[Free] Download New Updated (October 2016) Cisco 642-737 Real Exam 11-20

Ensurepass

QUESTION 11

Which protocol port(s) need open access for communication between the MSE and WLC?

 

A.

UDP 16666 and 16667

B.

UDP 5247 and 5264

C.

UDP 161 and 162

D.

UDP 16113

E.

TCP 16113

 

Correct Answer: E

 

 

QUESTION 12

An engineer is segmenting WLAN traffic by security options after the client has received an IP address. Which two security options are possible? (Choose two.)

 

A.

web policy

B.

Cisco Key Integrity Protocol

C.

PSK

D.

802.1x

E.

VPN pass-through

 

Correct Answer: AE

 

 

QUESTION 13

An engineer is configuring 802.1x authentication on an autonomous AP. What two configuration commands must be included on the AP if the RADIUS server IP is 10.9.4.9? (Choose two.)

 

A.

radius-server host 10.9.4.9 auth-port 1812 acct-port 1813 key Cisco123

B.

aaa new-model

C.

aaa authorization

D.

aaa attribute list 10.9.4.9

E.

aaa group server radius 10.9.4.9

 

Correct Answer: AB

 

 

QUESTION 14

When configuring guest WLAN access, which two statements are true? (Choose two.)

 

A.

The SSID that is defined for the guest WLAN on the foreign controllers must be the same as that defined on the anchor controller.

B.

The foreign controllers must be defined with an ingress interface and an egress interface in the guest WLAN.

C.

The foreign and anchor controllers must be configured in a mobility group for the foreign controllers to be able to initiate EoIP tunnels to one or more anchor controllers.

D.

The mobility domain name of the anchor controller should be the same as what is configured for the foreign controllers.

 

Correct Answer: AC

 

 

QUESTION 15

An engineer creating a configuration file to upload to a controller would like the guest WLAN to be set for L3 authentication only. What command must be included in the configuration file?

 

A.

config wlan security web-auth enable 2

B.

config wlan security wpa wpa2 disable 2

C.

config wlan security web-auth server-precedence 2 local radius ldap

D.

config wlan custom-web global enable 2

 

Correct Answer: A

 

 

QUESTION 16

What third party tool can an engineer use to test encryption and authentication?

 

A.

AirSnort

B.

WiControl

C.

NetStumbler

D.

Kismet

 

Correct Answer: A

 

 

QUESTION 17

When creating a custom rogue classification, what three conditions would be added to alert on a specific internal SSID with more than 5 clients at -80db? (Choose three.)

 

A.

SSID

B.

RSSI

C.

SNR

D.

duration

E.

client-count

F.

managed-ssid

 

Correct Answer: BEF

 

 

QUESTION 18

A network engineer is configuring NAC out-of-band integration on the Wireless LAN Controller. What two configuration options are required? (Choose two.)

 

A.

dynamic interface tied to quarantine VLAN

B.

enable guest-lan nac

C.

AP groups

D.

enable NAC State

E.

configure quarantine VLAN on interface as 0

 

Correct Answer: AD

 

 

QUESTION 19

A wireless client has a browser with a manually configured proxy. The Cisco WLC v7.0 has been configured for basic WLAN Layer 3 web pass through with the remaining default configuration. Which two statements are true when the client attempts to connect to a WLAN for guest access using web authentication? (Choose two.)

 

A.

The WLC allows access if the client is requesting a globally resolvable DNS address.

B.

The WLC allows access if it is configured for WebAuth Proxy.

C.

The WLC allows access for a client request to ports 80 or 8080 only.

D.

Access requires DHCP with option 252.

E.

Access requires DHCP with option 150.

 

Correct Answer: BD

 

 

QUESTION 20

A network engineer is troubleshooting using the mping command between the local and DMZ WLC. Which two ports should a network engineer verify are currently open on the firewall between the controllers? (Choose two.)

 

A.

ICMP

B.

IP protocol 97

C.

TCP 91

D.

TCP 16113

E.

UDP 161

F.

UDP 16666

 

Correct Answer: BF

 

Free VCE & PDF File for Cisco 642-737 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …