Ramon Burkley

Member
Member
Joined
Jun 20, 2017
Messages
71
Reaction score
14
Points
18
2018/October Braindump2go 300-375 Exam Dumps with PDF and VCE New Updated Today! Folliwing are some new 300-375 Real Exam Questions:


QUESTION 120
Scenario
Local Web Auth has been configured on the East-WLC-2504A, but it is not working. Determine which actions must be taken to restore the Local Web Auth service. The Local Web Auth service must operate only with the Contractors WLAN.
Contractors WLAN ID - 10
Employees WLAN ID - 2
Note, not all menu items, text boxes, or radio buttons are active.

Virtual Terminal



Which four changes must be made to configuration parameters to restore the Local Web Auth feature on the East-WLC-2504A? Assume the passwords are correctly entered as "ciscotest". (Choose four.)

A. Remove the existing Local Net User Bill Smith and add a New Local Net User "Bill Smith" password "ciscotest', WLAN Profile "Contractors".
B. Remove WLAN 10 and WLAN 2, replace WLAN 10 with Profile Name Employees and SSID Contractors;
replace WLAN 2 with Profile Name Employees and SSID Employees.
C. Remove WLAN 10 and WLAN 2, replace WLAN 10 with Profile Name Contractors and SSID Contractors,
replace WLAN 2 with Profile Name Employees and SSID Employees.
D. Change the Layer 2 security to None on the Contractors WLAN.
E. Under Layer 3 Security, change the Layer 3 Security to Web Policy on the Contractors WLAN.
F. Under Security Local Net Users add a New Local Net User "Bill Smith" password "Cisco", interface/ Interface Group "east-wing".
G. Change the Layer 2 Security to None + EAP Pass-through on the Contractors WLAN.
H. Under WLANs > Edit "Contractors "change the interface/Interface group to "east-wing".


Answer: CEFG

QUESTION 121
An engineer is implementing SNMP v3 on a Cisco 5700 Series WLC. Which three commands are the minimum needed to configure SNMP v3? (Choose three.)


A. snmp-server enable traps
B. snmp-server group
C. snmp-server user
D. snmp-server community
E. snmp-server context
F. snmp-server engineID


Answer: BCF

QUESTION 122
Refer to the exhibit. An engineer has configured a BYOD policy that allows for printing on the WLAN utilizing Bonjour services. However, the engineer cannot get printing working. The WLC firmware is 8.x. the printer is connected on the wired network where a few of the access points are also connected. Which reason that printing is not working is true?


A. Location-specific service is not enabled on the WLC.
B. Secure Web Mode Cipher-Option SSLv2 is not enabled.
C. mBNS and IGMP snooping is not enabled on the WLC.
D. IGMP Query Interval value is too low.
E. The number of mDNS services exceeds firmware limits.


Answer: A

QUESTION 123
Which two fast roaming algorithms will allow a WLAN client to roam to a new AP and re-establish a new session key without a full reauthentication of the WLAN client? (Choose two.)


A. PKC
B. GTK
C. PMK
D. PTK
E. CKM


Answer: AE

QUESTION 124
A new MSE with wIPS service has been installed and no alarm information appears to be reaching the MSE from controllers.
What protocol must be allowed to reach the MSE from the controllers?


A. NMSP
B. SOAP/XML
C. SNMP
D. CAPWAP


Answer: B

QUESTION 125
Which condition introduce security risk to a BYOD policy?


A. enterprise-managed MDM platform used for personal devices
B. access to LAN without implementing MDM solution
C. enforcement of BYOD access to internet only network
D. enterprise life-cycle enforcement of personal device refresh


Answer: B

QUESTION 126
An engineer ran the PCI report in Cisco Prime Infrastructure and received a warning on PCIDSS Requirement 2.1.1 that the SNMP strings are set to default and must be changed. Which tab in the Cisco WLC can the engineer use to navigate to these settings?


A. Management
B. Security
C. Controller
D. Wireless


Answer: A

QUESTION 127
Refer to the exhibit. A network engineer must configure a WLAN on a Cisco IOS-XE controller to support corporate devices (using VLAN 30) and BYOD (using VLAN 40) on the same secure SSID. The security team has built an ISE deployment to be used for VLAN assignment and to restrict access based on policy and posture compliance.
Given the existing WLAN configuration, which configuration change must be made?


A. remove ip dhcp required
B. Add aaa-override
C. Remove nac
D. Add mac-filtering default


Answer: B

QUESTION 128
Which EAP method can an AP use to authenticate to the wired network?


A. EAP-GTC
B. EAP-MD5
C. EAP-TLS
D. EAP-FAST


Answer: C

QUESTION 129
A wireless engineer must implement a corporate wireless network for a large company with ID 338860948 in the most efficient way possible. The wireless network must support a total of 32 VLANS for 300 employees in different departments.
What is the best configuration option in this scenario?


A. Configure a second WLC to support half of the APs in the deployment.
B. Configure different AP groups to support different VLANs, so that all of the WLANs can be broadcast on both radios.
C. Configure 16 WLANs to be broadcast on the 2.4-GHz band and 16 WLANs to be broadcast on the 5.0-GHz band.
D. Configure one single SSID and implement Cisco ISE VLLAN assignment according to different user roles.


Answer: B

QUESTION 130
An engineer with ID 338860948 is implementing Cisco Identity-Based Networking on a Cisco AireOS controller. The engineer has two ACLs on the controller. The first ACL, named BASE_ACL, is applied to the corporate_clients interface on the WLC, which is used for all corporate clients. The second ACL, named HR_ACL, is referenced by ISE in the Human Resources group policy. Which option is the resulting ACL when a Human Resources user connects?


A. HR_ACL only
B. HR_ACL appended with BASE_ACL
C. BASE_ACL appended with HR_ACL
D. BASE_ACL only


Answer: A

QUESTION 131
An engineer is adding APs to an existing VoWLAN to allow for location based services. Which option will the primary change be to the network?


A. increased transmit power on all APs
B. moving to a bridging model
C. AP footprint
D. cell overlap would decrease
E. triangulation of devices


Answer: C

QUESTION 132
Refer to the exhibit. An engineer utilizing ISE as the wireless AAA service noticed that the accounting process on the server at 10.10.2.3 has failed, but authentication process is still functional. Which ISE nodes receive WLC RADIUS traffic, using the CLI output and assuming the WLAN uses the servers in their indexed order?


A. authentication to 10.10.2.4, accounting to 10.10.2.3.
B. authentication to 10.10.2.3, accounting to 10.10.2.3.
C. authentication to 10.10.2.4, accounting to 10.10.2.4.
D. authentication to 10.10.2.3, accounting to 10.10.2.4.


Answer: B

QUESTION 133
Refer to the exhibit. You are configuring a controller that runs Cisco IOS XE by using the CLI. Which three configuration options are used for 802.11w Protected Management Frames? (Choose three.)


A. mandatory
B. association-comeback
C. SA teardown protection
D. saquery-retry-time
E. enable
F. comeback-time


Answer: ABD

1.|2018 Latest 300-375 Exam Dumps (VCE & PDF) 133Q&As Download:

https://www.braindump2go.com/300-375.html

2.|2018 Latest 300-375 Exam Questions & Answers Download:

https://drive.google.com/drive/folders/0B75b5xYLjSSNR21JWVIyUWFaTWM?usp=sharing
 

Smith Lee

Banned
Banned
Joined
Oct 23, 2018
Messages
568
Reaction score
98
Points
18
This 300-375 exam dump is well written and structured. Absolutely gives all the compulsory info to pass the 300-375 exam. High-quality 300-375 exam dumps! Strongly recommended.
 

JimmyKong

Banned
Banned
Joined
Jun 14, 2018
Messages
236
Reaction score
3
Points
18
QUESTION
Which three options are limitations when configuring basic security on an autonomous AP when using the express security page setup? (Choose three.)
A. You need multiple SSIDs.
B. Delete all the SSIDs.
C. Edit the SSIDs.
D. Use multiple authentication servers.
E. Use the same SSID on both radios.
F. Use a single SSID on a single radio.
Answer: CDF
QUESTION
Which two statements about beacon frames used by access points are true? (Choose two.)
A. They contain SSIDs if this feature is enabled.
B. They provide vendor proprietary information.
C. They are another name for an associated request.
D. They are sent in response to a probe frame.
E. They include ATIM window information for power save operations.
Answer: AB
Explanation:
QUESTION
When a guest client is authenticated, which type of connection is created between the controller- based AP and the client?
A. as SSL connection
B. a TLS encrypted tunnel
C. an unsecured connection
D. a 802.1x/EAP tunnel
E. an IPsec tunnel
Answer: C
QUESTION
When the enterprise-based authentication method is used for WPA2, a bidirectional handshake exchange occurs between the client and the authenticator.
Which five options are results of that exchange being used on a controller-based network? (Choose five.)
A. a bidirectional exchange of a nonce used for key generation
B. binding of a Pairwise Master Key at the client and the controller
C. creation of the Pairwise Transient Key
D. distribution of the Group Transient Key
E. distribution of the Pairwise Master key for caching at the access point
F. proof that each side is alive
Answer: ABCDF
Explanation:
Regardless of whether WPA or WPA2 is used during the initial connection between the station and the AP, the two agree on common security requirements.
Following that agreement, a series of important key related activities occur in this specific order
QUESTION
After receiving an alert regarding a rogue AP, a network engineer logs into Cisco Prime and looks at the floor map where the AP that detected the rogue is located.
The map is synchronized with a mobility services engine that determines the rogue device is actually inside the campus.
The engineer determines the rogue to be a security threat and decides to stop it from broadcasting inside the enterprise wireless network.
What is the fastest way to disable the rogue?
A. Go to the location the rogue device is indicated to be and disable the power.
B. Create an SSID on WLAN controller resembling the SSID if the rogue to spiif it and disable clients frim connecting to it.
C. Classify the rogue as malicious in Cisco Prime.
D. Update the status if the rogue to Cisco Prime to contained
Answer: C
QUESTION
Which configuration step is necessary to enable Visitor Connect on an SSID?
A. Pre Auth ACL
Answer: A
QUESTION
Which two statements describe the software v7.0 implementation of LAG on a Cisco controller? (Choose two.)
A. It is supported on Cisco WLC 2500.
B. It is supported on the Cisco FlexConnect 7500 controller.
C. Fewer IP addresses are required.
D. The LAG port becomes port 15.
E. The LAG port becomes port 29.
F. The switch channel group negotiates with LAGP.
G. The switch channel group negotiates with PaGP.
Answer: AC
QUESTION
A wireless engineer wants to deploy high availability on a wireless network, on what you should be concerned about?
A. RSSI
B. Channel reuses
C. Cell overlap
D. SNR
Answer: C
QUESTION
An engineer is configuring a BYOD provisioning WLAN, which 2 are requested?
A. DHCP Profiling
B. DHCP Address Assignment
C. AAA override
D. PAssive client
E. RADIUS NAC
Answer: CE
QUESTION
A wireless engineer wants to configure local flexconnect authentication over CLI, what commands are necessary (Choose 3)?
A. config wlan flexconnect local-switching 1 enable
B. config wlan flexconnect ap-auth 1 enable
C. config ap mode flexconnect AP name
Answer: ABC
QUESTION
Which three options are valid client profile probes in Cisco WLC? (Choose three)
A. MAC OUI
B. DHCP
C. HTTP Agent
Answer: ABC
 

Latest posts

Top