Download New Latest (May) Cisco 642-737 Actual Tests 21-30

Ensurepass

 

QUESTION 21

Which two statements are true about configuring a wired guest LAN feature? (Choose two.)

 

A.

Create a WLAN on the anchor controller only

B.

Select the management interface as the egress interface to reach the anchor controller

C.

Require an anchor controller to implement

D.

Select the interface that you created as the guest LAN interface in the ingress interface menu

E.

Configure on any controller from version 5.2 forward

 

Answer: BD

 

 

QUESTION 22

When using a controller-based AP network, which type of entry is configured in the Cisco Secure ACS?

 

A.

AAA client using the AP IP address

B.

AAA server using the AP IP address

C.

AAA client using the WLC IP address

D.

AAA server using the WLC IP address

 

Answer: A

 

 

QUESTION 23

Many employees are bringing their own devices to work such as those running Apple iOS for iPhones and iPads. Which three statements correctly describe authentication for these devices? (Choose three.)

 

A.

supports only broadcast networks

B.

supports broadcast and hidden networks

C.

supports only pre-shared key (pass phrase)

D.

supports most EAP types such as EAP-FAST, EAP-TLS, and PEAP

E.

supports WPA only

F.

supports WEP, WPA, and WPA2

 

Answer: BDF

 

 

QUESTION 24

Which wireless attack can cause most client wireless adapters to lock up?

 

A.

management frame flood

B.

NULL probe response

C.

EAPOL flood

D.

RF jamming

E.

disassociation flood

F.

deauthentication flood

 

Answer: B

 

 

QUESTION 25

Which three products are required to produce Cisco Clean Air Security reports? (Choose three.)

 

A.

WLC v7.0

B.

WCS v7.0

C.

MSE v7.0

D.

Spectrum Expert v4.0

E.

1260 AP

F.

3500 AP

 

Answer: ABF

 

 

QUESTION 26

When do NAC out-of-band deployments require user traffic to traverse through the Cisco NAC Server?

 

A.

posture assessment only

B.

802.1X and EAP authentication and remediation

C.

posture assessment and remediation

D.

802.1X and EAP authentication, posture assessment, and remediation

 

Answer: C

 

 

QUESTION 27

Which four attack categories can the Cisco WLC v7.0 IDS detect using the 17 standard signatures? (Choose four.)

 

A.

broadcast deauthentication attacks

B.

Wellenreiter and NetStumbler attacks

C.

management frame floods and EAPOL floods

D.

fragmentation attacks

E.

NULL probe response attacks

F.

RF jamming attacks

 

Answer: ABCE

 

 

QUESTION 28

The Cisco WLC v7.0 is configured for external 802.1X and EAP by using the WPA2 association of wireless clients when using the Cisco Secure ACS v4.2. Which two items are required in the Cisco Secure ACS network configuration to enable correct AAA? (Choose two.)

 

A.

AP IP address

B.

WLC virtual IP address

C.

WLC management IP address

D.

WLC AP management IP address

E.

hostname matching the WLC case-sensitive name

F.

authentication using RADIUS

G.

authentication using TACACS+

 

Answer: CF

 

 

QUESTION 29

Which four conditions can be used in rules to classify rogue APs on a Cisco WLC v7.0? (Choose four.)

 

A.

managed SSID

B.

RSSI

C.

EAP type

D.

no encryption

E.

encryption method

F.

duration

 

Answer: ABDF

 

 

QUESTION 30

Which type of attack is characterized by an evil twin?

 

A.

DoS

B.

man in the middle

C.

jamming

D.

eavesdropping

 

Answer: B

 

Free VCE & PDF File for Cisco 642-737 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …