642-737 - Implementing Advanced Cisco Unified Wireless Security

Go back to Cisco

Example Questions

Which option verifies that a wireless client has authenticated to a WLAN when performing NAC using the Cisco NAC Appliance Manager and Server? Which statement correctly describes a wireless client connection to the Cisco WLC v7.0 that is configured for web guest access? Which two EAP type(s) require a client certificate? (Choose two.) When configuring the WLC for NAC out-of-band, which device will be used for SNMP trap receiver IP address entries? In which three places can certificates be used in a WLAN to provide secure communications? (Choose three.) Which two things should you verify if the Cisco NAC Guest Server is configured on the network and the client cannot access the guest network? (Choose two.) An engineer is configuring 802.1x authentication on an autonomous AP. What two configuration commands must be included on the AP if the RADIUS server IP is (Choose two.) When deploying wireless Cisco NAC OOB operations, which device signals the WLC to switch a user from a quarantine VLAN to an access VLAN? Which answer best describes the implementation of IBN using the Cisco WLC v7.0 and Cisco Secure ACS v4.2? A wireless client has a browser with a manually configured proxy. The Cisco WLC v7.0 has been configured for basic WLAN Layer 3 web pass through with the remaining default configuration. Which two statements are true when the client attempts to connect to a WLAN for guest access using web authentication? (Choose two.) What does the Cisco WLC v7.0 use to encrypt broadcast and multicast frames that are sent to a wireless client? Which two tools help to provide PCI compliance reports? (Choose two.) Which two statements are true about configuring a wired guest LAN feature? (Choose two.) Wireless NAC single sign-on uses which type of RADIUS records to notify the Cisco NAC Appliance Manager about the authenticated wireless clients? Which type of attack is a result of a WLAN being overwhelmed by 802.1X authentication requests? Which protocol port(s) need open access when deploying NAC appliances to communicate with the Cisco WLC v7.0 to move an authenticated user from the quarantine VLAN to the access VLAN? When deploying wireless Cisco NAC OOB operations, which appliance performs VLAN mappings to map the quarantine VLANs to the access VLANs? Employees are allowed to start bringing their own wireless devices to work for use on the 802.11a/b/g/n WLAN when using their existing credentials. However, they are experiencing issues. Which two items are the most probable cause of these issues? (Choose two.) Which two statements best describe the local authentication configuration options for a Cisco WLC v7.0 and local mode AP? (Choose two.) For wireless NAC out-of-band operations, which protocol is used between the Cisco NAC Appliance Manager and the wireless controller to switch the wireless client from the quarantine VLAN to the access VLAN after the client has passed the NAC authentication and posture assessment process? When using a controller-based AP network, which type of entry is configured in the Cisco Secure ACS? Authentication is failing between a client and the RADIUS server. Which WLC troubleshooting command set might be useful to assist in troubleshooting the issue? How is the MSE enabled to support wIPS service? What is the maximum number of ACLs that can be applied to a Cisco WLC v7.0 interface? Which EAP protocol(s) can be used by a controller-based AP on Ethernet for 802.1X authentication to a switch? Which statement about the Cisco NAC Guest Server that is deployed in wireless guest access implementations is true? Which two attacks represent a social engineering attack? (Choose two.) Which two options are supported when deploying wireless NAC out-of-band implementations? (Choose two.) Which option correctly lists the EAP protocol(s) that can be configured on an autonomous AP for local authentication? Which Cisco WLC v7.0 CLI family of commands helps to verify the PAC status for client association when using local-EAP? Which two situations permit the Cisco WCS v7.0 to successfully trace a rogue to a switch port? (Choose two.) Which key is used to encrypt unicast traffic between the supplicant and the AP after EAP authentication has completed? Which two statements about the sponsor accounts on the Cisco NAC Guest Server are true? (Choose two.) 802.1X AP supplicant credentials have been enabled and configured on a Cisco WLC v7.0 in both the respective Wireless>AP>Global Configuration location and AP>Credentials tab locations. What describes the 802.1X AP authentication process when connected via Ethernet to a switch? The NetStumbler tool is an example of which wireless attack type? What does the eping mobility_peer_IP_address command do? How do you configure the Cisco Secure ACS v4.2 and Cisco WLC v7.0 to provide the most flexibility for the management of authorized access on the WLC? Which one of the following best describes the implementation of VLAN pooling on a Cisco WLC v7.0? Which two firewall ports must be opened for the anchor controller to operate properly with a foreign controller for guest access? (Choose two.) Which statement describes the major difference between PEAP and EAP-FAST client authentication? Client Management Frame Protection is supported on which Cisco Compatible Extensions version clients? An engineer has found that many PCs on the network are still using Windows XP. What wireless security feature would be missing from the base operating system? When configuring guest WLAN access, which two statements are true? (Choose two.) When deploying wIPS, which protocol is used to communicate between the Cisco WLC v7.0 and the MSE? When a supplicant and AAA server are configured to use PEAP, which mechanism is used by the client to authenticate the AAA server in Phase One? A Cisco WLC v7.0 has been only initially configured through the console setup CLI wizard. A new AP has just finished association with the controller. What is the default mode of remote access to the AP? Which two parameters can directly affect client roaming decisions? (Choose two.) Configuring the Cisco Secure ACS with a self-signed certificate supports which requirement? Employees adjust their wireless laptop for work at the office and when away from the office. What are the two most likely security issues for an employee laptop when connected at the corporate WLAN? (Choose two.) When using the Microsoft WLAN AutoConfig feature, which 802.1X authentication method is not supported natively by Windows 7?