Download Securing Wireless Enterprise Networks.passit4sure.300-375.2018-08-23.1e.58q.vcex

Download Exam

File Info

Exam Securing Wireless Enterprise Networks
Number 300-375
File Name Securing Wireless Enterprise Networks.passit4sure.300-375.2018-08-23.1e.58q.vcex
Size 4.06 Mb
Posted August 23, 2018
Downloads 52
Download Securing Wireless Enterprise Networks.passit4sure.300-375.2018-08-23.1e.58q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1

An engineer is configuring a new mobility anchor for a WLAN on the CLI with the config wlan mobility anchor add 3 command, but the command is failing. 
Which two conditions must be met to be able to enter this command? (Choose two.)

  • A: The anchor controller IP address must be within the management interface subnet.
  • B: The anchor controller must be in the same mobility group.
  • C: The WLAN ID must be enabled.
  • D: The mobility group keepalive must be configured.
  • E: The indicated WLAN ID must be present on the controller.

Correct Answer: AB

Question 2

A customer has deployed PEAP authentication with a Novell eDirectory LDAP Server. Which authentication method must be configured on the client to support this deployment?


Correct Answer: C

PEAP-GTC is the current authentication requirement for the majority of the K-12 schools. WLC does not support MSCHAPv2 for Local EAP Authentication. As a result, you must choose GTC for the EAP Authentication type on the client. 

Question 3

Access points at branch sites for a company are in FlexConnect mode and perform local switching, but they authenticate to the central RADIUS at headquarters. VPN connections to the headquarters have gone down, but each branch site has a local authentication server.  
Which three features on the wireless controller can be configured to maintain network operations if this situation reoccurs? (Choose three.)

  • A: Put APs in FlexConnect Group for Remote Branches.
  • B: Set Branch RADIUS as Primary.
  • C: Put APs in AP Group Per Branch.
  • D: Put APs in FlexConnect Group Per Branch.
  • E: Set Branch RADIUS as Secondary.
  • F: Set HQ RADIUS as Primary.

Correct Answer: AEF

Question 4

Which security method does a Cisco guest wireless deployment that relies on Cisco ISE guest portal for user authentication use?

  • A: Layer 2 and Layer 3
  • B: Layer 2 only
  • C: No security methods are needed to deploy CWA
  • D: Layer 3 only

Correct Answer: B


Question 5

Which two options are types of MFP that can be performed? (Choose two.)

  • A: message integrity check
  • B: infrastructure
  • C: client
  • E: RSN

Correct Answer: BC


Question 6

An engineer has determined that the source of an authentication issue is the client laptop. Which three items must be verified for EAP-TLS authentication? (Choose three.)

  • A: The client certificate is formatted as X.509 version 3.
  • B: The validate server certificate option is disabled.
  • C: The client certificate has a valid expiration date.
  • D: The user account is the same in the certificate.
  • E: The supplicant is configured correctly.
  • F: The subject key identifier is configured correctly.

Correct Answer: ADF


Question 7

An engineer requires authentication for WPA2 that will use fast rekeying to enable clients to roam from one access point to another without going through the controller. 
Which security option should be configured?

  • A: PSK
  • B: AES
  • C: Cisco Centralized Key Management
  • D: 802.1x

Correct Answer: C

Cisco Centralized Key Management (CCKM) is the first fast-secure roaming method developed and implemented on enterprise WLANs, created by Cisco as the solution used in order to mitigate the delays explained thus far, when 802.1X/EAP security is used on the WLAN. As this is a Cisco proprietary protocol, it is only supported by Cisco WLAN infrastructure devices and wireless clients (from multiple vendors) that are Cisco Compatible Extension (CCX)-compatible for CCKM. 
CCKM can be implemented with all of the different encryption methods available for WLANs, to include: WEP, TKIP, and AES. It is also supported with most of the 802.1X/EAP authentication methods used for WLANs, dependent upon the CCX version supported by the devices.

Question 8

Refer to the exhibit. 


A customer is having problems with clients associating to the wireless network. Based on the configuration, which option describes the most likely cause of the issue?

  • A: Both AES and TKIP must be enabled.
  • B: SA Query Timeout is set too low.
  • C: Comeback timer is set too low.
  • D: PMF is set to “required”.
  • E: MAC Filtering must be enabled.

Correct Answer: E

Question 9

Refer to the exhibit. Configure the WLC to support WPA+WPA2 with PSK. Create a new WLAN ID 11. The SSID and Profile Name should be the same. The Controller Management interface has been preconfigured for you. The Client Laptop will automatically connect to the WLAN if your configuration is correct. Verify your configuration by using the Cisco 2504 WLC screens when you have completed the configuration. 
Note, not all menu items, text boxes, or radio buttons are active. 







  • A: See the explanation below

Correct Answer: 1

Please refer to this link to configure new WLC:

Question 10

Which Cisco feature must an engineer configure on a Cisco WLC to enable PCI specification compliance for communication of neighbor radio information?

  • A: RF Grouping
  • B: MFP
  • C: Rogue Access Point Detection
  • D: RRM NDP
  • E: Off Channel Scanning

Correct Answer: D

The Cisco Neighbor Discovery Packet (NDP) is the fundamental tool for RRM and other wireless applications that provides information about the neighbor radio information. You can configure the Cisco WLC to encrypt neighbor discovery packets. This feature enables you to be compliant with the PCI specifications. 





You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX and EXAM files