[Free] 2018(Aug) Ensurepass Cisco 300-375 Dumps with VCE and PDF 21-30

Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 300-375
100% Free Download! 100% Pass Guaranteed!

Securing Wireless Enterprise Networks

Question No: 21

WPA2 Enterprise with 802.1x is being used for clients to authenticate to a wireless network through an ACS server. For security reasons, the network engineer wants to ensure only PEAP authentication can be used. The engineer sent instructions to clients on how to configure their supplicants, but users are still in the ACS logs authentication using EAP- FAST. Which option describes the most efficient way the engineer can ensure these users cannot access the network unless the correct authentication mechanism is configured?

  1. Enable AAA override on the SSID, gather the usernames of these users, and disable their RADIUS accounts until they make sure they correctly configured their devices.

  2. Enable AAA override on the SSID and configure an access policy in ACS that denies access to the list of MACs that have used EAP-FAST.

  3. Enable AAA override on the SSID and configure an access policy in ACS that allows access only when the EAP authentication method is PEAP.

  4. Enable AAA override on the SSID and configure an access policy in ACS that puts clients that authenticated using EAP-FAST into a quarantine VLAN.

Answer: D

Question No: 22

An engineer is deploying EAP-TLS as the authentication mechanism for an 802.1X- enabled wireless network. Which network device is responsible for applying the digital signature to a certificate to ensure that the certificate is trusted and valid?

  1. supplicant

  2. CA server

  3. wireless controller

  4. authentication server

Answer: B

Question No: 23

An engineer is configuring client MFP. What WLAN Layer 2 security must be selected to use client MFP?

  1. Static WEP

  2. CKIP

  3. WPA WPA2

D. 802 1x

Answer: C

Question No: 24

An engineer configures the wireless LAN controller to perform 802.1x user authentication. Which option must be enabled to ensure that client devices can connect to the wireless, even when WLC cannot communicate with the RADIUS?

  1. local EAP

  2. authentication caching

  3. pre-authentication

  4. Cisco Centralized Key Management

Answer: A

Question No: 25

Which two options are types of MFP that can be performed? (Choose two.)

  1. message integrity check

  2. infrastructure

  3. client


  5. RSN

Answer: B,C

Question No: 26

Refer to the exhibit.

Ensurepass 2018 PDF and VCE

What is the IP address?

  1. the wireless client IP address

  2. the RADIUS server IP address

  3. the controller management IP address

  4. the lightweight IP address

  5. the controller AP-manager IP address

  6. the controller virtual interface IP address

Answer: F

Question No: 27

Which command is an SNMPv3-specific command that an engineer can use only in Cisco IOS XE?

  1. snmp-server user remoteuser1 group1 remote

  2. snmp-server host public

  3. snmp-server community comaccess ro 4

  4. snmp-server enable traps wireless

Answer: A

Question No: 28

An engineer must provide a graphical trending report of the total number of wireless clients on the network. Winch report provides the required data?

  1. Client Summary

  2. Posture Status Count

  3. Client Traffic Stream Metrics

  4. Mobility Client Summary

Answer: D

Question No: 29

An engineer must enable EAP on a new WLAN and is ensuring that the necessary components are available. Which component uses EAP and 802.1x to pass user authentication to the authenticator?

  1. AP

  2. AAA server

  3. supplicant

  4. controller

Answer: D

Question No: 30

An engineer is configuring a BYOD deployment strategy and prefers a single SSID model. Which technology is required to accomplish this configuration?

  1. mobility service engine

  2. wireless control system

  3. identify service engine

  4. Prime Infrastructure

Answer: C

100% Ensurepass Free Download!
300-375 PDF
100% Ensurepass Free Guaranteed!
300-375 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.