15 February, 2020

Pinpoint Cisco 300-375 Paper

Master the 300-375 Securing Cisco Wireless Enterprise Networks content and be ready for exam day success quickly with this Passleader 300-375 test questions. We guarantee it!We make it a reality and give you real 300-375 questions in our Cisco 300-375 braindumps.Latest 100% VALID Cisco 300-375 Exam Questions Dumps at below page. You can use our Cisco 300-375 braindumps and pass your exam.

Free demo questions for Cisco 300-375 Exam Dumps Below:

Page: 1 / 10

Total 124 questions Full Exam Access

Question 1

Which two options are types of MFP that can be performed? (Choose two.)

message integrity check

infrastructure

client

AES-CCMP

RSN

Question 2

Refer to the exhibit. What do the red circles represent in the exhibit?
300-375 dumps exhibit

detected interferes

RSSI cutoff

wIPs attackers

zones of impact

Question 3

An engineer is troubleshooting rogue access points that are showing up in Cisco Prime Infrastructure. What is the maximum number of Aps the engineer can use to contain an identified rogue access point in the WLC?

Question 4

When you configure BYOD access to the network, you face increased security risks and challenges. Which challenge is resolved by deploying digital client certificates?

managing the increase connected devices

ensuring wireless LAN performance and reliability

providing device choice and support

enforcing company usage policies

Question 5

Which option determines which RADIUS server is preferred the most by the Cisco WLC?

the Server Index (Priority) drop-down list

the server status

the server IP address

the port number

Question 6

Which configuration step is necessary to enable Visitor Connect on an SSID?

A preauthentication ACL must be defined.

Local client profiling must be enabled.

The SSID must use MAC filtering.

A passive client must be enabled.

Question 7

Which security method does a Cisco guest wireless deployment that relies on Cisco ISE guest portal for user authentication use?

Layer 2 and Layer 3

Layer 2 only

No security methods are needed to deploy CWA

Layer 3 only

Question 8

802.1X AP supplicant credentials have been enabled and configured on a Cisco WLC v7.0 in both the respective Wireless>AP>Global Configuration location and AP>Credentials tab locations. What describes the 802.1X AP authentication process when connected via Ethernet to a switch?

Only WLC AP global credentials are used.

Only AP credentials are used.

WLC global AP credentials are used first; upon failure, the AP credentials are used.

AP credentials are used first; upon failure, the WLC global credentials are use

Question 9

Scenario
Local Web Auth has been configured on the East-WLC-2504A, but it is not working. Determine which actions must be taken to restore the Local Web Auth service. The Local Web Auth service must operate only with the Contractors WLAN.
Contractors WLAN ID – 10 Employees WLAN ID - 2
Note, not all menu items, text boxes, or radio buttons are active.
300-375 dumps exhibit

Virtual Terminal
300-375 dumps exhibit

Which four changes must be made to configuration parameters to restore the Local Web Auth feature on the East-WLC-2504A? Assume the passwords are correctly entered as “ciscotest”. (Choose four.)

Remove the existing Local Net User Bill Smith and add a New Local Net User “Bill Smith” password “ciscotest’, WLAN Profile “Contractors”.

Remove WLAN 10 and WLAN 2, replace WLAN 10 with Profile Name Employees and SSID Contractors;replace WLAN 2 with Profile Name Employees and SSID Employees.

Remove WLAN 10 and WLAN 2, replace WLAN 10 with Profile Name Contractors and SSID Contractors, replace WLAN 2 with Profile Name Employees and SSID Employees.

Change the Layer 2 security to None on the Contractors WLAN.

Under Layer 3 Security, change the Layer 3 Security to Web Policy on the Contractors WLAN.

Under Security Local Net Users add a New Local Net User “Bill Smith” password “Cisco”, interface/ Interface Group “east-wing”.

Change the Layer 2 Security to None + EAP Pass-through on the Contractors WLAN.

Under WLANs > Edit “Contractors “change the interface/Interface group to “east-wing”.

Question 10

Which attribute on the Cisco WLC v7.0 does RADIUS IETF attribute "Tunnel-Private-Group ID" assign?

ACL

DSCP

QoS

VLAN

Question 11

Which client roam is considered the fastest in a wireless deployment using Cisco IOS XE mobility controllers and mobility agents?

Roam within stack members

Inter-SPG roam

Interdomain roam

Intermobility roam

lntra-SPG roam

Question 12

Refer to the exhibit.
300-375 dumps exhibit

A network engineer must configure a WLAN on a Cisco IOS-XE controller to support corporate devices (using VLAN 30) and BYOD (using VLAN 40) on the same secure SSID. The security team has built an ISE deployment to be used for VLAN assignment and to restrict access based on policy and posture compliance.
Given the existing WLAN configuration, which configuration change must be made?

remove ip dhcp required

Add aaa-override

Remove nac

Add mac-filtering default

Question 13

An engineer must enable EAP on a new WLAN and is ensuring that the necessary components are available. Which component uses EAP and 802.1x to pass user authentication to the authenticator?

AAA server

supplicant

controller

Question 14

Which of the following user roles can access CMX Visitor Connect?

Administrator

Power User

Guest User

Super Administrator

Question 15

WPA2 Enterprise with 802.1x is being used for clients to authenticate to a wireless network through
an ACS server. For security reasons, the network engineer wants to ensure only PEAP authentication can be used. The engineer sent instructions to clients on how to configure their supplicants, but users are still in the ACS logs authentication using EAP-FAST. Which option describes the most efficient way the engineer can ensure these users cannot access the network unless the correct authentication mechanism is configured?

Enable AAA override on the SSID, gather the usernames of these users, and disable their RADIUS accounts until they make sure they correctly configured their devices.

Enable AAA override on the SSID and configure an access policy in ACS that denies access to the list of MACs that have used EAP-FAST.

Enable AAA override on the SSID and configure an access policy in ACS that allows access only when the EAP authentication method is PEAP.

Enable AAA override on the SSID and configure an access policy in ACS that puts clients that authenticated using EAP-FAST into a quarantine VLAN.

Question 16

Which command is an SNMPv3-specific command that an engineer can use only in Cisco IOS XE?

snmp-server user remoteuser1 group1 remote 10.12.0.4

snmp-server host 172.16.1.33 public

snmp-server community comaccess ro 4

snmp-server enable traps wireless

Question 17

An engineer has configured the wireless controller to authenticate clients on the employee SSID against Microsoft Active Directory using PEAP authentication. Which protocol does the controller use to communicate with the authentication server?

EAP

802.1x

RADIUS

WPA2

Question 18

During the EAP process and specifically related to the logon session, which encrypted key is sent from the RADIUS server to the access point?

WPA key

encryption key

session key

shared secret key

Question 19

An engineer is designing a high availability wireless network. What mechanism should be the focus for high availability?

SNR

channel reuse

RSSI

cell overlap

Question 20

How should the Cisco Secure ACS v4.2 and the Cisco WLC v7.0 be configured to support wireless client authentication?

The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (Cisco Airespace)

The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (IETF)

The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco Airespace)

The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco IOS)

Question 21

An engineer must change the wireless authentication from WPA2-Personal to WPA2-Enterprise. Which three requirements are necessary? (Choose three.)

EAP

802.1x

RADIUS

per-shared key

802.11u

fast secure roaming

802.11i

Question 22

Which two events are possible outcomes of a successful RF jamming attack? (Choose two.)

unauthentication association

deauthentication multicast

deauthentication broadcast

disruption of WLAN services

physical damage to AP hardware

Page: 1 / 10

Total 124 questions Full Exam Access