[2017-New-Version]High Quality Braindump2go 300-375 Exam Questions PDF 77Q Free Share[51-60]
2017 Sep New 300-375 Exam Dumps with PDF and VCE Free Updated Today! Following are some new 300-375 Questions:
1.|2017 New 300-375 Exam Dumps (PDF &VCE) 77Q&As Download:
https://www.braindump2go.com/300-375.html
2.|2017 New 300-375 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNR21JWVIyUWFaTWM?usp=sharing
QUESTION 51
WPA2 Enterprise with 802.1x is being used for clients to authenticate to a wireless network through an ACS server. For security reasons, the network engineer wants to ensure only PEAP authentication can be used. The engineer sent instructions to clients on how to configure their supplicants, but users are still in the ACS logs authentication using EAP- FAST. Which option describes the most efficient way the engineer can ensure these users cannot access the network unless the correct authentication mechanism is configured?
A. Enable AAA override on the SSID, gather the usernames of these users, and disable their RADIUS accounts until they make sure they correctly configured their devices.
B. Enable AAA override on the SSID and configure an access policy in ACS that denies access to the list of MACs that have used EAP-FAST.
C. Enable AAA override on the SSID and configure an access policy in ACS that allows access only when the EAP authentication method is PEAP.
D. Enable AAA override on the SSID and configure an access policy in ACS that puts clients that authenticated using EAP-FAST into a quarantine VLAN.
Answer: D
QUESTION 52
An engineer is configuring a BYOD deployment strategy and prefers a single SSID model. Which technology is required to accomplish this configuration?
A. mobility service engine
B. wireless control system
C. identify service engine
D. Prime Infrastructure
Answer: C
QUESTION 53
Which Cisco feature must an engineer configure on a cisco WLC to enable PCI specification compliance for communication of neighbor radio information?
A. RF Grouping
B. MFP
C. Rogue Access Point Detection
D. RRM NDP
E. Off Channel Scanning
Answer: D
QUESTION 54
The Cisco NAC Guest Server is configured as which kind of device on the wireless controller?
A. external web authentication server
B. RADIUS server
C. SNMP trap receiver
D. anchor controller
E. AAA client
Answer: B
QUESTION 55
Which two statements about the sponsor accounts on the Cisco NAC Guest Server are true? (Choose two.)
A. The sponsor login to the Cisco NAC Guest Server is at https://NGS-IP-Address/admin to create, view, and edit guest accounts.
B. The Cisco NAC Guest Server can authenticate the sponsors using the local database or via Microsoft Active Directory or LDAP or RADIUS servers.
C. Sponsoring user groups is the method by which to assign permissions to the sponsors.
D. Guest roles provide a way to give different levels of access to different sponsor accounts.
E. Sponsor accounts require admin privileges to generate reports.
Answer: BC
QUESTION 56
Which two statements are true about configuring a wired guest LAN feature? (Choose two.)
A. Create a WLAN on the anchor controller only
B. Select the management interface as the egress interface to reach the anchor controller
C. Require an anchor controller to implement
D. Select the interface that you created as the guest LAN interface in the ingress interface menu
E. Configure on any controller from version 5.2 forward
Answer: BD
QUESTION 57
When configuring guest WLAN access, which two statements are true? (Choose two.)
A. The SSID that is defined for the guest WLAN on the foreign controllers must be the same as that defined on the anchor controller.
B. The foreign controllers must be defined with an ingress interface and an egress interface in the guest WLAN.
C. The foreign and anchor controllers must be configured in a mobility group for the foreign controllers to be able to initiate EoIP tunnels to one or more anchor controllers.
D. The mobility domain name of the anchor controller should be the same as what is configured for the foreign controllers.
Answer: AC
QUESTION 58
Which statement correctly describes the relationship between the foreign and anchor controllers when used for guest access?
A. The foreign controller will load balance in round-robin fashion starting with the highest IP address anchor controller to the lowest IP address anchor controller.
B. The foreign controller will load balance in round-robin fashion starting with the lowest IP address anchor controller to the highest IP address anchor controller.
C. The foreign controller will load balance in round-robin fashion starting with the highest MAC address anchor controller to the lowest MAC address anchor controller.
D. The foreign controller will load balance in round-robin fashion starting with the lowest MAC address anchor controller to the highest MAC address anchor controller.
Answer: B
QUESTION 59
Which two firewall protocol port(s) need open access for secure management access to an anchor WLC for guest access? (Choose two.)
A. TCP 22
B. TCP 23
C. TCP 80
D. TCP 8080
E. TCP 443
F. UDP 123
Answer: AE
QUESTION 60
Which two EAP type(s) require a client certificate? (Choose two.)
A. LEAP
B. PEAP
C. EAP-FAST
D. EAP-TLS
E. EAP-MD5
Answer: CD
!!!RECOMMEND!!!
1.|2017 New 300-375 Exam Dumps (PDF &VCE) 77Q&As Download:
https://www.braindump2go.com/300-375.html
2.|2017 New 300-375 Study Guide Video: