Categories
300-430 Dumps

300-430 Real Exam Dumps Questions and answers 11-20

Get Full Version of the Exam
http://www.EnsurePass.com/300-430.html

Question No.11

Which command set configures a Cisco Catalyst 9800 Series Wireless Controller so that the client traffic enters the network at the AP switch port?

A.

image

B.

C.

D.

image

Answer: B

Question No.12

What is the difference between PIM sparse mode and PIM dense mode?

A.

Sparse mode supports only one switch. Dense mode supports multiswitch networks.

B.

Sparse mode floods. Dense mode uses distribution trees.C. Sparse mode uses distribution trees. Dense mode floods.

C.

Sparse mode supports multiswitch networks. Dense mode supports only one switch.

Answer: C

Question No.13

image

Refer to the exhibit. Which two items must be supported on the VoWLAN phones to take full advantage of this WLAN configuration? (Choose two.)

A.

TSPEC

B.

SIFS

C.

802.11e

D.

WMM

E.

APSD

Answer: CD

Question No.14

A user is trying to connect to a wireless network that is configured for WPA2-Enterprise security using a corporate laptop. The CA certificate for the authentication server has been installed on the Trusted Root Certification Authorities store on the laptop. The user has been prompted to enter the credentials multiple times, but the authentication has not succeeded. What is causing the issue?

A.

There is an IEEE invalid 802.1X authentication policy on the authentication server.

B.

The user Active Directory account is locked out after several failed attempts.

C.

There is an invalid 802.1X authentication policy on the authenticator.

D.

The laptop has not received a valid IP address from the wireless controller.

Answer: C

Question No.15

A new MSE with wIPS service has been installed and no alarm information appears to be reaching the MSE from controllers. Which protocol must be allowed to reach the MSE from the controllers?

A.

SOAP/XML

B.

NMSP

C.

CAPWAP

D.

SNMP

Answer: A

Question No.16

An engineer completed the basic installation for two Cisco CMX servers and is in the process of configuring high availability, but it fails. Which two statements about the root of the issue are true? (Choose two.)

A.

The Cisco CMX instances are installed in the same subnet.

B.

The types of the primary and secondary Cisco CMX installations differ.

C.

The delay between the primary and secondary instance is 200 ms.

D.

The sizes of the primary and secondary Cisco CMX installations differ.

E.

Both Cisco CMX installations are virtual.

Answer: BD

Question No.17

An engineer wants the wireless voice traffic class of service to be used to determine the queue order for packets received, and then have the differentiated services code point set to match when it is resent to another port on the switch. Which configuration is required in the network?

A.

Platinum QoS configured on the WLAN

B.

WMM set to required on the WLAN

C.

msl qos trust dscp configured on the controller switch port

D.

msl qos trust cos configured on the controller switch port

Answer: C

Question No.18

For security purposes, an engineer enables CPU ACL and chooses an ACL on the Security gt; Access Control Lists gt; CPU Access Control Lists menu. Which kind of traffic does this change apply to, as soon as the change is made?

A.

wireless traffic only

B.

wired traffic only

C.

VPN traffic

D.

wireless and wired traffic

Answer: A

Question No.19

An engineer must implement Cisco Identity-Based Networking Services at a remote site using ISE to dynamically assign groups of users to specific IP subnets. If the subnet assigned to a client is available at the remote site, then traffic must be offloaded locally, and subnets are unavailable at the remote site must be tunneled back to the WLC. Which feature meets these requirements?

A.

learn client IP address

B.

FlexConnect local authentication

C.

VLAN-based central switching

D.

central DHCP processing

Answer: C

Question No.20

The IT manager is asking the wireless team to get a report for all guest user associations during the past two weeks. In which two formats can Cisco Prime save this report? (Choose two.)

A.

CSV

B.

PDF

C.

XLS

D.

DOC

E.

plain text

Answer: AB

Explanation/Reference:

Reference:

https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-2/user/guide/bk_CiscoPri meInfrastructure_3_2_0_UserGuide/bk_CiscoPrimeInfrastructure_3_2_0_UserGuide_chapter_01 010.html

Get Full Version of 300-430 Dumps

Categories
300-430 Dumps

300-430 Real Exam Dumps Questions and answers 21-30

Get Full Version of the Exam
http://www.EnsurePass.com/300-430.html

Question No.21

Which devices can be tracked with the Cisco Context Aware Services?

A.

wired and wireless devices

B.

wireless devices

C.

wired devices

D.

Cisco certified wireless devices

Answer: A

Explanation/Reference:

Reference:

https://www.cisco.com/c/en/us/support/docs/wireless/context-aware-software/110836-cas-faq.htm l

Question No.22

All APs are receiving multicast traffic, instead of only the APs that need it. What is the cause of this problem?

A.

The multicast group includes all APs

B.

The wrong multicast address was used

C.

The multicast group is assigned the wrong VLAN

D.

Multicast IGMP snooping is not enabled

Answer: D

Question No.23

An IT team is growing quickly and needs a solution for management device access. The solution must authenticate users from an external repository instead of the current local on the WLC, and it must also identify the user and determine what level of access users should have. Which protocol do you recommend to achieve these goals?

A.

network policy server

B.

RADIUS

C.

TACACS

D.

LDAP

Answer: C

Question No.24

Which two events are outcomes of a successful RF jamming attack? (Choose two.)

A.

disruption of WLAN services

B.

unauthentication association

C.

deauthentication broadcast

D.

deauthentication multicast

E.

physical damage to AP hardware

Answer: AE

Question No.25

Which two steps are needed to complete integration of the MSE to Cisco Prime Infrastructure and be able to track the location of clients/rogues on maps? (Choose two.)

A.

Synchronize access points with the MSE.

B.

Add the MSE to Cisco Prime Infrastructure using the CLI credentials.

C.

Add the MSE to Cisco Prime Infrastructure using the Cisco Prime Infrastructure communication credentials configured during set up.

D.

Apply a valid license for Wireless Intrusion Prevention System.

E.

Apply a valid license for location tracking.

Answer: DE

Question No.26

An engineer is performing a Cisco Hyperlocation accuracy test and executes the cmxloc start command on Cisco CMX. Which two parameters are relevant? (Choose two.)

A.

X, Y real location

B.

client description

C.

AP name

D.

client MAC address

E.

WLC IP address

Answer: AD

Question No.27

A network engineer observes a spike in controller CPU overhead and overall network utilization after multicast is enabled on a controller with 500 APs. Which feature connects the issue?

A.

controller IGMP snooping

B.

multicast AP multicast mode

C.

broadcast forwarding

D.

unicast AP multicast mode

Answer: B

Question No.28

Refer to the exhibit. An engineer must connect a fork lift via a WGB to a wireless network and must authenticate the WGB certificate against the RADIUS server. Which three steps are required for this configuration? (Choose three.)

image

A.

Configure the certificate, WLAN, and radio interface on WGB.

B.

Configure the certificate on the WLC.

C.

Configure WLAN to authenticate using ISE.

D.

Configure the access point with the root certificate from ISE.

E.

Configure WGB as a network device in ISE.

F.

Configure a policy on ISE to allow devices to connect that validate the certificate.

Answer: ACF

Question No.29

On a branch office deployment, it has been noted that if the FlexConnect AP is in standalone

mode and loses connection to the WLC, all clients are disconnected, and the SSID is no longer advertised. Considering that FlexConnect local switching is enabled, which setting is causing this behavior?

A.

ISE NAC is enabled

B.

802.11r Fast Transition is enabled

C.

Client Exclusion is enabled

D.

FlexConnect Local Auth is disabled

Answer: D

Question No.30

What is the default IEEE 802.1x AP authentication configuration on a Cisco Catalyst 9800 Series Wireless Controller?

A.

EAP-PEAP with 802.1x port authentication

B.

EAP-TLS with 802.1x port authentication

C.

EAP-FAST with CAPWAP DTLS port authentication

D.

EAP-FAST with CAPWAP DTLS

Answer: C

Get Full Version of 300-430 Dumps

Categories
300-430 Dumps

300-430 Real Exam Dumps Questions and answers 31-40

Get Full Version of the Exam
http://www.EnsurePass.com/300-430.html

Question No.31

When using a Cisco Catalyst 9800 Series Wireless Controller, which statement about AutoQoS is true?

A.

It has a set of predefined profiles that you cannot modify further

B.

It matches traffic and assigns each matched packet to QoS groups

C.

It automates deployment of wired QoS and makes wireless QoS implementation easier

D.

It allows the output policy map to put specific QoS queues into specific subgroups

Answer: B

Question No.32

An engineer must implement rogue containment for an SSID. What is the maximum number of APs that should be used for

containment?

A.

1

B.

2

C.

3

D.

4

Answer: D

Explanation/Reference:

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/technology/roguedetection_deploy/Rogue_Detecti on.html

Question No.33

What is the maximum time range that can be viewed on the Cisco DNA Center issues and alarms page?

A.

3 hours

B.

24 hours

C.

3 days

D.

7 days

Answer: B

Question No.34

An engineer is implementing a FlexConnect group for access points at a remote location using local switching but central DHCP. Which client feature becomes available only if this configuration is changed?

A.

multicast

B.

static IP

C.

fast roaming

D.

mDNS

Answer: B

Question No.35

What is the default NMSP echo interval between Cisco MSE and a Wireless LAN Controller?

A.

10 seconds

B.

15 seconds

C.

30 seconds

D.

60 seconds

Answer: B

Explanation/Reference:

Reference: https://www.cisco.com/en/US/docs/wireless/mse/3350/6.0/CAS/configuration/guide/msecg_ch4_ CAS.html

Question No.36

An engineer configures a Cisco Aironet 600 Series OfficeExtend AP for a user who works remotely. What is configured on the Cisco WLC to allow the user to print a printer on his home network?

A.

split tunneling

B.

SE-connect

C.

FlexConnect

D.

AP failover priority

Answer: A

Explanation/Reference:

Reference:

https://www.cisco.com/c/en/us/support/docs/wireless/aironet-602-officeextend-access-point/1175 40-configure-splittunneloeap-00.html

Question No.37

When implementing self-registration for guest/BYOD devices, what happens when an employee tries to connect four devices to the network at the same time?

A.

The last device is removed and the newly added device is updated as active device.

B.

The registration is allowed, but only one device is connected at any given time.

C.

All devices are allowed on the network simultaneously.

D.

Purge time dictates how long a device is registered to the portal.

Answer: B

Question No.38

Where is Cisco Hyperlocation enabled on a Cisco Catalyst 9800 Series Wireless Controller web interface?

A.

Policy Profile

B.

AP Join Profile

C.

Flex Profile

D.

RF Profile

Answer: B

Explanation/Reference:

Reference:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/cisc o-hyperlocation.html

Question No.39

A customer is experiencing performance issues with its wireless network and asks a wireless

engineer to provide information about all sources of interference and their impacts to the wireless network over the past few days. Where can the requested information be accessed?

A.

CleanAir reports on Cisco Prime Infrastructure

B.

Performance reports on Cisco Prime Infrastructure

C.

Interference Devices reports on Cisco Wireless LAN Controller

D.

Air Quality reports on Cisco Wireless LAN Controller

Answer: A

Question No.40

An engineer is following the proper upgrade path to upgrade a Cisco AireOS WLC from version

7.3 to 8.9. Which two ACLs for Cisco CWA must be configured when upgrading from the specified codes? (Choose two.)

A.

Permit 0.0.0.0 0.0.0.0 UDP any any

B.

Permit 0.0.0.0 0.0.0.0 any DNS any

C.

Permit 0.0.0.0 0.0.0.0 UDP DNS anyD. Permit 0.0.0.0 0.0.0.0 UDP any DNS

D.

Permit any any any

Answer: AD

Get Full Version of 300-430 Dumps

Categories
300-430 Dumps

300-430 Real Exam Dumps Questions and answers 1-10

Get Full Version of the Exam
http://www.EnsurePass.com/300-430.html

Question No.1

A wireless engineer must implement a corporate wireless network for a large company in the most efficient way possible. The wireless network must support 32 VLANs for 300 employees in different departments. Which solution must the engineer choose?

A.

Configure a second WLC to support half of the APs in the deployment.

B.

Configure one single SSID and implement Cisco ISE for VLAN assignment according to different user roles.

C.

Configure different AP groups to support different VLANs, so that all of the WLANs can be broadcast on both radios.

D.

Configure 16 WLANs to be broadcast on the 2.4-GHz band and 16 WLANs to be broadcast on the 5.0-GHz band.

Answer: B

Question No.2

A corporation has recently implemented a BYOD policy at their HQ. Which two risks should the security director be concerned about? (Choose two.)

A.

network analyzers

B.

malware

C.

lost and stolen devices

D.

keyloggers

E.

unauthorized users

Answer: BC

Question No.3

Which two restrictions are in place with regards to configuring mDNS? (Choose two.)

A.

mDNS uses only UDP port 5436 as a destination port.

B.

mDNS cannot use UDP port 5353 as the destination port.

C.

mDNS is not supported on FlexConnect APs with a locally switched WLAN.

D.

Controller software must be newer than 7.0.6 .

E.

mDNS is not supported over IPv6.

Answer: CD

Question No.4

An engineer configures the wireless LAN controller to perform 802.1x user authentication. Which configuration must be enabled to ensure that client devices can connect to the wireless, even when WLC cannot communicate with the RADIUS?

A.

pre-authentication

B.

local EAP

C.

authentication caching

D.

Cisco Centralized Key Management

Answer: B

Question No.5

Which QoS level is recommended for guest services?

A.

gold

B.

bronze

C.

platinum

D.

silver

Answer: B

Question No.6

Which feature on the Cisco Wireless LAN Controller must be present to support dynamic VLAN mapping?

A.

FlexConnect ACL

B.

VLAN name override

C.

CCKM/OKC

D.

AAA override

Answer: D

Question No.7

Which two statements about the requirements for a Cisco Hyperlocation deployment are true? (Choose two.)

A.

After enabling Cisco Hyperlocation on Cisco CMX, the APs and the wireless LAN controller must be restarted.

B.

NTP can be configured, but that is not recommended.

C.

The Cisco Hyperlocation feature must be enabled on the wireless LAN controller and Cisco CMX.

D.

The Cisco Hyperlocation feature must be enabled only on the wireless LAN controller.

E.

If the Cisco CMX server is a VM, a high-end VM is needed for Cisco Hyperlocation deployments.

Answer: AC

Question No.8

An engineer must use Cisco AVC on a Cisco WLC to prioritize Cisco IP cameras that use the wireless network. Which element do you configure in a rule?

A.

permit-ACL

B.

WMM required

C.

mark

D.

rate-limit

Answer: C

Question No.9

An engineer wants to configure WebEx to adjust the precedence and override the QoS profile on the WLAN. Which configuration is needed to complete this task?

A.

Change the WLAN reserved bandwidth for WebEx

B.

Create an AVC profile for WebEx

C.

Create an ACL for WebEx

D.

Change the AVC application WebEx-app-sharing to mark

Answer: B

Question No.10

Which three properties are used for client profiling of wireless clients? (Choose three.)

A.

HTTP user agent

B.

DHCP

C.

MAC OUI

D.

hostname

E.

OS version

F.

IP address

Answer: ABC

Get Full Version of 300-430 Dumps