Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug Cisco Official New Released 642-737
100% Free Download! 100% Pass Guaranteed!
Implementing Advanced Cisco Unified Wireless Security v2.0
Question No: 1
An engineer is responding to a man-in-the-middle attack and needs to enable security features to prevent such attacks in the future. What security feature would prevent a man- in-the-middle attack?
-
Management Frame Protection
-
ACL
-
Enable client and infrastructure MFP
-
AAA Override
Answer: C
Question No: 2
All users on one of the two guest WLANs are failing to connect after a configuration change was made to a controller. What is the cause of the outage?
-
The interface or VLAN of the anchor controller and foreign controller no longer match.
-
The configuration of the failing WLAN no longer matches the foreign controllers.
-
The address of the NAC guest server has been changed.
-
The DHCP server on the foreign controller was changed.
Answer: B
Question No: 3
When configuring the WLC for NAC out-of-band, which device will be used for SNMP trap receiver IP address entries?
-
Cisco NAC Appliance Manager
-
Cisco NAC Appliance Server
-
Cisco NAC Guest Server
-
Cisco ACS
-
Cisco WCS
Answer: A
Question No: 4
Refer to the exhibit.
A WLAN with the SSID quot;Enterprisequot; is configured. Which rogue will be marked as malicious?
-
a rogue with no clients, broadcasting the SSID quot;Enterprisequot; heard at -50dBm
-
a rogue with two clients, broadcasting the SSID quot;Employeequot; heard at -50dBm
-
a rogue with two clients, broadcasting the SSID quot;Enterprisequot; heard at -50dBm
-
a rouge with two clients, broadcasting the SSID quot;Enterprisequot; heard at -80dBm
Answer: C
Question No: 5
Refer to the exhibit.
A client reports being unable to log into the wireless network, which uses PEAPv2. Which two issues appear in the output? (Choose two.)
-
There is a problem with the client supplicant.
-
The AP has the incorrect RADIUS server address.
-
The AP has lost IP connectivity to the authentication server.
-
The EAP client timeout value should be increased.
-
The authentication server is misconfigured on the controller.
-
The authentication server is misconfigured in the WLAN.
Answer: A,D
Question No: 6
MFP is enabled globally on a WLAN with default settings on a single controller wireless network. Older client devices are disconnected from the network during a deauthentication attack. What is the cause of this issue?
-
The client devices do not support CCXv5.
-
The client devices do not support WPA.
-
The NTP server is not configured on the controller.
-
The MFP on the WLAN is set to optional.
Answer: A
Question No: 7
Which one best describes the EAP Identity Request frame when a wireless client is connecting to a Cisco WLC v7.0-based AP WLAN?
-
sourced from the Cisco ACS Server to the client
-
sourced from the client to the Cisco ACS Server
-
sourced from the WLC to the client
-
sourced from the client to the WLC
-
sourced from the AP to the client
-
sourced from the client to the AP
Answer: C
Question No: 8
Which statement describes the major difference between PEAP and EAP-FAST client authentication?
-
EAP-FAST requires a backend AAA server, and PEAP does not.
-
EAP-FAST is a Cisco-only proprietary protocol, whereas PEAP is an industry-standard protocol.
-
PEAP requires a server-side certificate, while EAP-FAST does not require certificates.
-
PEAP authentication protocol requires a client certificate, and EAP-FAST requires a secure password.
Answer: C
Question No: 9
An engineer has narrowed down an authentication issue to the client laptop. What three items should be verified for EAP-TLS authentication? (Choose three.)
-
The user account is the same in the certificate.
-
The Subject Key Identifier is configured correctly.
-
The client certificate is formatted as X.509 version 3.
-
Validate server certificate is disabled.
-
The supplicant is configured correctly.
-
The client certificate has a valid expiration date.
Answer: A,C,E
Question No: 10
Which EAP protocol(s) can be used by a controller-based AP on Ethernet for 802.1X authentication to a switch?
-
EAP-LEAP
-
EAP-FAST
-
EAP-PEAP
-
EAP-TLS
-
802.1X and EAP are not supported on AP-wired Ethernet
Answer: B
100% Dumps4cert Free Download!
–642-737 PDF
100% Dumps4cert Pass Guaranteed!
–642-737 Dumps
Dumps4cert | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |