[Free] Download New Updated (October 2016) Cisco 642-737 Real Exam 1-10

By | October 5, 2016

Ensurepass

QUESTION 1

Which two considerations must a network engineer have when planning for voice over wireless roaming? (Choose two.)

 

A.

Roaming with only 802.1x authentication requires full reauthentication.

B.

Full reauthentication introduces gaps in a voice conversation.

C.

Roaming occurs when e phone has seen at least four APs.

D.

Roaming occurs when the phone has reached -80 dBs or below.

 

Correct Answer: AB

 

 

QUESTION 2

Which three of the items listed are required configuration parameters for the WLC to enable NAC out-of-band single sign-on when implementing NAC appliances? (Choose three.)

 

A.

EAP authentication

B.

web authentication

C.

SNMP

D.

RADIUS accounting

E.

WLAN > SNMP NAC enabled

F.

WLAN > RADIUS NAC enabled

 

Correct Answer: CDE

 

 

QUESTION 3

An engineer is responding to a man-in-the-middle attack and needs to enable security features to prevent such attacks in the future. What security feature would prevent a man- in-the-middle attack?

 

A.

Management Frame Protection

B.

ACL

C.

Enable client and infrastructure MFP

D.

AAA Override

 

Correct Answer: C

 

 

QUESTION 4

What NAC appliance component is configured to create user roles, meet remediation requirements, and handle checking for device compliance?

 

A.

NGS

B.

NAA

C.

NAS

D.

NAM

 

Correct Answer: D

 

 

 

 

QUESTION 5

Refer to the exhibit. What is the effect of setting Client Exclusion to Enabled and set to a Timeout Value of 0 seconds in a Cisco WLC v7.0?

 

clip_image002

 

A.

Excluded clients must be manually removed from the excluded list.

B.

Client exclusion will not occur.

C.

Client exclusion timeout will be determined by the IDS module.

D.

Clients will only be disconnected and not excluded.

 

Correct Answer: A

 

 

QUESTION 6

When using the Microsoft WLAN AutoConfig feature, which 802.1X authentication method is not supported natively by Windows 7?

 

A.

EAP-TLS

B.

EAP-FAST

C.

PEAP with MS-CHAPv2

D.

PEAP with GTC

 

Correct Answer: B

 

 

QUESTION 7

Which two things should you verify if the Cisco NAC Guest Server is configured on the network and the client cannot access the guest network? (Choose two.)

 

A.

The controller can ping the Cisco NAC Guest Server.

B.

The controller can mping and eping the Cisco NAC Guest Server.

C.

AAA override is enabled on the guest WLAN.

D.

Controllers and the Cisco NAC Guest Server are in the same mobility group.

 

Correct Answer: AC

 

QUESTION 8

Authentication is failing between a client and the RADIUS server. Which WLC troubleshooting command set might be useful to assist in troubleshooting the issue?

 

A.

show local-auth

B.

debug ldap

C.

debug aaa local-auth

D.

debug dot1X event

 

Correct Answer: D

 

 

QUESTION 9

A WLAN is configured for AAA override. Valid user authentications are failing due to a custom ACL. What are two reasons the authentication could fail? (Choose two.)

 

A.

The ACL returned does not exist on the WLC.

B.

The name of the ACL on the WLC is not spelled correctly.

C.

The interface referred to in the returned ACL does not exist on the WLC.

D.

The ACL returned to the WLC prevents the end user device from receiving a DHCP address.

E.

The ACL name attribute has not been configured on the Cisco Secure ACS

 

Correct Answer: AB

 

 

QUESTION 10

What does the eping mobility_peer_IP_address command do?

 

A.

It tests EoIP connectivity via port 97 though the management interface.

B.

It tests EoIP connectivity via port 97 though the AP manager interface.

C.

It tests UDP connectivity via port 16666 through the management interface.

D.

It tests UDP connectivity via port 16666 through the AP manager interface.

 

Correct Answer: A

 

Free VCE & PDF File for Cisco 642-737 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …