Archie Praed

Member
Member
Joined
Mar 28, 2016
Messages
116
Reaction score
18
Points
18
2017/July Braindump2go New 300-375 Exam Questions Free Updated Today:
QUESTION 61
Which attribute on the Cisco WLC v7.0 does RADIUS IETF attribute "Tunnel-Private-Group ID" assign?

A. ACL
B. DSCP
C. QoS
D. VLAN

Answer: D

QUESTION 62
Which three WLAN polices can be controlled by using the Cisco IBNS on the Cisco WLC and Cisco Secure ACS? (Choose three.)

A. QoS setting
B. VLAN
C. EAP type
D. ACL
E. authentication priority order
F. NAC state

Answer: ABD

QUESTION 63
An engineer is securing the wireless network from vulnerabilities. Which four strategies are recommended for mitigation? (Choose four.)

A. MFP
B. identity-based networking
C. rogue location
D. EAP-TLS
E. guest monitoring
F. RF profiles
G. rogue detection
H. password policies

Answer: ACEG

QUESTION 64
Refer to the exhibit. A client reports being unable to log into the wireless network, which uses PEAPv2. Which two issues appear in the output? (Choose two.)


A. There is a problem with the client supplicant.
B. The AP has the incorrect RADIUS server address.
C. The AP has lost IP connectivity to the authentication server.
D. The EAP client timeout value should be increased.
E. The authentication server is misconfigured on the controller.
F. The authentication server is misconfigured in the WLAN.

Answer: AD

QUESTION 65
When using the Standalone Profile Editor in the Cisco AnyConnect v3.0 to create a new NAM profile, which two statements describe the profile becoming active? (Choose two.)

A. selects the new profile from NAM
B. selects "Network Repair" from NAM
C. becomes active after a save of the profile name
D. ensures use of "configuration.xml" as the profile name
E. ensures use of "config.xml" as the profile name
F. ensures use of "nam.xml" as the profile name

Answer: BD

QUESTION 66
Which feature should an engineer select to implement the use of VLAN tagging, QoS, and ACLs to clients based on RADIUS attributes?

A. per-WLAN RADIUS source support
B. client profiling
C. AAA override
D. captive bypassing
E. identity-based networking

Answer: C

QUESTION 67
How should the Cisco Secure ACS v4.2 and the Cisco WLC v7.0 be configured to support wireless client authentication?

A. The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (Cisco Airespace)
B. The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (IETF)
C. The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco Airespace)
D. The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco IOS)

Answer: A

QUESTION 68
Clients are failing EAP authentication. A debug shows that an EAPOL start is sent and the clients are then de-authenticated. Which two issues can cause this problem? (Choose two.)

A. The WLC certificate has changed.
B. The WLAN is not configured for the correct EAP supplicant type.
C. The shared secret of the WLC and RADIUS server do not match.
D. The WLC has not been added to the RADIUS server as a client.
E. The clients are configured for machine authentication, but the RADIUS server is configured for user authentication.

Answer: CD

New 300-375 VCE Dumps:
https://drive.google.com/drive/folders/0B75b5xYLjSSNR21JWVIyUWFaTWM?usp=sharing
 

Smith Lee

Banned
Banned
Joined
Oct 23, 2018
Messages
568
Reaction score
98
Points
18
This 300-375 exam dump is well written and structured. Absolutely gives all the compulsory info to pass the 300-375 exam. High-quality 300-375 exam dumps! Strongly recommended.
 

JimmyKong

Banned
Banned
Joined
Jun 14, 2018
Messages
236
Reaction score
3
Points
18
QUESTION
Which three options are limitations when configuring basic security on an autonomous AP when using the express security page setup? (Choose three.)
A. You need multiple SSIDs.
B. Delete all the SSIDs.
C. Edit the SSIDs.
D. Use multiple authentication servers.
E. Use the same SSID on both radios.
F. Use a single SSID on a single radio.
Answer: CDF
QUESTION
Which two statements about beacon frames used by access points are true? (Choose two.)
A. They contain SSIDs if this feature is enabled.
B. They provide vendor proprietary information.
C. They are another name for an associated request.
D. They are sent in response to a probe frame.
E. They include ATIM window information for power save operations.
Answer: AB
Explanation:
QUESTION
When a guest client is authenticated, which type of connection is created between the controller- based AP and the client?
A. as SSL connection
B. a TLS encrypted tunnel
C. an unsecured connection
D. a 802.1x/EAP tunnel
E. an IPsec tunnel
Answer: C
QUESTION
When the enterprise-based authentication method is used for WPA2, a bidirectional handshake exchange occurs between the client and the authenticator.
Which five options are results of that exchange being used on a controller-based network? (Choose five.)
A. a bidirectional exchange of a nonce used for key generation
B. binding of a Pairwise Master Key at the client and the controller
C. creation of the Pairwise Transient Key
D. distribution of the Group Transient Key
E. distribution of the Pairwise Master key for caching at the access point
F. proof that each side is alive
Answer: ABCDF
Explanation:
Regardless of whether WPA or WPA2 is used during the initial connection between the station and the AP, the two agree on common security requirements.
Following that agreement, a series of important key related activities occur in this specific order
QUESTION
After receiving an alert regarding a rogue AP, a network engineer logs into Cisco Prime and looks at the floor map where the AP that detected the rogue is located.
The map is synchronized with a mobility services engine that determines the rogue device is actually inside the campus.
The engineer determines the rogue to be a security threat and decides to stop it from broadcasting inside the enterprise wireless network.
What is the fastest way to disable the rogue?
A. Go to the location the rogue device is indicated to be and disable the power.
B. Create an SSID on WLAN controller resembling the SSID if the rogue to spiif it and disable clients frim connecting to it.
C. Classify the rogue as malicious in Cisco Prime.
D. Update the status if the rogue to Cisco Prime to contained
Answer: C
QUESTION
Which configuration step is necessary to enable Visitor Connect on an SSID?
A. Pre Auth ACL
Answer: A
QUESTION
Which two statements describe the software v7.0 implementation of LAG on a Cisco controller? (Choose two.)
A. It is supported on Cisco WLC 2500.
B. It is supported on the Cisco FlexConnect 7500 controller.
C. Fewer IP addresses are required.
D. The LAG port becomes port 15.
E. The LAG port becomes port 29.
F. The switch channel group negotiates with LAGP.
G. The switch channel group negotiates with PaGP.
Answer: AC
QUESTION
A wireless engineer wants to deploy high availability on a wireless network, on what you should be concerned about?
A. RSSI
B. Channel reuses
C. Cell overlap
D. SNR
Answer: C
QUESTION
An engineer is configuring a BYOD provisioning WLAN, which 2 are requested?
A. DHCP Profiling
B. DHCP Address Assignment
C. AAA override
D. PAssive client
E. RADIUS NAC
Answer: CE
QUESTION
A wireless engineer wants to configure local flexconnect authentication over CLI, what commands are necessary (Choose 3)?
A. config wlan flexconnect local-switching 1 enable
B. config wlan flexconnect ap-auth 1 enable
C. config ap mode flexconnect AP name
Answer: ABC
QUESTION
Which three options are valid client profile probes in Cisco WLC? (Choose three)
A. MAC OUI
B. DHCP
C. HTTP Agent
Answer: ABC
 

Latest posts

Top