642-382 - CXFF - Cisco Express Foundation for Field Engineers
Go back to Cisco
In what location is it recommended that the Cisco Catalyst 6500 Series WLSM be placed?
A wireless autonomous 1200 access point running core feature set in root mode has its SSID set to Factory_floor and provides connection to a repeater access point with its SSID set to Factory_floor. If the root-mode access point is using channel 11, which channel will the repeater access point use?
Which two statements are correct about OSPF in a multiarea environment? (Choose two.)
OSPF ABR routers are needed only at the boundary of another OSPF area.
OSPF uses wildcard masks in the network statements but subnet masks in the area range statements.
You have just configured HSRP and need to determine which router is active. Which command should you enter?
An 802.11b telephone is receiving an audio signal from an access point, but cannot send audio. What is a possible cause?
The transmit power in the telephone is significantly lower than the transmit power in the access point.
The network administrator has configured the SSID value in a wireless Cisco Aironet client card. What is the result of the client-to-access-point association if the client SSID1 is left blank, and the SSID2 is assigned a value of my_ssid?
The client software will replace SSID1 with SSID2, and use my_ssid to attempt association with the access point.
Which two statements best describe the wireless implementation of Cisco Aironet root and non-root bridging? (Choose two.)
WGB can be used with an access point if the distance is less than one mile.
Up to 17 non-root bridges can associate to a root bridge.
A customer with a small enterprise network of 15 remote sites is trying to optimize its VPN by migrating some remote sites using Frame Relay connections to the Internet to using cable connections to the Internet. Minimizing costs is one of the customer's highest priorities. Only a moderate amount of IP traffic is passing through the network, most of which is from the remote sites to the central site. IPSec should be used to provide VPN functionality and basic confidentiality is desired. Based on the traffic patterns, which topology would be the easiest for this customer to set up and manage?
Would you like to receive emails about Cisco training, certifications, services, special offerings, and events?
The customer wants to implement wireless security through implementation of WPAv2. Which component of WPAv2 would limit the rollout because of the continued use of old access points?
You connect via Telnet to a Cisco access point and enter the command show dot11 linktest. Which output might you obtain?
incoming and outgoing signal strength
You are migrating the network design from using point security products (perimeter router, firewall, VPN router, IPS) to an integrated security solution using Cisco ISR. During the migration process, you determine that you need to improve VPN performance. What can you do?
install AIM-VPN EPII-PLUS on the ISR
You enter the command show ip ospf neighbor and see "two-way/DROTHER" listed as the state for neighbor 10.1.1.1. What does this status indicate?
The neighbor 10.1.1.1 is not a DR or BDR.
You have applied a firewall configuration to your router using the Cisco Router and Security Device Manager (SDM) Firewall wizard. You find that you are now locked out and access via Cisco SDM is denied. After accessing the router via the console port, what must you do to regain access via Cisco SDM?
Modify the access list that denies Cisco SDM access.
A concern has been expressed that the switched infrastructure in an integrated network is vulnerable to VLAN hopping attacks. Which two configuration statements can be used to mitigate VLAN hopping? (Choose two.)
switchport access vlan
switchport mode access
Which command can be used to verify that RIPv2 is running on a router?
show ip protocols
In an infrastructure based on a wireless advanced feature set using lightweight access points, by which method is a rogue contained?
The rogue MAC address is used to spoof broadcast deauthentication packets.
Which command assigns a cost value of "17" to a switch port?
spanning-tree vlan 1 cost 17
You have configured and applied a Cisco IOS Firewall access rule to the inbound, untrusted interface. You suspect that the rule may be blocking necessary traffic onto the network. What must you do to delete that rule when using Cisco Router and Security Device Manager?
You must remove the association between the rule and the interface before deleting the rule.
A North American customer is using 2.4-GHz radios in a point-to-point configuration. The radio power level is 17 dBm and is transmitting at 11 Mbps. The customer is using 21.5-dBi dish antennas and 50 feet of cabling, with a loss of 8.4 dB per 100 feet. The customer increased the distance between the transmitter stations and began experiencing link problems. Without using a professional installer, which step should the customer take to fix the situation?
Use a cable with lower loss.
A user is unable to connect to the Cisco Router and Security Device Manager via HTTPS. Which two of these might have caused this problem? (Choose two.)
The ip http secure-server command is missing from the running configuration.
The user has a privilege level lower than 15.
After configuring VTP, you no longer receive updates as expected. Which command can you use to verify the number of VTP advertisements being transmitted?
show vtp counters
A company needs to provide site-to-site VPN, remote access VPN, and firewall protection. Which device best supports all three functions?
You are configuring a VLAN and the switch you are using requires that you do so within the VLAN database. Which command allows you to enter the VLAN database?
Switch# vlan database
Which two statements are correct about using Cisco Router and Security Device Manager (SDM) to configure the OSPF routing protocol? (Choose two.)
Cisco SDM will use the supplied wildcard mask to exclude the host bits from the configured network address.
Cisco SDM allows the configuration of passive interfaces.
Which statement is true about a Cisco Aironet 350 Series wireless client when its green LED appears to be off and its amber LED is blinking?
The client adapter is in power-save mode.
You have just configured and enabled the Cisco IOS Firewall feature set from a remote location using the Cisco Router and Security Device Manager (SDM) Firewall wizard. You later want to double-check your configuration using Cisco SDM. However, you find that you can no longer connect to the Cisco IOS Firewall using Cisco SDM. What is the probable cause of this failure?
You have been locked out via access lists that have been applied to the router as a result of your Cisco SDM configuration.
Which two statements best describe the wireless core feature set using autonomous access points when implementing Wireless Domain Services? (Choose two.)
Layer 2 services can be configured in a Cisco Aironet autonomous AP or a Cisco Integrated Services Router.
Layer 3 services can be configured in WLSM.
A customer in Europe needs to establish an 11-Mbps wireless bridge link between two office buildings that are approximately 1.3 km apart. The wireless link will pass through a public park, which contains a lake that is surrounded by trees. You run the range calculation and determine that the Cisco Aironet 1300 Series Outdoor Access Point/Bridge should work. You install the link using 10.5-dB yagis with 75 feet of standard Cisco cabling and both radios set at 20 mW. The wireless bridges are not able to establish or maintain a link. What is needed to successfully complete this link?
The antenna must be raised high enough to clear the trees.
Which two features are only supported when using the Cisco Router and Security Device Manager (SDM) Advanced Firewall wizard and not supported when using the Cisco SDM Basic Firewall wizard? (Choose two.)
custom inspection rules
Are you 18 years of age or older? Please choose one of the following:
Which critical issue should you account for when implementing an integrated network security management design?
all network devices are time-synchronized
A customer with a large enterprise network wants to allow employees to work from home over the Internet. The customer anticipates a large amount of traffic, predominantly toward the central site. The customer also requires a VPN using strong user authentication and encryption to protect highly sensitive data. Which solution best meets this customer's requirements?
remote-access VPN with hardware encryption
Which network management tool is designed to allow businesses to manage up to 40 devices?
A client is experiencing lower throughput and more packet retransmits in one area of the wireless network. At these times, the client utility shows high signal strength but low signal quality. What may be causing this issue?
Diversity is not enabled in the access point.
You are troubleshooting OSPF neighbor establishment problems, which are occurring over Frame Relay interfaces that use the default OSPF network type. What should you verify in the router configuration?
the frame-relay map statement on the Frame Relay interface
Users logging into Cisco Router and Security Device Manager should be authenticated using the Cisco ISR local user database. Currently, none of the users can access Cisco Router and Security Device Manager via HTTP. You should check the configuration of which command or commands when attempting to resolve this problem?
ip http authentication local