Answer: B Question: 26 Which description about Cisco 7920 wireless IP phones is correct? A. Voice quality is inversely related to channel utilization value sent within QBSS-Load-Element: the lower the value, the higher the voice quality. B. Voice quality is inversely related to RSSI: the lower the RSSI, the higher the voice quality. C. These phones have exactly the same characteristics as the newer Cisco 7921 and 7925 wireless IP phones, and do not needs special care when you are configuring security and QoS. D. WPA2 is the recommended security method for deployment, along with Cisco Centralized Key Management for fast and secure roaming. Answer: A
Page 9 of 70
Total Questions
240
Question: 27 When increasing the beacon interval, what will happen? A. Stations in power-save mode will conserve more power, because they will have to awaken less often; however, this may delay packet delivery or cause the buffer to overflow. B. There will be no effect on the network. C. Stations in power-save mode will use more power, because they will have to awaken more often; however, this will positively impact stations looking for APs with which to associate. D. The network will be more secure. Answer: A Question: 28 IEEE 802.11h-2003, or just 802.11h, refers to the amendment added to the IEEE 802.11standard for Spectrum and Transmit Power Management Extensions. IEEE 802.11h was originally defined to provide spectrum management for Europe in the 5-GHz band. Which three uses does IEEE 802.11h now support? (Choose three.) A. TPC for the protection of radars from interference B. TPC for the protection of satellites from interference C. Mechanisms to reduce power consumption D. DFS for the protection of radars from interference Answer: B, C, D Question: 29 One of the advantages of implementing EAP-FAST is that it is not necessary to implement which item as part of your authentication infrastructure? A. a RADIUS server B. a Certificate Authority infrastructure C. a client that supports EAP-FAST D. an access control server Answer: B Question: 30 Which statement correctly describes client STA roam in a Cisco CKM setup? A. All the necessary key information is exchanged within reassociation request and response. Therefore, no interaction with the AAA server or EAPOL Key handshake is needed. B. There is no need for a new EAP authentication or reauthentication, because the Authenticator (WDS) maintain a copy of the PMKID. Therefore, the AP and STA only need to complete the EAPOL Key handshake. C. Due to the design of Cisco CKM, the STA authenticates against evey AP "in range" before trying to associate or reassociate. Therefore, once roaming occurs, there is no need for authentication. D. The STA maintains a list of APs it has already authenticated once. Therefore, the STA only needs to authenticate a maximum of one time per AP. Answer: A Question: 31 What is the reason that omnidirectional antennas pick up noise from more sources than directional antennas?
Page 10 of 70
Total Questions
240
A. An omnidirectional antenna's main lobe is wider, causing it to detect signals from every direction. B. It is incorrect that omnidirectional antennas pick up noise from more sources than directional antennas. C. A directional antenna is an active RF element therefore it has less dBi. D. The ratio of the height to width of an omnidirectional antenna makes it more likely to receive noise than a directional antenna. Answer: A Question: 32 Assuming that the antenna system characteristics (for example, gain VSWR, polarization, and beam width) are similar for a 5-GHz and 2.4-GHz radio. While conducting a dual-band site survey, how to configure the 5-GHz radio, relative to the 2.4-GHz radio, in order to achieve similar cell size? A. The 5-GHz radio power level should be higher than the 2.4-GHz radio. B. The 5-GHz radio should use BPSK modulation and the 2.4-GHz radio should use CCK modulation. C. The 5-GHz radio power level should be lower than the 2.4-GHz radio. D. The 5-GHz radio should use CCK modulation and the 2.4-GHz radio should use BPSK modulation. Answer: A Question: 33 An indoor 1240 AP is booting and has obtained an IP address by use of DHCP. The AP has confirmed prior controller IP addresses from a previously joined mobility group stored in NVRAM. Which action will AP take next? A. DHCP option 43. B. Layer 2 LWAPP discovery broadcast. C. Layer 3 LWAPP discovery broadcast. D. DNS resolution of CISCO-LWAPP-CONTROLLER.localdomain. Answer: A Question: 34 How to secure the LWAPP control channel? A. IPsec B. 802.11i C. GRE D. AES-CCM Answer: D Question: 35 802.11i is a forthcoming specification that will clear up a number of security problems in 802.11. For the following items, which 802.11i key can provide data origin authenticity during the four-way handshake and the group key handshake messages? A. Key Caching Key B. Key Encryption Key
Page 11 of 70
Total Questions
240
C. Groupwise Master Key D. Key Confirmation Key Answer: D Question: 36 The IEEE 802.11 standards define different encryption mechanisms. Which is the basic of defining the most secure encryption solution in IEEE 802.11 standards? A. IPSEC B. WEP C. AES-CCMP D. TKIP Answer: C Question: 37 Comparing with LEAP, which is the advantage of EAP-FAST? A. EAP-FAST allows authenticated in-band PAC provisioning, whereas LEAP uses anonymous in-band PAC provisioning, which is transparent to the user. B. LEAP only supports user and password changes in conjunction with MS-CHAPv2, whereas EAP-FAST supports user and password changes when using MS-CHAPv2 or OTP or PAC. C. EAP-FAST exchanges user credentials within a TLS tunnel whereas LEAP exchanges credentials information in clear, which allows possible offline "dictionary attacks." D. EAP-FAST works with the 802.11 authentication algorithm "open eap," and also with "networkeap," whereas LEAP is limited to the 802.11 authentication algorithm "network-eap" only. Answer: C Question: 38 You work as a network engineer at certways.com, study the subject carefully.A WLAN deployment will use a combination of Cisco Aironet AP 1240s and multiple Cisco 4404 Wireless LAN Controllers to provide wireless LAN access to end-users. The network administrator has decided to use DHCP Option 43 to enable the APs to discover the wireless LAN controllers. When configuring the DHCP scope, which format should be used for the Cisco WLC addresses? A. a comma-separated ASCII string of Cisco WLC virtual IP addresses B. a comma-separated ASCII string of Cisco WLC AP-manager addresses C. a comma-separated ASCII string of Cisco WLC management addresses D. a hexadecimal string of Cisco WLC management addresses Answer: D Question: 39 For the following cipher suites, which were defined in the IEEE 802.11i-2004 standard, and then again in the 802.11-2007 standard? A. AES-CCMP B. WEP-40 C. TKIP D. WEP-104 Answer: A, B, C, D
Page 12 of 70
Total Questions
240
Question: 40 What type of EAP will the diagram below illustrate?
A. EAP-MD5 B. PEAP C. EAP-GTC D. EAP-FAST Answer: D Question: 41 Understanding the distances between the access points is very important while designing a WLAN network. Which two tools could measure the distances on floor plans? (Choose two.) A. AutoCAD B. Cisco WCS Planning Mode C. Cisco WCS Map Editor D. Cisco Spectrum Expert Answer: A, C Question: 42 A lightweight AP has been deployed in local mode in a network consisting of 10 wireless LAN controllers in a single mobility group. The AP has been configured to use primary, secondary, and tertiary WLCs. Because of a major power failure, the AP's primary, secondary, and tertiary Cisco WLCs are all unavailable. Which action will be taken next by the AP? A. The AP will attempt to join the Cisco WLC with the greatest amount of available capacity. B. The AP will attempt to join a Cisco WLC configured as a "Master Controller." C. The AP state will transition to AP Fallback Mode and continue providing limited WLAN services (that is, no new client authentications) until a WLC is again available.
Page 13 of 70
Total Questions
240
D. The AP will reboot and repeatedly attempt to join the configured primary, secondary, and tertiary Cisco WLCs in that order. The process will continue until one of the configured WLCs is again available. Answer: B Question: 43 Given: LAG bundles all distribution ports on a WLC into a single 802.3ad port channel. The system load-balances access points transparently to the user. Question: Which two items should be taken into consideration when configuring the neighbor Ethernet switch? (Choose two.) A. LAG requires the EtherChannel to be configured for the "on" mode on the Catalyst switch. B. The load-balancing method configured on the Catalyst switch must be based on Layer 2, not Layer 3. Failure to follow this recommendation may result in problems with access pointassociation. C. LAG requires that the Catalyst switch be configured with Cisco PAgP. Link Aggregation Control Protocol is not supported. D. The Cisco WLC relies on the neighbor switch to load-balance traffic across the EtherChannel. The Cisco WLC does not perform any EtherChannel load-balancing on its own. Answer: A, D Question: 44 Which method can be used by the Cisco Wireless LAN Controller system to determine whether there is a rogue AP or not? A. observation of unencrypted traffic that should be encrypted for an SSID that it owns B. detection of an organizationally unique identifier not assigned to Cisco devices C. detection of a AP MAC address not registered to it D. rejection of a SNMP poll by the rogue AP Answer: C Question: 45 RADIUS authentication requires that a shared secret be configured into the RADIUS server and RADIUS client. In your centralized or autonomous wireless system, users are authenticating through RADIUS to a certain WLAN/SSID. After each user connects, the authenticator sends an authentication request to the RADIUS server, and then what will happen? A. If the username and password are correct, it receives an access-accept in response. If the authentication operation was successful, the authenticator sends an authorization request to the RADIUS server with the WLAN/SSID information. B. If the username and password are correct, and the WLAN/SSID information that is sent in the request matches the information in the user profile, the RADIUS server sends back an accessaccept in response. C. If the username and password are correct, it receives an access-accept in response, along with a list of check items for the user, including WLAN/SSID information. D. If the username and password are correct, it receives an access-accept in response, along with a list of reply attributes for the user, including WLAN/SSID information. Answer: D Question: 46 For the following commands, which one can determine the health of a RADIUS server on an autonomous AP?
Page 14 of 70
Total Questions
240
A. show radius statistics B. debug radius-server C. show radius table {server_ip} D. show radius-server {server_ip} Answer: A Question: 47 Which primary methods is of configuration management for the Mobility Express Solution? A. CLI and Web GUI B. CCA and Web GUI C. CCA and CLI D. CLI, Web GUI, and CCA Answer: B Question: 48 What is the major use of the Network Allocation Vector? A. The NAV is a value that indicates to a station the delivery traffic indication map information that is currently being provided by the MAC layer. B. The NAV is a value that indicates to a station the remaining time allocated prior to releasing access control. C. The NAV is a value that indicates to a station the amount of time that remains before a medium will become available. D. The NAV is a value that indicates to a station the present utilization of the access point through the information elements. Answer: C Question: 49 Observe the following WLC debug commands, which one can display the self-signed certificate key hash for an access point that is unable to associate to a WLC? A. debug cert ssc enable B. debug lwapp errors enable C. debug crypto trace enable D. debug pm pki enable Answer: D Question: 50 How does the Cisco Location Appliance locate a client or rogue access point? A. Use Time Difference of Arrival B. Use triangulation C. Use RF fingerprinting D. Use closest access point method Answer: C Question: 51
Page 15 of 70
Total Questions
240
On a Cisco Unified Wireless Controller, which three Access Point modes allow for client connectivity? (Choose three.) A. Local Mode B. Bridge Mode C. H-REAP Mode D. Monitor Mode Answer: A, B, C Question: 52 Which one of the following commands could limit WLC output from subsequent debug commands to show only information associated with a specific wireless client device that has the MAC address 00:0c:41:07:33:a6? A. debug mac addr 00:0c:41:07:33:a6 B. debug mobility addr 00:0c:41:07:33:a6 C. debug mobility addr 00:0c:41:07:33:a6 enable D. debug mac addr 00-0c-41-07-33-a6 enable Answer: A Question: 53 While using a WLC solution, how is it necessary to differentiate traffic from different WLANs in a wireless sniffer trace? A. An AP uses one radio interface per WLAN. A station selects the radio interface as a kind of WLAN selection. B. The WLAN is visible in the 802.11 fixed parameters with the IDs 64, 65, and 81. C. An AP uses one BSSID per WLAN. A station uses the corresponding BSSID in all its data frames. D. An AP uses one SSID per WLAN. A station tags its data frames with the corresponding SSID. Answer: C Question: 54 When performing a Layer 2 intra-controller roam on a WLC, an 802.11i client is experiencing greater latency than expected. You guess that PKC is not working correctly. Which two CLI commands can verify your theory? (Choose two.) A. show pmk-cache all will verify the existence of a valid PMK on the WLC. B. show advanced eap will show PKC state and timeout values. C. debug dot1x aaa enable will show the WLC communicating with the AAA server during client roaming, if PKC is not functioning. D. show advanced client-handoff will show which client has a PKC entry that can be used for roaming. Answer: A, C Question: 55 What information is needed to add a Cisco WLC into the Cisco WCS? A. IP address of virtual interface B. IP address of AP manager interface C. IP address of management interface
Page 16 of 70
Total Questions
240
D. IP address of service port Answer: C Question: 56 The following message can be seen on a wireless LAN controller: Reached Max EAP Identity Request retries (5) for STA 00:11:22:33:44:55 What does this message indicate? A. The WLC has requested initial EAP authentication information from the NIC, but has not received a response after five tries. B. The initial access request from the WLC to the RADIUS server was successful, but the NIC at 00:11:22:33:44:55 did not respond to five subsequent access-challenges. C. The RADIUS server was unresponsive to five WLC access requests to authenticate the user with the MAC address 00:11:22:33:44:55. D. The authentication sequence completed with an access-reject from the RADIUS server five times, after which the NIC card was excluded by the WLC. Answer: A Question: 57 In order to be able to communicate with the WDS master, what must be configured on the APs while setting up a WLAN for Wireless Domain Services? A. username and password valid on the AAA server B. multicast group for the WDS C. IP address of the master WDS and any backup master WDS D. pre-shared key which matches that of the master WDS Answer: A Question: 58 You work as a network administrator for company A. Study the exhibit carefully. Intermittent outages are occurring in a WLAN environment on a large corporate campus. No rogue APs have been detected and Cisco Spectrum Expert is now being utilized to help discover the source of interference. Judging from this Cisco Spectrum Expert screen, which interference type will you suspect?
Page 17 of 70
Total Questions
240
A. Bluetooth B. wireless video camera C. DECT phone D. microwave oven Answer: A Question: 59 Which statement accurately describes AP power as related to Cisco 7921 wireless IP phone deployment? A. AP power should be set to a value that ensures 15-20% overlap between cells. B. A 7921 wireless IP phone will roam to the AP with the most powerful signal prior to an outgoing call only. C. AP power should be set to the maximum, in order to ensure good signal strength. D. A 7921 wireless IP phone will roam to the AP with the most powerful signal before or during an outgoing call. Answer: A Question: 60
Page 18 of 70
Total Questions
240
The proper design of a VoWLAN network can be supported by which two guidelines?(Choose two.) A. In order to prevent multipathing, the distance between access points should not exceed the heights of the rooms in which they are installed. B. For an ideal voice-ready wireless cell size, the radius or size of each cell should be -67 dBm. C. A VoWLAN network using 802.11a radio needs an access point approximately every 4 meters (13 feet). A VoWLAN network using 802.11b/g radio needs an access point approximately every 8 meters (26 feet). D. If there are numerous clients in an area, or the supported data applications require significant bandwidth, capacity can be added to the network by using more access points on spectrally exclusive (in other words, non-overlapping) channels. Answer: B, D Question: 61 You are a network technician. Study the following exhibit carefully. A Cisco Aironet 1131 Access Point has failed and should be replaced. Both DHCP Option 43 and DNS discovery have not been used in this network. A replacement Aironet 1131 Access Point is retrieved from the spares inventory and plugged into the same Ethernet jack that the failed AP was using. The AP has been configured with the wrong IP address. Which step is the next in repairing the failed AP?
A. Create and apply a Cisco WCS migration template. B. Prime the AP with the correct controller IP address by placing it in the same VLAN as the Cisco WLC management address. C. Connect a serial console cable to a laptop and correct the AP IP address. D. Clear the AP by holding down the reset button while rebooting.
Page 19 of 70
Total Questions
240
Answer: A Question: 62 Which statements are true about noise in an 802.11b/g environment (2.4-GHz)? A. Noise is defined as a 2.4-GHz signal that is not in an 802.11 DSSS format but is in the frequency range of the access point's configured channel. B. Microwave Oven, Cordless Phones, Jammers C. Any signal that the access point cannot decode is considered noise. D. 802.11 2.4-GHz frequency-hopping radio Answer: A, B, C, D Question: 63 In the process of deploying a Cisco 7921G wireless IP phone within the Cisco Unified Wireless Network, which feature will be implemented between the phone and the access point to mitigate one-way audio? A. NMSP B. DTPC C. DCA and TPC D. AKM Answer: B Question: 64 Which statement correctly describes preambles? A. It may be necessary to configure an AP for long preambles, because some clients are not capable of using short preambles. B. Support for short preambles is mandatory. C. It may be necessary to configure an AP for short preambles, because some clients do not understand the additional information transmitted in long preambles. D. For maximum throughput for both types of cards, short preambles should be turned off when there is a mixture of 802.11b and 802.11g clients. Answer: A Question: 65 What is the reason that interference is generally more of an issue at the receiver than the transmitter? A. Signal levels at the receiver are logarithmically less than signal levels at the transmitter. B. There are more receivers than transmitters. C. Signal levels at the transmitter are logarithmically less than signal levels at the receiver. D. It is unusual in wireless to receive and transmit at the same time, therefore the receiver can't detect the interference. Answer: A Question: 66 Which feature should be provisioned on all controllers in order for Radio Resource Management to operate correctly amongst multiple controllers in which APs are able to hear each other? A. the same mobility group
Page 20 of 70
Total Questions
240
B. the same ASCII RF group name C. Layer 2 LWAPP only D. the same WEP Key Answer: B Question: 67 Which description is correct with regard to the operation of an access point in Rogue Location Discovery Protocol mode? A. The AP determines whether or not a rogue access point is on a trusted network. It does not provide RF service of any kind, but rather receives periodic rogue access point reports from the controller, and sniffs all ARP packets. If it finds a match between an ARP request and a MAC address it receives from the controller, it generates a rogue access point alert to the controller. B. The AP uses the existing wireless infrastructure in order to scan for rogue APs. Once discovered, these rogues are added to a local list that includes the rogues' BSSIDs, MAC addresses, and any discovered security provisions (WPA, WEP, etc.). C. The AP moves to the rogue channel and attempts to connect to the rogue as a client. The AP then tries to obtain an IP address and forwards a UDP packet to the controller through the rogue. If the controller receives this packet, the network administrator is notified that a rogue AP has been discovered on the wired network. D. The AP detects a rogue client, and then the network administrator is able to contain both the rogue AP and the rogue clients. This can be achieved because 802.11 deauthentication packets are sent to clients that are associated to rogue APs, so threats such as holes are mitigated. Answer: C Question: 68 Cisco Client Management Frame Protection is running on a mobility group with two controllers. For the following options, which two MFP requirements protect the network? (Choose two.) A. requires the use of a nonbroadcast SSID B. requires CCXv5 C. implements the validation of wireless management frames D. forces clients to authenticate, using a secure EAP method only Answer: B, C Question: 69 How to differ EAP-TLS from Microsoft PEAP? A. EAP-TLS requires a client certificate. B. EAP-TLS does not require a certificate. C. Both EAP-TLS and Microsoft PEAP require client certificates but Microsoft PEAP is described in RFC 2716. D. Microsoft PEAP is more secure. Answer: A Question: 70 You work as a network administrator. Your company has two WLCs correctly configured for redundancy. You used the default AP Fallback settings. Because of a power problem, the primary controller fails and then the secondary controller takes over operation of the LWAPP APs.
Page 21 of 70
Total Questions
240
Which action will be taken by the APs after restoring the power to the primary controller? A. The APs will automatically rejoin the primary WLC. Because WLC redundancy is stateful, service to the APs will not be interrupted while they are rejoining the primary WLC. B. The APs will remain joined to the secondary WLC until the network administrator manually forces them back to the primary WLC. During the process of forcing them back, service to the APs will be interrupted. C. The APs will automatically rejoin the primary WLC. While the APs are rejoining the primary WLC, service to them will be interrupted. D. The APs will remain joined to the secondary WLC and the configuration will be updated (the secondary WLC will become the primary WLC, and the primary the secondary). Answer: C Question: 71 Which four components are of CSMA/CA? A. fragmentation, PCF, collision, backoff B. carrier sense, DCF, acknowledgment frames, RTS/CTS medium reservation C. fragmentation, PCF, acknowledgment frames, RTS/CTS medium reservation D. carrier sense, collision, jam sequence, backoff Answer: B Question: 72 Observe the following error message carefully: Error Message DOT11-TKIP_MIC_FAILURE_REPEATED: Two TKIP Michael MIC failures were detected within [number] seconds on [interface] interface. The interface will be put on MIC failure hold state for next [number] seconds Which option is correct about this error message? A. Because MIC failures usually indicate an active attack on your network, the access point is throttled and put on hold for the configured time. Access by new stations is restricted until the timer expires. B. Because MIC failures usually indicate an active attack on your network, the interface will be put on hold for the configured time. During this hold time, stations using TKIP ciphers are disassociated and cannot reassociate until the hold time ends. Once the hold time ends, the interface will begin to operate normally again. C. Because MIC failures usually indicate a passive attack on your network, the interface input queues are placed on hold for the configured time. During this hold time, all traffic is dropped until the hold timer expires. Once the hold time ends, the interface will begin to operate normally again. D. Because MIC failures usually indicate a passive attack on your network, the interface MIB counter will be incremented. During hold time, stations using TKIP ciphers are still allowed to associate and establish authentication. Answer: B Question: 73 Which two items are the purposes of a pre-site survey walkthrough? (Choose two.) A. identify potential problem areas B. define intended coverage areas C. determine the final location of APs and antennas D. identify sources of RF signal attenuation and RF interference
Page 22 of 70
Total Questions
240
Answer: A, B Question: 74 For the following statements, what are the key RF deployment guidelines for WLAN phones? A. VoWLAN handsets should use static WEP, since it provides the fastest roam times and the security of VoWLAN calls is not a high priority. B. Follow standard WLAN site survey procedures to minimize cell overlap and interference. In addition, ensure that the cell edge has a minimum power level of -67 dBm and an error rate less than 1%. The power level of the APs and the handset should match, and should also provide sufficient call capacity. C. The RF deployment guidelines are the same as those for any other WLAN client: perform a site survey to ensure appropriate coverage for the required bit rate and minimize channel overlap. D. Use patch antennas to provide higher gain and better coverage and use the highest power on the AP. This will ensure maximum coverage and minimize the number of dropped calls. Answer: B Question: 75 Your company has just completed constructing a new automobile parts manufacturing facility. The facility IT manager would like to implement voice over WLAN. During your initial walkthrough, you see numerous highly reflective surfaces on the manufacturing equipment and in the building construction itself. What potential problem exists that should be accounted for during your site survey? A. RF signal absorption B. multipath distortion C. RF signal attenuation D. Fresnel zone impedance Answer: B Question: 76 Can you tell me which three of the following items are configurable settings on each SSID for the Cisco 802.11 Access Point High Speed WAN Interface Card? (Choose three.) A. guest mode B. quality of service C. infrastructure SSID D. maximum number of client associations Answer: A, C, D Question: 77 How to connect the new bridge to the old antenna while installing an outdoor bridge which is replacing another vendor's bridge? A. FCC and ETSI regulations do not permit the connection of disparate systems without certification. B. The 802.11 standard requires that all connectors be N-type connectors, so the bridge and antenna will interoperate with no changes. C. The connectors are proprietary to the vendor, so using an adapter that is approved by the vendor would be necessary.
Page 23 of 70
Total Questions
240
D. The connectors are proprietary to the vendor, so using an adapter available from either vendor would be necessary, but no regulatory approval is required. Answer: A Question: 78 Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked devices (clients) to obtain the parameters necessary for operation in an Internet Protocol network. While using an enterprise DHCP server to facilitate WLAN controller discovery by both Cisco Aironet 1000 Series and 1250 Series Lightweight Access Points, which two DHCP options could be supported by the DHCP server? (Choose two.) A. Option 43 B. Option 48 C. Option 60 D. Option 82 Answer: A, C Question: 79 Refer to the following options, which two are long-term solutions to hidden node problems? (Choose two.) A. enable CTS to Self B. change the RF situation by increasing the power on client work stations (None-AP-STA) C. increase the radio speed to at least 24 Mb/s D. change the RF situation by adding additional access points Answer: B, D Question: 80 According to FCC Rule # 15.407(h)(2), it is required that products operating in certain bands need to support Dynamic Frequency Selection to detect and automatically adjust channels to protect WLAN communications from interfering with military or weather radar systems. Which two 5-GHz bands must support Dynamic Frequency Selection? (Choose two.) A. UNII-1 B. UNII-0 C. UNII-2 D. UNII-2 Extended Answer: C, D Question: 81 In order to provide end-to-end QoS, how to send traffic classification information between the LWAPP AP and the WLAN controller? A. There is no end-to-end QoS, only WMM on the WLAN. This is all that is required, because campus networks typically have greater than 1 Gb/s backbones and WLANs operate at only 11 or 54 Mb/s. B. LWAPP APs map the WMM CoS values of the client traffic to the Ethernet frames and the CoS value of the Ethernet frames sent to the AP to the WMM access category. The switch upstream from the AP is responsible for converting between 802.1D classification and DSCP. C. The WMM CoS values are carried within the LWAPP tunnels and translated from CoS to DSCP to ensure that the correct priority is given to different LWAPP packets.
Page 24 of 70
Total Questions
240
D. LWAPP packets from the controller and the AP are marked by DSCP based on the DSCP of the tunneled traffic. This DSCP is converted to a CoS by a table in the AP. The access category used for each frame depends on the table CoS and QoS profile of the WLAN. Answer: D Question: 82 In a calibrated system, how statistically accurate is the Cisco Location Appliance at tracking the location of a client? A. within 5m, 90% of the time B. within 50cm, 90% of the time C. within 1m, 90% of the time D. within 10m, 90% of the time Answer: D Question: 83 Which three statements correctly describe configuring the Cisco Catalyst 6500 Series WiSM module? (Choose three.) A. Each WLC on the Cisco WiSM supports up to 150 access points. B. When LAG is disabled, the management interface must be configured on port 1. C. LAG is enabled automatically and bundles all of the distribution ports of a controller into a single EtherChannel. D. The AP Manager interface may be on the same VLAN or IP subnet as the management interface. Answer: A, C, D Question: 84 How to monitor CPU utilization on a wireless LAN controller? A. Define the network management system in the WLC with a matching read-write SNMP community to enable the WLC CPU OID to be polled with an SNMP set by the network management system. B. Define the network management system as a trap receiver and enable the default RFC 1213 traps, which include SysCPUUtilization. C. Define an external syslog receiver in the WLC that will receive a syslog message when the percentage of CPU processing ability reaches a preconfigured percentage. D. Define the network management system and community in the WLC and a matching V1 or V community-string in the network management system to enable the WLC CPU OID to be polled. Answer: D Question: 85 Which data can be passed down to an LWAPP AP by use of DHCP option 43? A. The IP address, subnet mask, and default gateway assigned to the AP. B. The Cisco WLC management interface IP address. C. The AP's ARP timeout value. D. The IP address of the Cisco WCS server, or other SNMP management system. Answer: B
Page 25 of 70
Total Questions
240
Question: 86 You see a lot of retransmissions being sent between client devices and a management server on the network while implementing the Cisco Unified Wireless Network at a customer's site. After investigating, you find out that the wireless clients see several access points, but the RSSI is very poor. After onsite evaluation, you note that there are many manufacturing machines within the factory that are highly metallic. Which type of RF problem can be fixed while performing an RF analysis within the environment? A. multipath distortion B. excessive client roaming C. free space path loss D. binary phase shift keying Answer: A Question: 87 Assume that A WLAN controller has two AP and three Cisco 7921 IP phones. In order to have good Voice quality, which item is true with regard to the RF configuration displayed?
A. The configured "Fragmentation Threshold" (2346) is too low for a voice deployment B. Cisco recommends using 802.11b/g deployment for voice to prevent interferences with microwave ovens and Bluetooth devices. C. The configured channels (Ch-36 and Ch-40) are "side/adjacent channels". The 5 GHz channels overlap their adjacent channels, so there should be at least 1 channel of separation for adjacent APs. D. 802.11a channels are manually configured. This is not allowed in a DFS environment. Answer: C Question: 88 In computer networking, CSMA/CA belongs to a class of protocols called multiple access methods. CSMA/CA stands for: Carrier Sense Multiple Access with Collision Avoidance. What is the objective for the random backoff algorithm selecting a value in CSMA/CA? A. to initialize the session frame sequence B. to determine the number of slot times the station waits to transmit C. to set the length of the short interframe space D. to minimize collisions Answer: B Question: 89
Page 26 of 70
Total Questions
240
Which three descriptions are correct with regard to traffic classification in Wi-Fi Multimedia? (Choose three.) A. Wi-Fi Multimedia defines four access categories: AC_BK, AC_BE, AC_VI and AC_VO. B. Each access category corresponds to one of four transmit queues. C. Once traffic is classified by Wi-Fi Multimedia, HCCA distributes the the transmit opportunities according to the traffic priority. D. Wi-Fi Multimedia maps the eight 802.1P (now part of 802.1D) classification schemes to four access categories. In contrast, the 802.1D classification is still sent in the actual 802.11 frame. Answer: A, B, D Question: 90 A user complains about problems authenticating via wireless. Which two of the Cisco WLC debug commands below would solve this problem? (Choose two.) A. debug mac { addr MAC} B. debug client authentication enable C. debug dot1x events enable D. debug client events enable Answer: A, C Question: 91 Which three actions will happen when a wireless client implements a Layer 3 roam between two WLCs with management interfaces on the same IP subnet and configured in Layer 3 LWAPP mode? (Choose three.) A. The client database entry is removed from the original WLC once it has been entered into the new WLC. B. The original WLC marks the client with an "Anchor" entry in its own client database. C. The database entry is copied to the new controller client database and marked with a "Foreign" entry in the new WLC. D. The client database entry is maintained on both the original and new WLCs. Answer: B, C, D Question: 92 You are a network engineer for a company. You are asked to configure an EtherChannel for ports 49 and 50 on a Cisco Catalyst 3750 Series Switch after enabling LAG on a Cisco 4404 Wireless LAN Controller. The EtherChannel need to support VLANs 8, 16, 24, and 32. In order to finish this task, which configuration is needed? A. interface Port-channel1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 8,16,24,32 switchport mode trunk B. interface GigabitEthernet1/0/49 channel-group 1 mode on interface GigabitEthernet1/0/50 channel-group 1 mode on interface Port-channel1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 8,16,24,32 switchport mode trunk
Page 27 of 70
Total Questions
240
C. interface GigabitEthernet1/0/49 switchport trunk encapsulation dot1q switchport trunk allowed vlan 8-32 switchport mode trunk channel-group 1 mode on interface Port-channel1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 8,16,24,32 switchport mode trunk D. interface GigabitEthernet1/0/49 switchport trunk encapsulation isl switchport trunk allowed vlan 8,16,24,32 switchport mode trunk channel-group 1 mode on Answer: B Question: 93 A customer tries to connect to an access point and reports that the access point could only be connected at 54 Mb/s while deploying the Cisco Unified Wireless Network to support 802.11n with encryption. Which is the reason for this problem? A. The client is set for open authentication. B. The client has DTPC enabled. C. The client does not have WPA2 AES enabled. D. The client adapter is not capable of 40 MHz. Answer: C Question: 94 Which statement best describes the function of a rogue detector access point? A. It searches the switch CAM tables in order to determine which wired port the rogue AP is connected to, and then shuts that port down. B. It can detect rogue APs and clients, while at the same time associating normal clients to the WLAN. C. Its radios are shut off, and it listens only to the wired-side ARP packets on a VLAN trunk, in order to find rogue clients and APs. D. It associates to the rogue AP as a client in order to disrupt service. Answer: C Question: 95 Cisco Wireless LAN Controllers are responsible for system wide wireless LAN functions, such as security policies, intrusion prevention, RF management, quality of service (QoS), and mobility. When receiving a shun command from a Cisco IPS, how does the WLAN controller block a client? A. by using the client name B. by using the client RF fingerprint C. by setting up an ACL in the WLAN controller to block client IP connectivity D. by using the MAC address Answer: D
Page 28 of 70
Total Questions
240
Question: 96 When receiving a CTS frame, what will an 802.11a station (STA) do? A. Respond with an RTS frame. B. Respond with a CTS ACK frame. C. Check the network allocation vector, and update it, if appropriate. D. Check the MAC address in the receiver address field to determine if it matches the frame's own address, and, if so, respond with a CTS ACK frame. Answer: C Question: 97 Quality of Service (QoS) refers to the capability of a network to provide better service to selected network traffic over various technologies. In wireless networks, what is the QoS challenge caused by the hidden node problem? A. When an AP is attempting to make an assessment of its capacity to advertise and use in TSPEC admission control, it needs to assess the number of clients it has associated. This calculation is incorrect if the AP does not see the hidden nodes and can result in capacity management issues. B. Frames are lost due to collisions of traffic between clients that cannot detect each others' channel usage, and therefore cannot defer the sending of traffic until the channel is free. Higher priority frames cannot avoid these collisions. C. Frames are lost due to collisions of traffic between clients that cannot detect each other's channel usage, and therefore cannot defer the sending of traffic until the channel is free. These collisions only impact lower priority frames, as they are sent later than high priority frames. D. A hidden node is not a QoS issue, but a security issue in which a rogue client impersonates an access point to a client and the client to the access point. Answer: B Question: 98 Which option is true while comparing PEAP-GTC (Cisco PEAP) to PEAP-MS-CHAPv2 (Microsoft PEAP)? A. PEAP-GTC allows password changes during authentication, whereas PEAP-MS-CHAPv2 does not support this. B. PEAP-GTC introduced identity protection, which allows client supplicants to use "faked" usernames during PEAP Phase 1, in order to prevent intruders from collecting usernames. C. Microsoft PEAP requires the use of IAS for the RADIUS server, whereas Cisco PEAP can be used universally on all available AAA servers that support PEAP. D. Cisco PEAP is much faster then Microsoft PEAP during re-authentication, because it supports TLS session resumption. Answer: B Question: 99 The transmit power level on an 802.11a radio is configured for 25 mW. What is the corresponding value in decibels? A. 17 dBm B. 25 dBm C. 14 dBm D. 50 dBm
Page 29 of 70
Total Questions
240
Answer: C Question: 100 Which three devices'historical locations can be tracked by the Cisco Location Appliance? (Choose three.) A. 802.11-based RFID Asset tags B. remote sources of ISM interference C. rogue access points D. trusted and rogue clients Answer: A, C, D Question: 101 Can you tell me what the LWAPP data and control port numbers are? A. TCP 16666 and 16667 B. UDP 16666 and 16667 C. TCP 12124 and 12134 D. UDP 12222 and 12223 Answer: D Question: 102 Which two features of Cisco WCS could assist with predictive design and planning without access points being fully deployed and installed? (Choose two.) A. planning mode B. Location Accuracy tool C. Inspect VoWLAN Readiness tool D. Inspect Location Readiness tool Answer: A, D Question: 103 In order to decrease roaming times with Cisco 7921G wireless IP phones implemented in a large enterprise network, which feature will you recommend? A. WPA-PSK B. Cisco CKM C. EAP-TLS + TKIP D. 802.11h Roaming Assistance Answer: B Question: 104 When configuring a Cisco 792X wireless IP phone with DHCP, what information will be in the DHCPOFFER message, and why? A. option 150, to provide the phone with the Cisco Unified Communications Manager IP address to download its XML configuration file B. option 60, to provide the phone with the IP address of the RADIUS server, if EAP is in use C. option 66, to provide the phone with the Cisco Unified Communications Manager IP address to download its XML configuration file
Page 30 of 70
Total Questions
240
D. option 150, to provide the phone with the TFTP-Server IP address to download its XML configuration file Answer: D Question: 105 Which description is correct with regard to the roaming behavior of a NIC in a desktop PC as it communicates with an access point? A. The NIC will use a vendor-dependent combination of factors in determining which AP to connect to, including signal strength, signal quality, and data rate. B. The NIC will comply with the roaming standards set forth in IEEE 802.3. C. The NIC will associate to the closest access point and only disconnect when the PC or AP is turned off. D. The NIC will associate to the closest access point, but the AP may determine that the RF environment is too congested and disconnect the PC. Answer: A Question: 106 Which service will be offered without conducting a new site survey if there is an existing 802.11g WLAN at a site? A. increase the throughput for the wireless clients B. increase the Layer 2 and Layer 3 security of the WLAN C. add new services (such as voice) over the WLAN D. add a new 802.11a WLAN Answer: B Question: 107 Take guest network best practices into consideration, which two features need to be configured on the controller while configuring a WLAN controller to support guest access? (Choose two.) A. ARP unicast B. DHCP Optional C. peer-to-peer blocking D. DHCP Required Answer: C, D Question: 108 What is the objective of VLAN 40 in this case according to the configuration excerpt presented in this exhibit?
Page 31 of 70
Total Questions
240
A. the 802.11 data frame switching VLAN B. WLCCP traffic between the Cisco WiSM and Catalyst 6500 Series Supervisor Engine 720 C. the Management VLAN for the Cisco WiSM D. the Cisco WiSM Service VLAN Answer: C Question: 109 Which command will be used to check the status of infrastructure APs from the CLI of an AP configured as a WDS master? A. show wccp wds B. show wlccp ap C. show lwapp ap D. show wlccp wds ap Answer: D Question: 110 Which item is correct about the definition of co-channel interference?
Page 32 of 70
Total Questions
240
A. interference from the same channel as the receiver channel in use B. interference from any 2.4-GHz source C. interference from any channel except the same channel as the receiver D. interference from a channel adjacent to the channel in use Answer: A Question: 111 Which one of the following commands will you use to load Cisco IOS on an autonomous AP? A. archive download-sw /overwrite tftp://server_ip/image_name B. copy flash:image_name tftp://server_ip/image_name C. copy flash tftp and respond to the interactive prompts D. config net and respond to the interactive prompts Answer: A Question: 112 Which two statements correctly describe RTS/CTS? (Choose two.) A. When the transmitted packet is equal to or larger than the RTS threshold, an RTS packet is sent. The destination node must respond with a CTS packet before the originator can send the real data packet. B. Since the introduction of EDCA (WMM and 802.11e), the RTS/CTS sequence has been rendered unnecessary. C. 802.11d replaced the RTS/CTS sequence with CTS to Self. D. The RTS and CTS are small and, if lost in a collision, they can be retried more quickly and with less overhead than if the whole packet must be retried. Answer: A, D Question: 113 The central office is currently using a combination of 4400 and 2100 series WLAN controllers running v4.2 and a variety of LWAPP-enabled access points servicing both 2.4 GHz and 5 GHz. The WLAN deployment has been extended to each remote office by implementing a 526 WLAN controller running v4.1 and several 521 access points. Wireless client deployment uses EAP-TLS authentication by use of a centralized RADIUS server plus 802.11n for performance. After the first remote office deployment, remote office users complain that they are not connecting via 802.11n. Which will most likely cause this problem? A. The 521 AP does not support 5 GHz, which prohibits 802.11n. B. The 521 AP and 526 WLAN controllers do not support AES, which prohibits 802.11n. C. The 526 WLAN controller does not support external authentication via RADIUS, prohibiting authentication. D. The 526 WLAN controller does not support 802.11n with either v4.1 or v4.2. Answer: D Question: 114 After going through the DCF process, what further process does the client go through to reserve a medium? A. send a REQ, receive an ACK, send frames B. send an RTS and SIFS, receive a CTS and SIFS, then send frames C. no process; it can begin transmitting immediately
Page 33 of 70
Total Questions
240
D. send a CTS and SIFS, receive an RTS and SIFS, then send frames Answer: B Question: 115 Which three guidelines are recommended by Cisco for proper VoIP operation? (Choose three.) A. delay should not exceed 150 ms (one-way) B. packet loss should not exceed 0.1% C. delay variation (jitter) should not exceed 30 ms D. packet loss should not exceed 1% Answer: D Question: 116 Given: The Sniffer trace shows us the packets captured on two different channels, 1) the Red-Colored is Channel-11 (Frame 1..4), and 2) the Blue-Colored is Channel-1 (Frame 5..15).Station STA with MAC address 00:40:96:a1:4e:42 roams from Channel-11 to Channel-1. Note: There in NO filter applied filtering 802.1X/EAP authentication frames. Question: Which statement best describes this Sniffer trace?
A. It shows a WPAv2 pre-shared key roaming. B. The 802.11 authentication algorithm is shared-key, data is send with WEP encryption. C. The 802.11 authentication algorithm is open, data is send with WEP encryption. D. It shows a Cisco Central Key Management (CCKM) fast secure roaming with AES encryption. Answer: D Question: 117 What is included in the reassociation request message if a Cisco CKM client roams to a new access point? A. The reassociation request contains a network session key which will be used for TLS and a sequentially incrementing rekey number. B. The reassociation request contains the EAP identity. This shortens the full EAP reauthentication. C. The element in the reassociation request includes a timestamp, the rekey request number, and an authenticated element. D. The reassociation request contains the PMKID list from the station, in order to allow the new AP to contact the old AP to inherit the key material.
Page 34 of 70
Total Questions
240
Answer: C Question: 118 What are two objectives of the 802.11a, 802.11b, and 802.11g Wi-Fi Alliance certification tests? (Choose two.) A. performance above a high throughput threshold to demonstrate compliance B. interoperability with other products certified by Wi-Fi Alliance C. compliance with the IEEE 802.11 standard D. performance above a low throughput threshold to demonstrate interoperability Answer: B, D Question: 119 Your company has a main office and many branches. It should have its users at the branches authenticate via the main office using 802.1X without having controllers at the branches. This design can be supported by which three states? (Choose three.) A. H-REAP in Connected mode B. WLAN in an authentication-local/switch-local state C. WLAN in an authentication-central/switch-local state D. WLAN in an authentication-central/switch-central state Answer: A, C, D Question: 120 Which three items can identify criteria that are important conditions for supporting Voice over WLAN? (Choose three.) A. the separation of APs on the same channels should be 19 dBm B. APs with non-interfering channels should overlap by 5-10% C. APs with non-interfering channels should overlap by 15-20% D. the minimum power at the voice cell edge should be -67 dBm Answer: A, C, D Question: 121 Study the following exhibit carefully. The People's Hospital is a large, multi-story, Level 1 trauma center located in the United States. This hospital is using a new multi-service WLAN infrastructure capable of supporting multiple enterprise data applications, wireless medical telemetry, voice over WLAN using Vocera badges, location-based services, integrated RF spectrum analysis, rogue AP detection, automatic RF power and channel optimization, and wireless guest access. The design states the use of Cisco Aironet 1242 Access Points. The People??s Hospital contracted with a Cisco Channel Partner to complete a site survey on the basis of these needs. The site survey report did not identify the exact model of antennas that should be used. Instead, the report specified that 2.0-dBi omnidirectional antennas should be used for the 2.4-GHz AP radios and 4.0-dBi omnidirectional antennas for the 5-GHz AP radios. It also specified that spatial diversity must be supported. Which two antenna models would best satisfy the 5-GHz deployment requirement specified by the site survey report? (Choose two.)
Page 35 of 70
Total Questions
240
A. Cisco 6-dBi Omnidirectional antenna B. Cisco 4.5-dBi Diversity Omnidirectional antenna C. TerraWave 5-GHz 4.0-dBi Diversity Omnidirectional antenna D. Cisco 3.5-dBi White Dipole antenna, two per AP Answer: B, D Question: 122 Before sending a frame over a medium and verifying that the medium is free, which process does a wireless client go through? A. send a CTS frame, receive an RTS frame, then transmit the frame B. verify that NAV = 0, then transmit the frame C. send an RTS frame, receive a CTS frame, then transmit the frame D. check that NAV = 0, generate a random backoff, verify that the channel is free, verify that slot times = 0, then transmit the frame Answer: D Question: 123 What is peer-to-peer blocking used for? A. prevents the use of peer-to-peer applications such as Gnutella and Kazaa B. prevents traffic from wireless client to wireless client on the same VLAN, and forces all traffic to be transferred to the upstream VLAN C. prevents wireless-to-wired traffic, but permits wireless-to-wireless traffic D. prevents internal traffic between all devices on different WLANs Answer: B Question: 124 A VoWLAN user reports bad voice quality. Which three items most likely cause this problem? (Choose three.) A. round trip delay is greater than 150 ms B. packet loss is greater than 1%
Page 36 of 70
Total Questions
240
C. jitter is greater than 30 ms D. one-way delay is greater than 150 ms Answer: B, C, D Question: 125 Study the given conditions carefully, then answer the following question. Wireless client (CB21) configured for SSID "CCIE-2". Configure standalone authonomous AP with three data VLANs plus the native VLAN. AAA server configured for LEAP and EAP-FAST authentication and dynamic VLAN assignment. Question: Why is this wireless client not able to associate to the network?
A. Attributes in use are not correct for VLAN assignment. B. Encryption should be configured under the SSID but it is configured under the VLAN. C. An RF issue, the client disconnects right after the successful authentication. D. The encryption and the key-management from the SSID/VLAN the client uses to associate must match the encryption and key management the AAA server assigned during the authentication/authorization process. Answer: D Question: 126 Which statement best describes MAC authentication? A. The MAC address can be spoofed, so it is insecure. B. Users will not be able to connect unless some form of encryption is also used. C. The MAC address is used in place of the username in the EAP certificate exchange. D. If WEP is used as a key cipher, the MAC address may be used in the key hash. Answer: A Question: 127 Can you tell me when a client will provide an AP with its version of Cisco Compatible Extensions for WLAN devices? A. when the AP sends an unsolicited update embedded in a beacon packet B. in an 802.11 association or re-association request frame C. upon successful EAP or dot1X authentication to the AP D. in a broadcast probe request packet Answer: B
Page 37 of 70
Total Questions
240
Question: 128 When an 802.11i wireless client with PKC enabled attempts an intra-controller roam between two APs on the same WLC, what will happen? A. The client will send its re-association request using the GTK so that both APs can decrypt it. The WLC then updates its client table to represent the client MAC address and PTK as being associated to the new AP. B. The client re-computes a PMKID from the previously used PMK and sends it during the association process. If the WLC finds a match in its PMKID cache then the client can proceed with key exchange without involving the AAA server. C. The client begins a new 802.1X authentication request and recomputes its Pairwise Master Key. D. The client will continue to use the same PTK and GTK, since authentication happens on the WLC and not the AP. Answer: B Question: 129 Certways University will soon complete a second building on its main campus. It wants to use Gigabit Ethernet fiber to connect two buildings. In order to satisfy the university's requirements of a new WLAN network for its buildings. Which three questions will you ask to arrive at an appropriate design? (Choose three.) A. How many access points do you expect to need in your new building that is under construction? B. How many end users are there and what is the throughput per user needed? C. What is the security policy of your organization for wireless networks? D. Which mobility services do you need to run over your WLAN network? Answer: B, C, D Question: 130 Which debug command could determine whether an AP is registering with a WLC or not? A. debug lwapp ap {AP-MAC} enable B. debug wlccp dump C. debug lwapp events enable D. debug wlccp dump enable Answer: C Question: 131 Which two statements best describe hidden node problems? (Choose two.) A. Hidden node problems can be diagnosed and verified by enabling CTS to Self. B. The 802.11 MAC frame exchange protocol addresses these problems by adding two additional frames to each frame exchange (a RTS and CTS frame). C. 802.11 WLAN media access is based on CSMA/CA. Therefore, every data frame needs to be acknowledged by the receiver. D. Hidden node problems occur because each WLAN STA cannot be expected to communicate directly with every other WLAN STA. Answer: B, D Question: 132
Page 38 of 70
Total Questions
240
Do you know how many WMM access categories there are, and how they relate to the IEEE 802.1D priority classification? A. There are two access categories: Best Effort and Voice. IEEE 802.1D, SVP, or CDP determine which access category is used. The access category used determines which EDCA timing parameters are used for transmitting the frame. B. There are eight WMM access categories that directly correlate to the IEEE 802.1D priority classification. The access category used determines which EDCA timing parameters are used for transmitting the frame. C. There are four WMM access categories: Best Effort, Background, Video, and Voice. A fixed mapping of priority information carried in the 802.1D Priority field to those four queues is defined by the Wi-Fi Alliance, together with suggested uses for each priority that are consistent with the suggested uses in 802.1D. D. WMM access categories are part of the 802.11i AAA security standards, and define the different levels of client access in WPA, and WPA2. They have no relationship to IEEE 802.1D. Answer: C Question: 133 Which two technologies can the IEEE 802.11h amendment introduce? (Choose two.) A. HCCA B. DFS C. EDCA D. TPC Answer: B, D Question: 134 Study the following exhibit carefully. Configure this client supplicant and AAA server for PEAPMS-CHAPv2. According to this debug and show output, which device is causing this client to be unable to connect and why?
Page 39 of 70
Total Questions
240
A. the client supplicant: it is not configured for dot1x B. the RADIUS server: it provides the wrong server certificate (missing enhancement key usage field) C. the AP: it is misconfigured, because the RADIUS server port configuration is incorrect D. the client supplicant: due to an invalid Protected Authentication Credential
Page 40 of 70
Total Questions
240
Answer: A Question: 135 Which is the objective of a radome? A. to reduce the mechanical load from wind B. to indicate which way the antenna is pointing C. to increase the gain of an antenna D. to mitigate interference Answer: A Question: 136 Which action should be taken to collect and view a remote WLAN packet capture by use of a supported packet analyzer from an AP? A. change the AP mode to Sniffer, create a remote adapter with the Cisco WLC management IP on a packet analyzer B. change the AP to Sniffer mode, specify a time interval, and read packet captures from Cisco WLC management C. change the AP mode to Sniffer, configure the server IP address on the AP radio, and create a remote adapter with the Cisco WLC management IP on a packet analyzer D. change the AP to Sniffer mode, download a capture from the Cisco WLC, and open the capture with a packet analyzer Answer: C Question: 137 After examining the output from the show wlccp ap command on your infrastructure AP, you discover that the AP is registered with the WDS AP. Then you observe the output of the show wlccp wds ap command on the WDS and find that the AP is registered. After reaching this infrastructure AP, how will authentication request traffic from wireless clients flow? A. 1.Traffic will be forwarded to the WDS via WLCCP. 2.The WDS will send the authentication requests to the RADIUS server. 3.The WDS will receive the server response. 4.The WDS will communicate the status back to the infrastructure AP. 5.The infrastructure AP will add the client to the association table if an access-accept has been received from the RADIUS server. B. 1.Traffic will be forwarded to the RADIUS server. 2.If an access-accept is received from the RADIUS server, the infrastructure AP will notify the WDS AP, so that the WDS AP can track the client for the purposes of inter-AP roaming. C. 1.Traffic will be forwarded to the WDS via WLCCP. If the client is already in the WDS mobility table, the WDS will notify the infrastructure AP and no further action will be taken. If the WD does not find the client in its mobility table, the following steps will be taken. 2.The WDS will notify the infrastructure AP. 3.The infrastructure AP will forward the traffic to the RADIUS server. 4.If the infrastructure AP receives an access-accept from the RADIUS server, it will notify the WDS. D. 1.Traffic will either be forwarded to the locally defined RADIUS server, or sent to the WDS via WLCCP.This can be set up on a per-SSID basis. Answer: A
Page 41 of 70
Total Questions
240
Question: 138 Which statement best describes shown Sniffer trace? A. Frame-3 is an invalid packet. BSSID is missing and duration is the same as in frame-1 (=17) although those two packets have different data-lengths, 48 versus 66 bytes. B. Frame-3 is a retransmission of frame-1 because the corresponding ACK (frame-2) is not protected (protected-flag in frame-2 is set to zero.) C. STA with MAC address 00:1b:77:05:4a:b9 is associated to two AP's ("Solid 802.11 redundancy"); therefore, we see the all data packets duplicated. D. STA with MAC address 00:1b:77:05:4a:b9 is associated to a Repeater-AP with MAC address 00:1d:45:7e:cf:50. The Repeater-AP is associated to Root-AP with MAC address 00:1d:a1:90:c3:20. Answer: D Question: 139 As part of the CSMA/CA algorithm for controlling wireless contention, which factor can be used in deriving the Network Allocation Vector in a packet? A. duration field B. DIFS C. EIFS D. SIFS Answer: A Question: 140 You work as a network designer. You are tasked with designing a wireless network for a high-rise dormitory in New York City. Each floor is about 10,000 square feet with identical Apartment layouts. You use the Cisco WCS planning tool to run the floor plan, and it is recommending three APs per floor. Which step is the next? A. review physical locations for mounting APs B. perform a physical site survey C. decide which authentication method will be appropriate D. prepare a Bill of Materials Answer: B Question: 141 Which one of the following issues is the RTS/CTS mechanism used to address in an 802.11b network? A. hidden node problem B. Network Allocation Vector synchronization C. bandwidth overload D. 802.11a compatibility Answer: A Question: 142 Tom is a network engineer. He has just been tasked with recommending an AP for use in the outdoor courtyard of a hospital that is already using controllers. The courtyard is 50 feet wide by 50 feet long, and is surrounded by brick walls. An outdoor network connection and AC power
Page 42 of 70
Total Questions
240
receptacle will be available near the only door to the courtyard. Which should be included in Tom's recommendation? A. Cisco Aironet 1522 Access Point with an omnidirectional antenna B. Cisco Aironet 1310 Access Point with no external antenna C. Cisco 3200 Series MARC with no external antenna D. Cisco Aironet 1242 Access Point with no external antenna Answer: B Question: 143 Which three parameters can be used in calculating the range of an outdoor link between two bridges? (Choose three.) A. Fresnel Zone diameter B. antenna gain C. cable length between bridge and antenna D. bridge transmission power Answer: B, C, D Question: 144 Which information is most important for you to obtain from the customer in order to correctly design a wireless network? A. previous experience with the old wireless network B. most active users on the network C. critical applications that will run over the WLAN D. issues concerning security breaches in the old security standards Answer: C Question: 145 According to the following exhibit, WLC1 is using WLC2 as a mobility anchor for the "Guest" WLAN. Which two traffic paths should be allowed through the firewall that sits between the two WLCs? (Choose two.)
Page 43 of 70
Total Questions
240
A. IP protocol 97 between 192.168.101.100 and 192.168.201.100. B. IP protocol 47 between 192.168.101.100 and 192.168.201.100. C. UDP ports 16666 and 16667 between 192.168.1.100 and 192.168.2.100. D. IP protocol 97 between 192.168.1.100 and 192.168.2.100. Answer: C, D Question: 146 Do you know at what distance the curve of the earth factors into the antenna elevation calculation? A. greater than 6 miles (~10 km) B. 60% of the Fresnel zone C. greater than 26 miles (~42 km) D. the width of the Fresnel zone, which varies depending on the distance by which the bridges are separated Answer: A Question: 147 Which characteristic of wireless LAN controller allows traffic from clients communicating with each other on the same SSID to be bridged, dropped, or forwarded at the wireless LAN controller? A. multicast optimization B. HREAP C. client bridge mode
Page 44 of 70
Total Questions
240
D. peer-to-peer blocking Answer: D Question: 148 Which three functions will the access point in a Split-MAC architecture handle? (Choose three.) A. 802.11i encryption B. 802.11i key management C. 802.11e queuing D. beacon generation Answer: A, C, D Question: 149 The Certways University has 20 buildings and 10,000 students. It wants to implement a single SSID across the whole campus. On the basis of university policy, students in the auditorium should not have Internet access, because standardized testing will be carried out there. Which feature will be helpful for deploying the university's SSID? A. AP groups B. WLAN override C. MAC filtering D. AAA override Answer: A Question: 150 While configuring Wireless Domain Services, which port is used for traffic between infrastructure APs and the WDS AP? A. Generic Routing Encapsulation GRE which is IP Protocol 47 B. UDP destination and source protocol port 1645 (0x066D) C. UDP destination and source protocol port 1812 (0x0714) D. UDP destination and source protocol port 2887 (0x0B47) or Ethernet Type 34605 (0x872D) Answer: D Question: 151 Which device controls Radio Resource Management in a centralized WLAN environment with multiple WLCs configured for mobility? A. the AP that wins the RF election B. the RF group leader C. all the controllers in the same mobility group D. the controller to which APs are currently registered Answer: B Question: 152 On the basis of a site survey report, 172 APs are required to meet the coverage needs. The IT Director insists on an N+1 controller redundancy design for the access points. In addition, the design should allow for growth of as much as 10% in the number of access points. What is the minimum WLAN controller configuration required to support these requirements?
Page 45 of 70
Total Questions
240
A. four 4402 Wireless LAN Controllers B. four 4404 Wireless LAN Controllers C. three 4404 Wireless LAN Controllers D. one Cisco Wireless Service Module Answer: C Question: 153 For the following Cisco IOS features, which one allows an access point to broadcast more than one SSID? A. guest mode B. MBSSID C. broadcast key rotation D. BBSSID Answer: B Question: 154 Which standard should be met in order to ensure clients of H-REAP can maintain connectivity to the VLAN at a controller? A. The one-way-trip WAN delay should not exceed 100 milliseconds. B. WAN jitter should not exceed 10 microseconds. C. The round-trip WAN delay should not exceed 100 milliseconds. D. WAN jitter should not exceed 10 milliseconds. Answer: C Question: 155 Which properties are of an AP in H-REAP mode? A. Can switch client data traffic locally. B. Perform client authentication locally when its connection to the controller is lost. C. Support Cisco Centralized Key Management fast roaming. D. Allows some SSID/VLAN traffic to be switched locally while other SSID/VLAN traffic has full LWAPP functionality. Answer: A, B, C, D Question: 156 While using EAP type equal to PEAP with server-side TLS authentication, which option is correct? A. The EKU field is required in the server certificate on the RADIUS server. B. The RADIUS server must be compliant with Cisco Compatible Extensions. C. The issuer of the certificate is Microsoft. D. Private and public keys must be shared by the client, controller, and RADIUS server. Answer: A Question: 157 How do the characteristics that are available on the Cisco WCS for Linux version differ from those of the Cisco WCS for Windows version?
Page 46 of 70
Total Questions
240
A. Cisco WCS for Linux is required for deployments. B. Assuming that there are no differences in hardware, a Cisco WCS for Linux can support up to 750 wireless LAN controllers. A Cisco WCS for Windows can support up to 250 wireless LAN controllers. C. Cisco WCS for Windows includes support for Cisco Spectrum Expert clients. Cisco WCS for Linux does not support Cisco Spectrum Expert clients. D. There are no differences in features between the Linux and Windows versions of Cisco WCS. Answer: D Question: 158 The 2.4-GHz wavelength is about 4.92 inches (12.5 cm), if you want to support diversity on a 2.4GHz radio, at what distance is it recommended you put two separate antennas? A. 7.6 inches (19.30 cm) B. 12.2 inches (30.99 cm) C. 4.92 inches (12.5 cm) D. 24.6 inches (62.5 cm) Answer: C Question: 159 You are a network technician. According to the following exhibit, a client configured for LEAP authentication, a RADIUS server configured for LEAP, and an autonomous AP configured as Displayed. If authentication fails for the client, which is the most likely cause of this problem ?
Page 47 of 70
Total Questions
240
A. The client supplicant: This client is providing the wrong EAP-ID in its EAP Identity response. B. The RADIUS server timeout: This timeout is too short; the access point will wait for the RADIUS server, then the timer will expire and authentication will fail. C. The RADIUS server at 192.168.1.22: There is either a RADIUS key mismatch or user credentials are not matching on the RADIUS Server.
Page 48 of 70
Total Questions
240
D. The AP: The AP is misconfigured, because the authentication is set to use the local database on the AP. Answer: D Question: 160 Which two actions will happen when a wireless client deploys a Layer 2 roam between two WLCs with management IP addresses on different IP subnets but dynamic interfaces in the same VLAN? (Choose two.) A. The new WLC exchanges mobility messages with the original WLC and the client database entry is moved to the new WLC. B. The client database entry is maintained on both the original and new WLCs. C. The original WLC marks the client with an "Anchor" entry in its own client database. D. The client database entry is removed from the original WLC once it has been entered into the new WLC. Answer: A, D Question: 161 What is the reason that using a tool like Cisco Spectrum Expert is important? A. It maps the RF area to a floor plan. B. It allows you to detect multipath. C. It allows you to see the radiating environment at Layer 1. D. It decodes WLAN IPS attacks Answer: C Question: 162 In the AP Layer 3 controller discovery process, after the LWAPP Discovery Request is broadcast on a local subnet, which action will AP take next? A. Send an LWAPP response to the master controller if known. B. Send an LWAPP discovery request to controllers learned via OTAP if operational. C. Wait 5 seconds and resend a Discovery Request to the local subnet. D. Determine whether the controller responses are the primary controller. Answer: B Question: 163 Which three options are true when an H-REAP AP is in the "authentication down/local switching" state for a given WLAN? (Choose three.) A. New WebAuth sessions are permitted. B. The AP continues to send beacon probes and responses to keep current clients connected. C. 802.11 roaming events incur a full 802.1X re-authentication. D. Any new clients trying to authenticate are rejected. Answer: B, C, D Question: 164 The following message can be seen on a Cisco WCS: AP 'floor-1-lobby', interface '802.11b/g' on Controller '10.1.1.1'. Noise threshold violated.
Page 49 of 70
Total Questions
240
There is also a correlation between the occurrence of the message and user complaints. Which action should you take? A. Check the logs for rogues in the area, then turn on rogue mitigation. B. Seek out the source of the noise with a spectrum analyzer. C. Manually increase the power of the AP to overcome the interference. D. Increase the interference threshold from the default 10%. Answer: B Question: 165 Tom works as a network administrator for a company. He is asked to manually configure the Tx power on an 802.11b access point to a power level of 1 (100 mW) after implementing a Cisco 7921G wireless IP phone within a Cisco Unified Wireless Network. Which problem is the user likely to experience when the phone associates to the AP? A. one-way audio B. loss of connectivity to Cisco Unified Communications Manager C. audio delay or jitter or both D. the phone displays a "network busy" status message Answer: A Question: 166 Which statement accurately describes communication between the WDS and other APs in a WLAN setup using WDS? A. Communication is protected using multicast traffic, which is restricted to the local Layer 2 network. B. Communication is protected using X.509 certificates, which can be either self-signed or manufacturer-installed. C. Communication is protected using a Context Transfer Key, which is manually configured on the AP. D. Communication is protected using a Context Transfer Key, which is negotiated during WDS authentication. Answer: D Question: 167 You are a network engineer at certways.com, When creating a wireless profile in the Cisco ADU and you have selected the WPA/WPA2/CCKM radio button option, what other decision will you make and then configure on this same screen? A. the SSID of the wireless client B. the length and value of the pre-shared key C. the EAP type to be used for authentication D. the encryption type Answer: C Question: 168 Alex is a network engineer for a company, he is now upgrading a large autonomous WLAN deployment to LWAPP operation. He has successfully imported a X.509 self-signed certificate into the WLC. But, when he tries to add additional self-signed certificates, the WLC GUI reports a "Failed to Add entry" error. Which command can diagnose the root cause of this problem?
Page 50 of 70
Total Questions
240
A. show exclusionlist B. show database summary C. show sysinfo D. show wps summary Answer: B Question: 169 Which description is true about NIC cards certified by Cisco Compatible Extensions? A. They support Cisco WLAN technology enhancements. B. They support Cisco standards such as LEAP and EAP-FAST but not PEAP-MSCHAP. C. They support 802.11 standards plus power management only. D. They are compliant with Cisco Compatible Extensions, but not with Wi-Fi. Answer: A Question: 170 How to use Cisco WCS as part of the preliminary site survey for an unfinished building? A. find the exact location of the APs on the floor map B. detect sources of RF interference C. detect possible security policy violations D. create obstacles on floor plans that can be taken into consideration when computing RF prediction heat maps for APs Answer: D Question: 171 Which roaming situation using controllers in a Cisco Unified Wireless Network requires a client by use of WPA2 with PKC to reauthenticate to the network? A. A wireless client roams to another AP on the same controller. B. A wireless client roams to another AP after being out of range of the network for 2 minutes. C. A wireless client roams to another AP on a different controller in the same mobility domain. D. A wireless client roams to another AP on a controller in a different mobility domain. Answer: D Question: 172 Study the following situation carefully, then answer my question. A corporate wireless PC is stolen. The operating system, username, and password are known, and the WPA-PSK is stored on the PC. The PC is then used to try to obtain access to the corporate network. Which method can prevent access from being granted to this PC? A. An extended access list should be used on the default gateway of the WLAN/SSID to which the stolen PC would be connecting. B. There should be a Layer 3 filter on the AP or WLC. C. Peer-to-peer blocking should be used to prevent the PC from communicating once on the network. D. The WPA-PSK should be changed in the AP or WLC, and on all corporate PCs. Answer: D
Page 51 of 70
Total Questions
240
Question: 173 When peer-to-peer blocking is disabled, what happens to the traffic between two users with the same SSID? A. traffic is inspected by the controller for malicious attacks B. traffic is dropped from wireless user to wireless user C. traffic is bridged on the same controller D. traffic is forwarded to the upstream VLAN; the device above the controller decides what action to take regarding the packets Answer: C Question: 174 Quality of Service (QoS) refers to the capability of a network to provide better service to selected network traffic over various technologies. You are configuring a Cisco Wireless LAN Controller to utilize QoS, and have configured the platinum queue on the controller. However, the Cisco Catalyst 3750 Series Switch connected to the Cisco Wireless LAN Controller does not contain any QoS configuration. Which command should be performed on the Catalyst 3750 Series Switch to provide the necessary QoS for voice clients on the wireless network? A. enable 802dot1p B. mls qos trust dscp C. config wlan qos wlan-id platinum D. switchport priority extend cos 5 Answer: B Question: 175 Study the following situations carefully, then answer my question. Wireless client (CB21) configured for SSID "CCIE-2"; IP address "dhcp". Configure standalone authonomous AP with three SSIDs and three data VLANs plus the native VLAN. AAA server IP ranges: VLAN-2:10.20.1.1.100-10.20.1.128 VLAN-3:10.30.1.1.100-10.30.1.128 VLAN-4:10.40.1.1.100-10.40.1.128 Question: The user wants to get an IP address from VLAN-2 which is mapped to the SSID CCIE-2 the client is associating. Why does this wireless client get a wrong IP address? A. LEAP authentication fails due to wrong password or unknown username, therefore the wireless-client is mapped to the default VLAN. B. The RADIUS server is not reachable from the AP, therefore the wireless client is mapped to the default VLAN. C. LEAP needs "network-eap" <eap_methods> on the SSID. You must not configure "open eap" <eap_methods.> D. The RADIUS server assigned VLAN-4 during authentication/authorization process. Answer: D Question: 176 You are a network technician at certways.com ,study the options carefully.A client is attached to the Cisco Unified Wireless network by use of controllers. When the client is using WPA2 and EAP authentication, where are the wireless encryption keys located during the active user session? (Choose two.)
Page 52 of 70
Total Questions
240
A. on the client B. on the Cisco WCS C. on the RADIUS server D. on the access point Answer: A, D Question: 177 On or after July 20, 2007, all WLAN products shipped in Canada and the US need to meet the FCC rule 15.407(h)(2). What exactly does this rule indicate? A. The rule finally releases "UNII-2" and "UNII-2 extended" (5.25-5.35 GHz and 5.47-5.725 GHz, respectively) for industrial wireless fidelity usage. B. Products operating in the "UNII-2" and "UNII-2 extended" bands must not enable transmit power control, because the additional transmission gain of TPC may disturbs radar systems. C. This rule mandates that products operating in the "UNII-2" and "UNII-2 extended" bands must support Dynamic Frequency Selection, to detect and automatically adjusts channels to protect WLAN communications from interfering with radar systems. D. Products operating in the "UNII-1" band must not enable Transmit Power Control, because the additional transmission gain may disturb radar systems. Answer: C Question: 178 By which DHCP option may a list of wireless LAN controllers be offered to the AP during the Layer 3 LWAPP Join process? A. 6 B. 43 C. 44 D. 46 Answer: B Question: 179 Which antenna type would have the narrowest horizontal beam? A. parabolic dish B. omnidirectional antenna C. patch antenna D. Yagi antenna Answer: A
Page 53 of 70
Total Questions
240
Question: 180 Which statement best describes an infrastructure basic service set according to IEEE 802.11 specifications? A. No relaying of signals from one client to another client. B. Also called an Ad Hoc Network. C. Enables the use of ESS. D. The BSSID is generated from the first wireless client that starts up in the IBSS. Answer: C Question: 181 In the Cisco Unified Wireless architecture, which three devices are in charge of generating the 802.11i Pairwise Master Key? (Choose three.) A. WLAN controller in local EAP mode B. LWAPP access point C. Cisco Secure ACS D. Cisco Secure Services Client Answer: A, C, D Question: 182 Which is a must for the delivery of unicast frames buffered at the AP in power-save mode to sleeping stations? A. The AP must send beacons, including a "buffered unicast frame" message, to notify each sleeping station that it needs to send a poll message. B. The AP must send a CTS to wake up each sleeping station. C. The AP must send probe responses to the latest SSID each sleeping station has been using. D. The AP must forward the buffered frames at the DTIM interval. Answer: A Question: 183 While designating a known rogue AP, what information is entered in an LWAPP system? A. the MAC address of the rogue's radio interface B. the base BSSID of the rogue AP with the last address digit ending in zero C. the MAC address of the rogue's Ethernet interface D. the IP address of the autonomous AP in a migration situation Answer: A Question: 184 Which of the following items increases bandwidth and resists multipath problems by carrying data in subcarriers? A. Narrow Band Frequency B. Direct Sequence Spread Spectrum C. Frequency Hopping Spread Spectrum D. Orthogonal Frequency Division Multiplexing Answer: D
Page 54 of 70
Total Questions
240
Question: 185 When a mesh AP is selecting a potential parent, which primary mechanism will be used? A. controller name B. AP MAC address C. bridge group name D. Adaptive Wireless Path Protocol Answer: D Question: 186 It is suggested that you prime or stage your lightweight access points in a convenient location, rather that after they have been installed in locations that may be difficult to reach. Which three items can be configured by using the controller CLI, controller GUI, or Cisco WCS while priming a lightweight AP prior to deployment? (Choose three.) A. to configure the lightweight access point with primary, secondary, and tertiary controller names B. to configure the Controller Mobility Group name, if the lightweight access point is in a Controller Mobility Group C. to configure the access-point-specific LED blink sequence D. to configure the access-point-specific 802.11a, 802.11b, and 802.11g network settings Answer: A, B, D Question: 187 An access point (AP) is a specially configured node on a wireless local area network (WLAN). How does an access point dynamically learn the address of an active AP acting as a WDS? A. Layer 3 multicast B. Layer 3 unicast C. Layer 2 multicast D. Layer 2 broadcast Answer: C Question: 188 Which two statements accurately describe an 802.11i wireless client with PKC enabled within a WLC-based network? (Choose two.) A. Both the client and WLC maintain a copy of the PMK during the roaming process. B. While the client is in the roaming process, the AP being roamed to and the AP being roamed from will encrypt the client data using the GTK instead of the PTK, so that the client can continue to receive packets while performing the 4 way handshake. C. PKC is able to achieve enhanced roam times by cutting out the four-way handshake for roaming clients. This eliminates the time needed to produce a new PTK and GTK. D. The client will send a message to an AP to which it is roaming; the message will contain a PMKID indicating that the client prefers to use the same PMK it has been using to generate a new PTK. Answer: A, D Question: 189 A controller is connected to a Cisco IOS Catalyst switch. The following is the switch port configuration:
Page 55 of 70
Total Questions
240
interface GigabitEthernet 1/0/10 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,20,30,50 switchport trunk native vlan 20 switchport mode trunk Which one of the controller CLI commands assigns its management interface to the Cisco IOS Catalyst switch native vlan interface? A. config interface vlan management 0 B. config interface vlan management 20 C. config interface vlan management 30 D. config interface vlan management 1 Answer: A Question: 190 For the following interfaces, which needs to be identical in all controllers of a mobility group for proper inter-controller roaming? A. service-port interface B. management interface C. virtual interface D. AP Manager interface Answer: C Question: 191 According to the Cisco Spectrum Expert "FFT Duty Cycle" screen capture shown in the exhibit below, which type of device will most likely generate the signal in Wi-Fi channel 1? A. a spread-spectrum, narrowband, frequency-hopping device B. a high-power, broad-spectrum, frequency-hopping device C. a high-power, narrow-spectrum, direct-sequence device using CCK modulation D. a broad-spectrum, low-power device Answer: B Question: 192 Examine the following situations carefully, then answer my question. Utilize PEAP-MS-Chapv2 for authentication to a WLAN with Cisco Secure ACS as the RADIUS server used in conjunction with Microsoft Active Directory (AD). User authentication is failing, and in the ACS log (Failed Attempts) you see under the Authentication Failure-Code, something similar to "EAP-TLS or PEAP authentication failed during SSL handshake." Which is the most likely cause of this problem?
Page 56 of 70
Total Questions
240
A. The EAP type from the supplicant and ACS do not match: one party is configured for EAPTLS, the other for PEAP. Further details can be seen in the corresponding RDS.log file. B. PEAP-MS-CHAPv2 has failed during Phase 1. The client supplicant is probably not accepting the server certificate. Further details can be seen in the corresponding AUTH.log file. C. A client supplicate timeout has occurred (probably due to roaming to another access point). This has caused the SSL handshake to also time out, and therefore it has failed. Increasing the dot1x-client-timeout value on the access point will probably solve this issue. D. PEAP-MS-CHAPv2 PAC provisioning has failed (Phase 0). The client supplicant is probably not configured for autonomous PAC provisioning. Answer: B Question: 193 What is the reason that Cisco recommends using Tftpd32 version 3.0 or later when upgrading wireless LAN controller software to release 4.1 or later? A. Tftpd32 is Cisco Compatible Extensions version 4 compliant B. Tftpd32 supports TFTP file transfers larger than 32 MB C. Tftpd32 is a component of CiscoWorks LMS D. Tftpd32 supports EoIP tunneling which is required for remote Cisco WLC upgrades Answer: B Question: 194 How to deliver the 802.11i Pairwise Master Key to the client supplicant during 802.1X authentication? A. encrypted with the EAPOL Key Encryption Key B. via a secure LWAPP control channel C. unencrypted D. it is not transmitted Answer: D Question: 195 A retail chain is planning to create a wireless network to support checkout registers. Which three actions must be taken to make sure that the wireless network is PCI-compliant? (Choose three.)
Page 57 of 70
Total Questions
240
A. enable WPA B. install PKI certificates on client devices C. disable broadcasting of the SSID D. change default passwords and community strings Answer: A, C, D Question: 196 Which two statements correctly describe RTS/CTS sequences? (Choose two.) A. They are used when 802.11n in "legacy mode" is being used in a mixed environment with 802.11b/g STAs. B. They are used to resolve hidden node problems. Sources send RTS frames to destinations, and destinations return CTS frames to sources. C. They are used to resolve hidden node problems. Sources send CTS frames to destinations, and destinations return RTS frames to sources. D. They are used by STAs as soon as frame length is greater then the configured RTS threshold. Answer: B, D Question: 197 How to describe the radiation pattern of patch and Yagi antennas when viewed from the side (Hplane)? A. the patch patterns are egg-shaped, the Yagi patterns are conical B. the patch patterns are doughnut-shaped, the Yagi patterns are conical C. the patch patterns are conical, the Yagi patterns are doughnut-shaped D. the patch patterns are conical, the Yagi patterns are egg-shaped Answer: A Question: 198 If you have the Cisco ADU installed but wish to use the Windows Zero Config utility to configure a wireless network profile, which action should you take first? A. Uninstall the Cisco ADU. B. Define a common profile in both the Cisco ADU and WZC. C. In the WZC utility, make sure that the box labeled "Use Windows to configure my Wireless Network Settings" is checked. D. Define the wireless profile in the Wireless Networks tab in WZC. Answer: C Question: 199 Which three options are true about the Sniffer trace? (Choose three.) A. STA with MAC address 00:1c:f6:63:98:30 reserves in its RTS the medium unitl frame-3 has been transmitted. B. Before frame-2 can be sent, sender needs to wait for a duration of the "Short Interframe Space" (SIFS) time after receiving frame-1. C. This Sniffer trace shows a RTS/CTS NAV distribution mechanism which is quite robust against hidden nodes and collisions. D. STA with MAC address 00:1c:f6:63:98:30 reserves in its RTS the medium unitl frame-4 has been transmitted.
Page 58 of 70
Total Questions
240
Answer: B, C, D Question: 200 Which two descriptions are correct about Dynamic Frequency Selection? (Choose two.) A. DFS is fully supported on all Cisco Aironet 1130, 1240, and 1250 Series Access Points. B. After radar has been detected on a DFS-enabled channel, it cannot be used for 30 minutes. C. The Rogue Location Discovery Protocol and rogue containment are not supported for channels on which DFS is enabled. D. The minimum legal transmit power is greater for some 5-GHz channels than for others. When a DFS event causes the controller to randomly select a 5-GHz channel on which power is restricted, the controller automatically increases transmit power to comply with power limits for that channel. Answer: B, C Question: 201 The short preamble subfield is transmitted by an access point or station. Which statement best describes the short preamble? A. It is only used for 802.11b signaling; 802.11g uses long frames for increased performance. B. It indicates the start of a frame delimiter and is used to support the increased size of the 802.1p and 802.1q frames. C. It allows for more efficient data transfers, resulting in better overall throughput. D. It is typically used at the lower data rates of 1 Mb/s or 2Mb/s, and may be found when using equipment from other vendors. Answer: C Question: 202 How to differ application-specific devices from laptop computers in the way they support Cisco Compatible Extensions? A. There is no differentiation. ASDs and laptops must both support the same CCX features. B. ASDs are required to support only CCXv1 and v2 features. Laptops must support all CCX features. C. Several features that are required for laptops are not required for ASDs. D. ASDs are required to support only CCXv5 management features, while laptops are optional features. Answer: C Question: 203 IEEE 802.11g-2003 or 802.11g, is an amendment to the IEEE 802.11 specification that extended throughput to up to 54 Mbit/s using the same 2.4 GHz band as 802.11b. An 802.11g client "hearing" a beacon with the Use Protection bit set in the ERP information element is required to take which action? A. transmit a CTS frame with a receiver address of its own MAC address before transmitting its data frame B. set the protection bit in all data frames C. cease further transmissions and wait for receipt of a CTS frame before proceeding D. transmit a CTS frame with a receiver address of the target receiver MAC address Answer: A
Page 59 of 70
Total Questions
240
Question: 204 If multipath interference is occurring, which parameter indicates, and which radio characteristic is most directly related to a device's ability to mitigate the impacts of multipath interference? A. The "Available Transmit Power" parameter indicates that multipath interference is occurring, and "diversity" provides relief to a wireless network in a multipath scenario. B. The "Delay spread" parameter indicates that multipath interference is occurring, and "diversity" provides relief to a wireless network in a multipath scenario. C. The "Receiver Sensitivity" parameter indicates that multipath interference is occurring, and "FCC Bulletin OET-65C Compliance" provides relief to a wireless network in a multipath scenario. D. The "Delay spread" parameter indicates that multipath interference is occurring, and "Data Rates Supported" provides relief to a wireless network in a multipath scenario. Answer: B Question: 205 You work as a network administrator for a company. You are asked to configure three WLANs on the Wireless LAN Controller (WLC).A wireless client should be connected tothe WLAN with the SSID "internet". Using the "view available wireless networks" command only allows connecting to the WLAN with the SSID "fabi-net". What most likely causes this problem? A. The needed WLANs are not enabled on the WLC. B. This wireless client only doing passive scanning. Therefore it only lists SSIDs which are broadcasted within beacons. C. The beacon interval is set too high (more than 1 second); therefore, the client is missing certain beacon information. D. The traffic indication map (TIM) is empty; therefore, the client is ignoring the WLAN advertisements. Answer: B Question: 206 When choosing an EAP type for your Cisco ADU security profile, in order to authenticate successfully, what must you ensure? A. that the time set on the clocks for the wireless client and the authenticator are close to the same time B. that the client and authentication server support the same encryption protocol C. that the EAP type that you selected is supported by the authentication server D. that the EAP type selected is known not to exchange any of its credentials in the clear Answer: C Question: 207 In order to guarantee acceptable voice quality, the Cisco Unified Wireless IP Phone 7921G must always have signal strength of -67 dBm or better. Which is the minimum recommended signal-tonoise ratio in this scenario? A. 5 dB B. 20 dB C. 25 dB D. 67 dB
Page 60 of 70
Total Questions
240
Answer: C Question: 208 Which description concerning wireless voice traffic is correct? A. Voice traffic is more latency-sensitive. B. Wireless voice traffic must be on a dedicated channel apart from wireless data. C. Wireless voice devices cannot share APs with wireless data NIC cards. D. 1Mb/s and 2Mb/s data rates are required for the phones, but not for the wireless data traffic. Answer: A Question: 209 The P4S company is opening a small remote branch office. The employees in the branch office will require WLAN access. As part of the company??s privacy policy, all WLAN traffic is required to utilize Identity-Based Network Services. A site survey has been performed and it has been determined that two APs are required to provide WLAN access. The branch office will use a highspeed WAN link to connect to the headquarter, where several Cisco Wireless Services Modules are located. The IT director thinks that the branch office is too small to justify a dedicated Cisco WLC. Which item is correct about supporting LWAPP over WAN? A. Only autonomous APs can be used in this scenario. B. The round-trip latency between the AP and Cisco WLC should not exceed 100 ms. C. The minimum bandwidth required to support LWAPP is 1.5 Mb/s. D. APs should never be placed across WAN links. A Cisco WLCM or WLC 2106 should be installed at the clinic. Answer: B Question: 210 AP-based Wireless Domain Services support which three features or functions? (Choose three.) A. Layer 2 fast secure roaming B. Layer 3 fast secure roaming C. radio management D. integration with the CiscoWorks Wireless LAN Solution Engine Answer: A, C, D Question: 211 Examine the following items carefully, which three Cisco Unified Wireless Network capabilities use information that Radio Resource Management neighbor messages provide? (Choose three.) A. Aggressive Load Balancing B. Over-the-Air Provisioning C. Hybrid Remote Edge Access Point D. Inter-controller Mobility (that is, Mobility Groups) E. Rogue AP Classification F. Dynamic Channel Assignment Answer: B, E, F Question: 212 What is the reason that the wireless client can??t access the network?
Page 61 of 70
Total Questions
240
A. EAP-FAST PAC provisioning is failing. B. Wireless client does not have a valid PAC. C. EAP-Type configured on client (PEAP) is not supported by AAA server. D. Wireless client did not accept the server certificate. Answer: C Question: 213 For the following options, which one is correct about an 802.11g client's response to receiving a beacon with the Barker Preamble Mode bit set to zero? A. It must change its preambles on all data frames to short. B. It must send an RTS frame out with the Pit Bull bit set to Zero. C. It can set its preambles to long. D. It can change its preambles based on network conditions. Answer: A Question: 214 You are a network designer for a company. You are tasked with designing a wireless mesh network to support physical security at a construction site in Shanghai City. Now the site has a large excavation with a perimeter fence and several gates. What should be your first request from the customer to ensure a successful deployment? A. a physical site survey B. a list of the client devices that will be deployed C. installation poles with AC power D. fiber installation around the perimeter Answer: A Question: 215 -What is the effect of configuring a single SSID to simultaneously support both TKIP and AES encryption? A. This is a common configuration for migrating from WPA to WPA2. There is no problem associated with using this configuration. B. Some wireless client drivers might not handle complex SSID settings and may be unable to associate to the WLAN. C. The overhead associated with supporting both encryption methods will significantly degrade client throughput. D. This is an unsupported configuration and the Cisco Wireless Control System will continuously generate alarms until the configuration is corrected.
Page 62 of 70
Total Questions
240
Answer: B Question: 216 Given: Tom works as a network engineer for a company. He is asked to prepare a wireless Bill of Materials and is using the WCS planning tool to assist him in his efforts. Tom has deployed the tool once using "Light Walls" (2dB loss), and it is suggesting nine APs. In order to better reflect reality he plans to run the tool again after changing the attenuation of the walls to "Thick Walls" (13dB). When Tom runs the tool again, it still recommends nine APs. Which step should Tom take next? A. Click Advanced Options and select Aggressive as the Data/Coverage safety Margin. Then run the tool again and create the Bill of Materials. B. Open a TAC service request. C. Select the "Override Coverage per AP" check box and run the tool again. D. Manually adjust the AP positions to best accommodate the higher loss walls and optimize predicted coverage. Manually add APs as required and create the Bill of Materials. Answer: D Question: 217 Can you tell me how Extended Distributed Channel Access prioritizes WLAN traffic? A. EDCA does not prioritize WLAN traffic. EDCA is an extension of the WLAN MAC that allows more clients per AP. B. The AP polls WLAN clients based on the client traffic priority negotiated when the client associates with the AP. C. Client and AP traffic use different delay timers and random backoff characteristics for different traffic priorities. D. The AP polls WLAN clients based on the client traffic priority negotiated when the client needs to prioritize WLAN traffic. Answer: C Question: 218 Which item is the main difference between an RF planning tool and a site survey tool? A. an RF planning tool is generally much more expensive B. an RF planning tool will measure the RF coverage by AP locations, indicating antennas and output power C. an RF planning tool does a better job of showing actual -65 dBm edges D. an RF planning tool is a predictive tool, where a site survey tool measures the actual RF environment Answer: D Question: 219 Observe the following statements, which limitation applies to the use of the Cisco WLAN Solution Management over Wireless feature? A. Read-write access is not available; only read-only access is supported. B. Controllers must be managed using only secure protocols (that is, SSH and HTTPS), not nonsecure protocols (that is, HTTP and Telnet). C. Uploads and downloads from the controller are not allowed.
Page 63 of 70
Total Questions
240
D. Wireless clients can manage other controllers however not the same controller and AP to which the client is associated. Answer: C Question: 220 Which statement is true about the authorization aspect of AAA? A. Authorization takes place after a successful authentication and provides the Cisco WLC the information needed to allow client access to network resources. B. Successful authorization will provide encryption keys that will be used to secure the wireless communications between client and AP. C. Authorization is the validation of successful DHCP address delivery to the wireless client. D. Authorization must be successfully completed in order to proceed with the authentication phase. Answer: A Question: 221 Which communication method will you use between the Cisco Catalyst 6500 Series Supervisor Engine 720 and Wireless Services Module? A. WLCCP B. SNMP C. WCP D. CDP Answer: C Question: 222 Hybrid Remote Edge Access Point (H-REAP) is a solution for branch office and remote office deployments. While deploying H-REAP over a WAN connection, which three guidelines must be followed? (Choose three.) A. the minimum WAN connection is 128 kb/s B. round trip delay must not exceed 200 ms C. at a minimum, a 500-byte MTU is required between the AP and the controller D. round trip delay must not exceed 100 ms Answer: A, C, D Question: 223 For the following amendments to the IEEE 802.11 WLAN standard, which three define the physical layer? (Choose three.) A. IEEE 802.11a B. IEEE 802.11b C. IEEE 802.11w D. IEEE 802.11g Answer: A, B, D Question: 224
Page 64 of 70
Total Questions
240
As a network technician, can you tell me which two services are offered on Cisco Unified Wireless Networks running controller v5.0 but not offered on Cisco Mobility Express Solution by use of 526 controllers with v4.2 code? (Choose two.) A. GUI management B. Authentication using 802.1X C. Guest access D. Location services E. IDS/IPS Answer: E Question: 225 While configuring the WLAN controller to utilize 802.11n deployment, the onsite engineer has disabled WMM. Which problem will result because of this change? A. The 802.11b/g band will work, but not the 802.11a band. B. Cisco 7921 wireless IP phones will not work. C. The wireless network will no longer support 802.11n rates. D. Wireless multicast media traffic, such as IPTV, will no longer flow to the wireless devices. Answer: C Question: 226 While examining a WLAN traffic capture, which one of the following characteristics can indicate that the AP supports WMM and the AP and WLAN clients have been exchanging WMM traffic? A. CWmin and CWmax values exchanged during the association process and 802.1D QoS fields in the 802.11 data frame B. there is no way to make this determination by examining the WLAN traffic capture; you can only determine WMM behavior by examining the queues on the APs and WLAN clients C. different delays used when sending and receiving traffic between the clients and the AP D. RSVP negotiations have stream IDs Answer: A Question: 227 Which characteristics are of Radio Resource Management Neighbor messages? A. transmitted at maximum power B. transmitted at the lowest supported data rate C. transmitted every 60 seconds D. transmitted on all serviced channels Answer: A, B, C, D Question: 228 Which condition must exist in order to seamlessly roam between two wireless cells in a Cisco Unified Wireless Network using controllers? A. The client's password must be the same on both APs. B. The next cell should be on the same channel as the client's current cell. C. The wireless client must use an EAP authentication method with the infrastructure authenticator. D. The next cell should provide the same SSID as the client's current cell.
Page 65 of 70
Total Questions
240
Answer: D Question: 229 Given: You have two RADIUS servers, one at 1.2.3.4, which only does LEAP, and the other at 5.6.7.8, which does PEAP and EAP-TLS, but not LEAP. Question: Observe the following sets of IOS commands, which could send SSID "a" authentication requests to the LEAP server and SSID "b" authentication requests to the PEAP and EAP-TLS server?
Page 66 of 70
Total Questions
240
A. A B. B C. C Answer: A
Page 67 of 70
Total Questions
240
Question: 230 Observe the following options carefully, which functionality, as defined by IEEE 802.11e, does WWM certify as part of the tests for QoS done by the WiFi Alliance? A. EDCA B. HCCA C. Direct Link Setup D. S-APSD Answer: A Question: 231 Which two capabilities are of Cisco Spectrum Expert? (Choose two.) A. spectrum analysis of only IEEE 802.11a/b/g devices B. detection of Wi-Fi APs and clients, and, when the analysis device has a Wi-Fi network card, classification of those devices C. spectrum analysis of IEEE 802.11n Draft 2.0 devices D. detection and classification of Wi-Fi APs and clients when the analysis device has no Wi-Fi network card Answer: B, C Question: 232 256 bits is the length of the 802.11i Pairwise Master Key used to generate the Pairwise Transient Key? A. True B. False Answer: A Question: 233 RRM plays a critical role in optimizing, fairly allocating and adaptively reusing the scarce resources in wireless communication. Which two tasks does RRM routinely perform? (Choose two.) A. antenna selection B. AP address assignment C. transmit power control D. channel assignment Answer: C, D Question: 234 Which two statements accurately describe AP-specified maximum transmit power, also known as transmit power control? (Choose two.) A. The ability to dynamically set client output power during the association process increases the overall performance of the wireless network and improves WLAN device battery life. B. To support AP-specified maximum transmit power, a client station must limit its transmit power to the value specified in the Cell Power Limit information element contained in every data frame.
Page 68 of 70
Total Questions
240
C. With the ability to identify the number of associated clients, cell sizes, and adjacent access point radio signals, the access points can determine the optimum transmit power required for the clients. D. The ability to provide AP-assisted power roaming enables a client to roam from one AP to another more quickly by reducing the time that the client spends scanning for available APs. Answer: A, C Question: 235 If an autonomous access point allows associations from client devices that do not specify SSIDs in their configurations, which description is true concerning Public WLAN or guest network client access? A. You can set up a broadcast SSID. The access point includes the broadcast SSID in its beacon. B. You can set up a guest SSID. The access point includes the guest SSID in its beacon. C. You can set up a guest SSID. The access point includes the guest SSID in its probe response. D. You can set up a hotspot SSID. The access point includes the hotspot SSID in its probe response. Answer: B Question: 236 How to prevent deauthentication flood attacks on the WLAN? A. Enable EAP-FAST, which will protect the 802.11 management frames using a PAC, thus making it impossible for the attacker to spoof them. B. Enable 802.11i, which will protect the 802.11 management frames using AES. C. Enable Management Frame Protection on the clients and APs or WLCs, which will create a hash of the 802.11 management frames that the attacker will not be able to duplicate. D. Enable shared authentication, which will require the attacker to break the shared key before being able to perform the attack. Answer: C Question: 237 More often than not, what is the difference in transmit power between an AP operating at Tx Power Level 1 and the same AP operating at Tx Power Level 3? A. 11 dB B. 2 dB C. 6 dB D. 3 dB Answer: C Question: 238 Wi-Fi Multimedia is a technology maintaining the priority of audio, video and voice applications in a Wi-Fi network so that other applications and traffic are less likely to slow them. A. Unscheduled Service Period: The service period that is started when a WMM STA transmits a trigger frame to the WMM AP. B. definition of the differentiated services field C. Enhanced Distributed Coordination Function mechanism
Page 69 of 70
Total Questions
240
D. four access categories: A label for the common set of Enhanced Distributed Channel Access parameters that are used by a WMM STA to contend for the channel in order to transmit MSDUs with certain priorities. Answer: D Question: 239 John works as a network engineer. While solving a VoWLAN problem at a customer's site, he discovers many reflective surfaces within the environment. Now, the WLAN controller has all of the default settings configured. Cisco Aironet 1240 Series Access Points have been deployed; with a single antenna physically attached to each AP. VoWLAN handsets are operating in the 2.4GHz band only. Which is the best solution to this problem? A. Disable low data rates (such as 1 Mb/s and 2 Mb/s) on the AP radios. B. Increase the AP radio transmit power. C. Add a second antenna to each access point. D. Enable diversity on the WLAN controller. Answer: C Question: 240 In order to track mobile devices properly by the location-based services, which of the following is a requirement? A. a minimum of three access points, each with a signal strength of -67 dBm or better B. a minimum of four access points, each with a signal strength of -67 dBm or better C. a minimum of two access points, each with a signal strength of -75 dBm or better D. a minimum of three access points, each with a signal strength of -75 dBm or better Answer: D
End of Document
Page 70 of 70

CCIE Wireless Beta Written Exam Questions and Resources

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCIE Wireless Beta Written Exam Questions and Resources

Uploaded by

Copyright:

Available Formats

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Question: 40 What type of EAP will the diagram below illustrate?

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code:

CCIE Wireless Beta Written Exam Cisco 350-050

Exam Name: Exam Type: Exam Code: