CCIE Wireless (v3.1)
Question No: 11 – (Topic 1)
Which two effects does TSPEC-based admission control have as it relates to WMM clients?(Choose two.)
Deny clients access to the VLAN that do not support WMM.
Allow access only for VoWLAN traffic when interference is detected.
Enforce airtime entitilement for wireless voice applications.
Ensure that call quality does not degrade for existing VoWLAN calls.
Deny clients access to the WLAN if they do not comply with the TERP standard.
Question No: 12 – (Topic 1)
Which three statements about the high availability configuration on the Cisco 5760 WLCs are true? (Choose three.)
Cisco WLC with more reboots is elected as active when the default stack priority is in use.
EtherChannel bundles all ports on both active and standby Cisco WLC on a logical port.
Cisco 5760 WLC uses a dedicated high availability port for high availability and configuration synchronization.
High availability switchover is triggered when one of the ports on the active Cisco WLC EtherChannel bundle fails.
Active Cisco WLCs in a pair can be identified using LED state without issuing any command on the Cisco WLC console.
Cisco WLC with the highest priority in a stack are elected as the active Cisco WLC during the election process.
All configuration including certificates are automatically synced between active and standby Cisco WLC.
Answer: B,E,F Explanation:
Question No: 13 – (Topic 1)
If a guest anchor controller is used outside the firewall. Which firewall ports must you open for guest access including SNMP and mobility failover features to work in a Cisco Unified Wireless Network?
UDP 16666. IP protocol 90. UDP 162 163
UDP 16667. IP protocol 97. UDP 500 501
UDP 16666. IP protocol 97. UDP 161 162
UDP 12223. IP protocol 97. UDP 161 162
UDP 12222. IP protocol 90. UDP 161 162
Answer: C Explanation:
Question No: 14 – (Topic 1)
VLAN Trunking Protocol is a Cisco proprietary protocol that propagates the definition of VLANs over the local area network. Which two statements are true?(Choose two.)
VTP requires access mode interfaces to propagate.
VTP requires trunk mode interfaces to propagate.
VTP transparent mode forwards VTP packets and can act as a client or a server.
VTP config revision increases base on switch uptime.
When Cisco switches are started from scratch, they are in server mode and their domain is set to null.
Question No: 15 – (Topic 1)
You have added your Active Directory server to the Cisco ISE and see the status as operational. However, when you try to add Active Directory groups to your authorization
policy conditions in the Cisco ISE, no Active Directory groups appear. What is the most likely reason?
You did not add any attributes in the Active Directory join point under the External Identity Sources.
A firewall is blocking TCP port 389 between the Cisco ISE and Active Directory.
You did not add any groups in the Active Directory join point under the External Identity Sources.
The credentials used to join the Cisco ISE to Active Directory do not have sufficient privileges to query Active Directory.
Answer: C Explanation:
Question No: 16 – (Topic 1)
You have been hired to install new Cisco switches at ACME Corporation. The company has an existing Cisco network comprised of access layer switches that use multiple VLANs and VLAN trunking protocol to distribute the VLANs to the switches throughout the network. Which two methods are best to accomplish your task? (Choose two.)
Configure the VLAN Trunking Protocol pruning on the new switches because they may not need all of the VLANs.
Prior to installation, ensure that all switches are running the same Cisco IOS software version as the VTP server.
Ensure that all the new Cisco switches have their VTP domain name set to the default value of null
Configure one of the new switches as a VTP server to distribute the VLANs appropriately.
Ensure that all switches have the same VLAN Trunking Protocol password and
Configure all new switches as VTP clients and relocated switches as VTP server because the already have all the VLANs in their database.
Ensure that all switches are running the same VTP version.
Answer: E,G Explanation: From:
Question No: 17 – (Topic 1)
You are the network administrator at ACME Corporation and currently troubleshooting a Central Web Authentication issue where the guest users are not being redirected to the ISE guest login portal. You have verified that all configuration on the ISE is correct and that the ISE is sending the redirect URL for the client. Which configuration check can help to resolve the issue?
Verify if DADIUS accounting interim update is enabled on the guest SSID.
Verify if SNMP NAC is enabled on the guest SSID.
Verify if the SSID is configured for VVPA2-AES Layer 2 security.
Verify if AAA override is enabled for the guest SSID.
Verify if the RFC 3567 support is enabled under ISE configuration on the Cisco WLC.
Verify if authentication priority for web-auth is set to RADIUS.
Answer: D Explanation:
Question No: 18 – (Topic 1)
You want to set up Prime Infrastructure to be notified when a device configuration has changed. Which option is available in Prime Infrastructure 2.2?
Set up Prime Infrastructure to send an email containing the change audit report on a regularity scheduled basis.
Set up Prime Infrastructure to send an email containing the configuration changes(s) immediately after the configuration change is detected.
Set up Prime Infrastructure to send an email containing the change audit report immediately after the configuration change is detected.
Set up Prime Infrastructure to send an email containing the device configuration change(s) on a regularly scheduled basis.
Answer: A Explanation:
Question No: 19 – (Topic 1)
Which IEEE protocol can help a wireless client device to identify nearby APs that are available as roaming targets?
A. 802.11h B. 802.11ac C. 802.11k D. 802.11n E. 802.11w
Answer: C Explanation:
Question No: 20 – (Topic 1)
On a Cisco 5760 WLC, which of the below is not part of the initial setup script?
Wireless management interface
HTTP server login account
SNMP Network Management
Default routing protocol
Answer: G Explanation:
CT5760ControllerandCatalyst3850SwitchConfigurationExample-Cisco http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/116342-config- wlc-
5760 WLC Initial Configuration
This section outlines the steps to succesfully configure the 5760 WLC in order to host wireless services.
Configure Setup Script
— System Configuration Dialog — Enable secret warning
In order to access the device manager, an enable secret is required
If you enter the initial configuration dialog, you will be prompted for the enable secret
If you choose not to enter the intial configuration dialog, or if you exit setup without setting the enable secret,
please set an enable secret using the following CLI in configuration mode- enable secret 0
Would you like to enter the initial configuration dialog? [yes/no]: yes
At any point you may enter a question mark #39;?#39; for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets #39;#39;.
Basic management setup configures only enough connectivity for management of the system, extended setup will ask you to configure each interface on the system
Would you like to enter basic management setup? [yes/no]: yes Configuring global parameters:
Enter host name [Controller]: w-5760-1
The enable secret is a password used to protect access to privileged EXEC and configuration modes. This password, after
entered, becomes encrypted in the configuration. Enter enable secret: cisco
The enable password is used when you do not specify an
enable secret password, with some older software versions, and some boot images. Enter enable password: cisco
The virtual terminal password is used to protect access to the router over a network interface.
Enter virtual terminal password: cisco
Configure a NTP server now? [yes]: Enter ntp server address : 192.168.1.200
Enter a polling interval between 16 and 131072 secs which is power of 2:16 Do you want to configure wireless network? [no]: no
Setup account for accessing HTTP server? [yes]: yes Username [admin]: admin
Password [cisco]: cisco Password is UNENCRYPTED.
Configure SNMP Network Management? [no]: no Current interface summary
Any interface listed with OK? value quot;NOquot; does not have a valid configuration InterfaceIP-AddressOK? MethodStatusProtocol Vlan1unassignedNOunsetupup GigabitEthernet0/0unassignedYESunsetupup Te1/0/1unassignedYESunsetupup
Te1/0/2unassignedYESunsetdowndown Te1/0/3unassignedYESunsetdowndown Te1/0/4unassignedYESunsetdowndown Te1/0/5unassignedYESunsetdowndown Te1/0/6unassignedYESunsetdowndown Enter interface name used to connect to the
management network from the above interface summary: vlan1 Configuring interface Vlan1:
Configure IP on this interface? [yes]: yes IP address for this interface: 192.168.1.20
Subnet mask for this interface [255.255.255.0] : 255.255.255.0 Class C network is 192.168.1.0, 24 subnet bits; mask is /24
Wireless management interface needs to be configured at startup It needs to be mapped to an SVI that#39;s not Vlan 1 (default)
Enter VLAN No for wireless management interface: 120 Enter IP address :192.168.120.94
Enter IP address mask: 255.255.255.0
The following configuration command script was created: w-5760-1
enable secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY^Q enable password cisco line vty 0 15
ntp server 192.168.1.200 maxpoll 4 minpoll 4 username admin privilege 15 password cisco no snmp-server
no ip routing
interface Vlan1 no shutdown
ip address 192.168.1.20 255.255.255.0
interface GigabitEthernet0/0 shutdown no ip address
interface TenGigabitEthernet1/0/6 vlan 120
interface vlan 120
ip addr 192.168.120.94 255.255.255.0 exit
wireless management interface Vlan120
 Go to the IOS command prompt without saving this config.  Return back to the setup without saving this config.
 Save this configuration to nvram and exit. Enter your selection : 2 Building configuration…
Compressed configuration from 2729 bytes to 1613 bytes[OK]
Use the enabled mode #39;configure#39; command to modify this configuration. Press RETURN to get started!
100% Free Download!
–Download Free Demo:400-351 Demo PDF
100% Pass Guaranteed!
–Download 2017 EnsurePass 400-351 Full Exam PDF and VCE
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|