[Free] Download New Updated (August 2016) Cisco 300-075 Real Exam 11-20

Ensurepass

QUESTION 11

A corporation has recently implemented a BYOD policy at their HQ. Which three risks should the security director be concerned about? (Choose three.)

 

A.

unauthorized users

B.

rogue ad-hocs

C.

software piracy

D.

lost and stolen devices

E.

malware

F.

keyloggers

 

Correct Answer: ACE

 

 

QUESTION 12

Which client roam is considered the fastest in a wireless deployment using Cisco IOS XE mobility controllers and mobility agents?

 

A.

Roam within stack members

B.

Inlet-SPG roam

C.

Interdomain roam

D.

Intermobility roam

E.

lntra-SPG roam

 

Correct Answer: E

 

 

 

 

QUESTION 13

WPA2 Enterprise with 802.1x is being used for clients to authenticate to a wireless network through an ACS server. For security reasons, the network engineer wants to ensure only PEAP authentication can be used. The engineer sent instructions to clients on how to configure their supplicants, but users are still in the ACS logs authentication using EAP- FAST. Which option describes the most efficient way the engineer can ensure these users cannot access the network unless the correct authentication mechanism is configured?

 

A.

Enable AAA override on the SSID, gather the usernames of these users, and disable their RADIUS accounts until they make sure they correctly configured their devices.

B.

Enable AAA override on the SSID and configure an access policy in ACS that denies access to the list of MACs that have used EAP-FAST.

C.

Enable AAA override on the SSID and configure an access policy in ACS that allows access only when the EAP authentication method i
s PEAP.

D.

Enable AAA override on the SSID and configure an access policy in ACS that puts clients that authenticated using EAP-FAST into a quarantine VLAN.

 

Correct Answer: D

 

 

QUESTION 14

An engineer is configuring a BYOD deployment strategy and prefers a single SSID model. Which technology is required to accomplish this configuration?

 

A.

mobility service engine

B.

wireless control system

C.

identify service engine

D.

Prime Infrastructure

 

Correct Answer: C

 

 

QUESTION 15

Which Cisco feature must an engineer configure on a cisco WLC to enable PCI specification compliance for communication of neighbor radio information?

 

A.

RF Grouping

B.

MFP

C.

Rogue Access Point Detection

D.

RRM NDP

E.

Off Channel Scanning

 

Correct Answer: D

 

 

 

 

 

 

 

 

 

 

 

QUESTION 16

clip_image002

clip_image004

clip_image005

clip_image007

clip_image008

 

WIRELESS

clip_image010

 

SECURITY

clip_image012

 

Which configuration changes need to be made to allow WPA2 + PSK to operate property on the East-WLC-2504A controller? (Choose four.)

 

A.

Disable Dynamic AP Management.

B.

Click on the Status Enabled radio button.

C.

Change the Layer 3 Security to Web Policy.

D.

Change the WPA + WPA2 Parameters to WPA2 Policy-AES.

E.

Change the PSK Format to HEX.

F.

Change the WLAN ID.

G.

Change the VLAN Identifier.

H.

Change the IP Address of the Virtual interface.

I.

Change the SSID name of the WLAN.

J.

Click on the PSK radio button and add the password in the text box.

 

Correct Answer: BFIJ

 

QUESTION 17

Which CLI command do you use on Cisco IOS XE Software to put the AP named Floor1_AP1 back in the default AP group?

 

A.

ap Floor1_AP1 ap-groupname default-group

B.

ap name Floor1_AP1 apgroup default-group

C.

ap name Floor1_AP1 ap-groupname default-group

D.

ap name Floor1_AP1 ap-groupname default

 

Correct Answer: C

 

 

QUESTION 18

Refer to the exhibit. A WLAN with the SSID “Enterprise” is configured. Which rogue is marked as malicious?

 

clip_image014

 

A.

a rogue with two clients, broadcasting the SSID “Employee” heard at -50 dBm

B.

a rogue with no clients, broadcasting the SSID “Enterprise” heard at -50 dBm

C.

a rouge with two clients, broadcasting the SSID “Enterprise” heard at -80 dBm

D.

a rogue with two clients, broadcasting the SSID “Enterprise” heard at -50 dBm

 

Correct Answer: C

 

 

QUESTION 19

Which three options are valid client profile probes m Cisco ISE? (Choose three.)

 

A.

DHCP

B.

802.1X

C.

CCX

D.

NetFlow

E.

TACACS

F.

HTTP

 

Correct Answer: ADF

 

 

 

 

QUESTION 20

An engineer is changing the authentication method of a wireless network from EAP-FAST to EAP-TLS. Which two changes are necessary? (Choose two.)

 

A.

Cisco Secure ACS is required.

B.

A Cisco NAC server is required.

C.

All authentication clients require their own certificates.

D.

The authentication server now requires a certificate.

E.

The users require the Cisco AnyConnect client.

 

Correct Answer: CD

 

Free VCE & PDF File for Cisco 300-075 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …