CCNA Wireless

Question: Which of the following architectures is ideal for static installations? A. Autonomous B. FlexConnect C. Centralized D. Converged

!correct answer: A Your answer: B Explanation: An autonomous architecture is ideally used for hotspots or smaller enterprises. It is preferred for single static access points. This architecture is simple to deploy and cost effective. FlexConnect is a means of extending data center services to branch or remote offices. Data from the remote offices is either tunneled to the head office wireless LAN controller (WLC) or locally switched. A centralized architecture is geared towards campus environments with centralized traffic. The APs connect to switches which are then connected to premise-based controllers. The converged architecture is the highest performance design. This model converges wired and wireless traffic together. Platforms run IOS software, which standardizes and simplifies the user interface.

Question: Which form of signal attenuation is measured in respect to the frequency and distance that a signal travels as it moves from transmitter to receiver? A. Free path loss B. Reflection C. Refraction D. Absorption

!correct answer: A Your answer: B Explanation: The attenuation of signal strength on its way between a sender and a receiver, in the absence of obstacles or other environmental hindrances, is called free path loss. The signal loss is caused by the signal being spread out in multiple directions and becoming weaker as it disperses away from the emitter. The loss of signal strength increases with respect to distance and frequency. Signal absorption is the loss of signal as it passes through different types of material. Each material absorbs part of the energy. In the air, dust and humidity can weaken the signal. Solid objects, such as walls, also cause a loss of wave energy. This form of attenuation is more affected by the type of material absorbing the signal than the frequency or distance travelled. Reflection is caused as signals bounce off the surface of an object and are redirected relative to the angle with which they met the object. Flat and smooth surfaces tend to reflect signals without causing much absorption of the wave's energy, while rougher surfaces tend to absorb some of the signals strength as it is being reflected. This form of attenuation is more affected by the type of obstacle reflecting the signal than the frequency or distance travelled. Refraction is the bending of a signal and the changing of its direction as it passes from one medium to another. This is only a minor issue when it comes to indoor networks, but is a much bigger issue when radio waves continue across areas that have water, or even high or low humidity spots, that can bend and distort the signal. This form of attenuation is more affected by the type of medium refracting the signal than the frequency or distance travelled.

Question: What is the cloud-based AP management platform that allows a technician to monitor and configure their wireless network's devices? A. Meraki Dashboard B. Command Line Interface C. Prime Infrastructure D. Identity Services Engine

!correct answer: A Your answer: B Explanation: The cloud-based AP management platform used in Cloud architecture is the Meraki Dashboard. The Meraki Dashboard allows for a technician to monitor APs and clients and configure SSIDs, firewall, and radio settings. Prime Infrastructure can be used to monitor the Meraki devices but not for configuration. Prime Infrastructure combines many of the Cisco platforms under one resource which provides an administrator with multiple options for monitor configurations. Cisco Identity Services Engine (ISE) is a management platform for security access to network resources. ISE manages security policies and cannot be used to monitor and configure the devices in a Cloud-based wireless network. The CLI is not used for cloud-based AP management. AP management for monitoring and configuration of the wireless network devices is done using the Meraki Dashboard.

Question: You need to determine the number of APs required for a WLAN deployment. What would be the most likely reason for this? A. Application requirements B. Electrical power requirements C. Coverage requirements D. Security requirements

!correct answer: A Your answer: C Explanation: Enterprises today rely on a mix of employees, real-time applications, non-real-time applications, and timely business processes. It is imperative to take into consideration the application requirements when planning and using a predictive WLAN design tool. Applications, such as word processing and e-mail programs are not resources intensive. However, others, such as real-time voice or video applications, require very little latency and can consume a considerable amount of bandwidth. By determining the types of applications being used and their requirements, you will be better able to determine the number of APs needed to ensure adequate bandwidth availability. The number of APs would typically not be a determining factor when considering security requirements. Rather, you would consider the security features that APs provide, such as MAC filtering and encryption methods. Electrical power requirements can help determine whether upgrades may be required to the existing infrastructure to support network devices. Although electrical power requirements may determine the number of APs that may be deployed in a building, this is not be the most likely reason, as upgrades may deployed to the building itself. The coverage area may potentially require additional APs. However, other methods of increasing coverage can be implemented, such as increasing the AP radio power level. This will increase an AP's transmission range to accommodate coverage requirements.

Question: Which modulation technique is used by 802.11n? A. 64-QAM B. FHSS C. 256-QAM D. DSSS

!correct answer: A Your answer: C Explanation: To increase the speed in a Wi-Fi network, orthogonal frequency-division multiplexing (OFDM) can use 64-state QAM (64-QAM). The behavior is the same as the 16-QAM variant, except that there are 64 possibilities in total (64 symbols), and 8 bits are coded in each symbol. Using 64-QAM allows 1 Mb/s per carrier, for a total speed of 48 Mb/s. At that speed, two-thirds the bits are information bits and one-third are redundant. High-density modulation schemes such as 64-QAM is used by 802.11n to get additional throughput higher than what is found in 802.11a/b/g. It yields an 8x8 quadrature. 802.11n does not use 256-QAM modulation. With quadruple amplitude modulation (QAM), four different amplitudes, or power levels, are determined: null (no signal), low, average, or high. Because orthogonal frequency-division multiplexing (OFDM) specifies that each tone can have a different orientation (up, left, down, or right), the signal strength information can be coupled with the signal orientation. 802.11ac provides a higher data rate by using 256-QAM by using a 16x16 quadrature. 802.11n does not use frequency hopping spread spectrum (FHSS) modulation. FHSS is a time-based narrowband hopping of frequencies. This modulation technique was introduced with the original 802.11 standard. 802.11n does not use direct sequence spread spectrum (DSSS) modulation. DSSS is a broadband use of frequencies. This modulation technique was introduced with the original 802.11 standard and is also used with 802.11b.

Question: You are setting up your wireless network infrastructure. Which options must be configured on the DHCP server to provide the IP address, DNS server address, and domain name information to both clients and APs? ( A. Option 015 B. Option 006 C. Option 044 D. Option 045

!correct answer: A B Your answer: B Explanation: Option 006 is required when configuring the DHCP server as this option will provide the DNS Server information in response to client requests along with the IP address information. Option 015 is also required as this provides the DNS domain name information. Option 015 is required when configuring the DHCP server as this option will provide the DNS domain name information in response to client requests along with the IP address information. Option 006 is also required as this provides the DNS server information. Option 044 is used for configuring the DHCP server to provide the WINS server information to the clients. Option 044 is not used for DNS server or DNS domain name information. Option 045 is used for configuring the DHCP server to provide the NetBIOS datagram distribution server information to the clients. Option 045 is not used for DNS server or DNS domain name information.

Question: Which statements regarding a predictive site survey are true? ( A. It is used to save time and cost. B. It records RF information from wireless devices. C. Proper calibration is important. D. It requires time on-site. E. It eliminates the need for on-site analysis.

!correct answer: A C Your answer: B C E Explanation: A predictive site survey is a software-based method to simulate AP RF propagation based on the environment imported into the program. Performing this type of site survey can save time and cost by limiting, or even eliminating, the need to spend time on-site, at least during this form of survey. A predictive site survey is a software-based method to simulate AP RF propagation based on the environment imported into the program. Floor plans can be imported into a predictive site survey program to be used in estimating placement and AP coverage area necessary for the WLAN. However, it is very important to ensure proper calibration has been performed to ensure scale accuracy or survey results will be completely inaccurate. Although it is recommended to visit the site by doing an initial walkthrough, it is not a requirement for a predictive site survey. If properly executed, a predictive site survey can be a relatively accurate and efficient means of beginning the wireless design process. However, it should not be used as a substitution for on-site analysis. A passive site survey is performed to record RF information from APs and other wireless devices, not a predictive site survey.

Question: A company is using AireOS WLCs and wants to update the software version. Which protected options are available to the technician to complete the update task? ( A. From the Web GUI using SFTP B. From the Web GUI using FTP C. From the CLI using SFTP D. From the Web GUI using TFTP E. From the CLI using FTP F. From the CLI using TFTP

!correct answer: A C Your answer: C D Explanation: Using the Web GUI and SSH file transfer protocol (SFTP) is one of the most secure options for updating the AireOS wireless LAN controller (WLC) software version. SFTP is more secure because the data transfer takes place over a SSH connection which encrypts the data during transit. Using the CLI and SSH file transfer protocol (SFTP) is one of the most secure options for updating the AireOS wireless LAN controller (WLC) software version. SFTP is more secure because the data transfer takes place over a SSH connection which encrypts the data during transit. Using the Web GUI and file transfer protocol (FTP) is not a protected option for updating the AireOS wireless LAN controller (WLC) software version, as FTP does not provide any security for the data transfer. Using the CLI and file transfer protocol (FTP) is not a protected option for updating the AireOS wireless LAN controller (WLC) software version, as FTP does not provide any security for the data transfer. Using the Web GUI and trivial file transfer protocol (TFTP) is not a protected option for updating the AireOS wireless LAN controller (WLC) software version, as TFTP does not provide any inherent security. Using the CLI and trivial file transfer protocol (TFTP) is not a protected option for updating the AireOS wireless LAN controller (WLC) software version, as TFTP does not provide any inherent security.

Question: Which information is located on the AireOS WLC GUI Monitor Summary screen? ( A. Trap logs B. Shunned clients C. Message logs D. System uptime

!correct answer: A D Your answer: B C Explanation: The Monitor Summary screen has a category called Controller Summary, which gives information on the overall health of the wireless LAN controller (WLC). Some of the details it provides include management IP address, software version, system uptime, internal temperature, and network state. The Monitor Summary screen has a category called Most Recent Traps, which gives a brief view of the trap logs reported by the system. The trap logs can give details of attempted connections from things such as excluded clients, authentication failures, and rogue APs. Message logs give information on system conditions, such as a mobility group connection failure, attempted connections from excluded clients or various other system events. The message logs are not found on the Monitor Summary screen, but can be found on the Management screen under the Logs category. Shunned clients are clients whose MAC address has been blocked by the wireless LAN controller (WLC) due to the presence of malicious traffic or for any number of reasons. The shunned clients list is not found on the Monitor Summary screen, but on the Monitor Security screen.

Question: Which two statements are true regarding LAG? ( A. The static AP-manager is moved to the LAG port. B. Primary and secondary ports must be configured for the interfaces. C. There is a maximum of two LAG groups per controller. D. Once enabled, untagged interfaces are deleted.

!correct answer: A D Your answer: C D Explanation: When LAG is enabled, all untagged interfaces are deleted and all WLANs are disabled and mapped to the management interface. Also, the management, static AP-manager, and VLAN-tagged dynamic interfaces are moved to the LAG port. When LAG is enabled, all untagged interfaces are deleted and all WLANs are disabled and mapped to the management interface. Also, the management, static AP-manager, and VLAN-tagged dynamic interfaces are moved to the LAG port. The maximum number of LAG groups per controller is one. This allows only one connection to a neighbor. When LAG is enabled, the need to configure primary and secondary ports for each interface is no longer needed.

Question: Which conditions would indicate that Layer 2 inter-controller roaming has occurred when a client has connected to an alternate AP? ( A. The client's PoA has moved to a new WLC. B. The client's PoP has remained on the same WLC. C. The client's PoA has remained on the same WLC. D. The client's subnet has changed. E. The client's PoP has moved to a new WLC. F. The client's subnet has not changed.

!correct answer: A E F Your answer: A C E Explanation: When a client roams from one access point to another, but remains on the same subnet, it is known as Layer 2 roaming. Inter-controller roaming occurs when the new AP is associated with a different wireless LAN controller (WLC). When inter-controller roaming, a client's point of presence (PoP) and point of attachment (PoA) will change to the newly associated AP's WLC. When a client roams from one access point to another, but remains on the same subnet, it is known as Layer 2 roaming. Inter-controller roaming occurs when the new AP is associated with a different wireless LAN controller (WLC). When inter-controller roaming, a client's point of presence (PoP) and point of attachment (PoA) will change to the newly associated AP's WLC. When a client roams from one access point to another, but remains on the same subnet, it is known as Layer 2 roaming. Inter-controller roaming occurs when the new AP is associated with a different wireless LAN controller (WLC). When inter-controller roaming, a client's point of presence (PoP) and point of attachment (PoA) will change to the newly associated AP's WLC. If the client's PoP remained on the same WLC, it would indicate that either intra-controller roaming has occurred or Layer 3 inter-controller roaming has occurred. It does not indicate that Layer 2 inter-controller roaming has occurred. If the client's PoA remained on the same wireless LAN controller (WLC), it would indicate that intra-controller roaming has occurred. It does not indicate that Layer 2 inter-controller roaming has occurred. The client's subnet changing during the roaming process would indicate that a Layer 3 roaming has occurred. It does not indicate that Layer 2 inter-controller roaming has occurred.

Question: Consider a client roaming to an AP that is associated with a different controller than the previous AP in a centralized Layer 3 roaming deployment. When the client has completed connecting to the new AP, how will the client's PoP and PoA change? A. The PoA will stay fixed to the original wireless controller and the PoP will move to the new wireless controller. B. The PoP will stay fixed to the original wireless controller and the PoA will move to the new wireless controller. C. Both the PoP and the PoA will move to the new wireless controller. D. Both the PoP and the PoA will stay fixed to the original wireless controller.

!correct answer: B Your answer: A Explanation: A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. All traffic is then funneled from the client's PoA to the PoP before continuing through the network. This is referred to as symmetric mobility tunneling. The PoA will not stay fixed to the original wireless controller and the PoP will not move to the new wireless controller. A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. If the client's PoP was moved to the new wireless controller, the client would lose their IP address and the roaming process would be interrupted. The PoA will not stay fixed to the original wireless controller. A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. In order for the client's PoA to stay fixed to the original controller the client would need to connect to an AP that is associated with the original controller. The PoP will not move to the new wireless controller. A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. If the client's PoP was moved to the new wireless controller, the client would lose their IP address and the roaming process would be interrupted.

Question: You have a number of WLCs in your wireless infrastructure and are about to add some new APs. The new APs do not have any preloaded configuration information, nor is there a configured Master. Which WLC will the APs join? A. Secondary Controller B. Least Loaded Controller C. Primary Controller D. Tertiary Controller

!correct answer: B Your answer: A Explanation: APs that are not primed with controller information will first look for a Master controller. If one is not available, each AP will join the controller that it finds with the greatest available AP capacity. The AP with the greatest available capacity is called the Least Loaded Controller. An AP will only attempt to join a Primary Controller if it has been primed with the controller's configuration information. As the APs are not primed, then the AP will first look for a Master controller to join and then will join the Least Loaded Controller if no Master is configured. An AP will only look for a Secondary Controller if it has been primed with controller information and it is unsuccessful at joining the Primary controller. As the APs are not primed, then the AP will first look for a Master controller to join and then will join the Least Loaded Controller if no Master is configured. An AP will only look for a Tertiary Controller if it has been primed with controller information and it is unsuccessful at joining the Primary or Secondary controller. As the APs are not primed, then the AP will first look for a Master controller to join and then will join the Least Loaded Controller if no Master is configured.

Question: Which term is used to describe the physical connection to the network? A. Interface B. Port C. Console D. WLAN

!correct answer: B Your answer: A Explanation: Different terms are used to describe wireless LAN controller (WLC) components and features. A port is the physical interface that allows a connection to the network. An interface is not the physical connection to the network. An interface is logical interface and can be either static or dynamic. Dynamic interfaces can include VLAN tags and port association, while static interfaces can include the management interface. A console port is not the physical connection to the network. A console port is used to acquire command line access to a network device. It is typically used as a means of configuring the device. A WLAN is not the physical connection to the network. A WLAN includes all the SSID and associated settings. A WLAN allows access to the wireless network.

Question: Which is a valid splash screen setting that allows a user to view the screen, but requires only minimal interaction with the screen before connection is made? A. Sign-on B. Click-through C. Enabled D. Open

!correct answer: B Your answer: A Explanation: When the click-through option is selected for the splash page, users must view and acknowledge the splash page before being allowed on the network, but no other authentication is requested. It requires minimal interaction with the splash screen page, and typically requires a simple mouse click. There is no open option available for the splash page. There is, however, an open option that can be configured for association with the AP. With this option set, any user can associate without the need of encryption. A splash page can be enabled, but additional setting must be configured to determine which type of security the splash screen will use. It can be set to have no security at all (direct access), require brief confirmation, or have any one of a number of sign-on processes. When the sign-on option is selected for the splash page, it typically requires a username and password. The signing in can be done through Meraki authentication, My RADIUS server, My LDAP server, My Active Directory server, SMS, or third party credentials. This is a very secure option, but would not be considered minimal interaction with the splash page.

Question: Which term refers to a power gain relative to an isotropic antenna? A. dBm B. dBi C. dBd D. dB

!correct answer: B Your answer: D Explanation: Decibels related to an isotropic antenna (dBi) measures antenna gain through a ratio of the power produced by an antenna from a far-field source. This refers to a far-field source on the antenna's beam axis to the power produced by a hypothetical lossless isotropic antenna, which is equally sensitive to signals from all directions. Decibels related to a dipole antenna (dBd) are a measurement of the gain of an antenna system relative to a dipole antenna at radio frequency. It does not refer to a power gain relative to an isotropic antenna. Decibels in milliwatts (dBm) are commonly used when measuring the power produced by an antenna. It is the value that is indicated when calculating the received signal strength indicator (RSSI) or signal value. RSSI gives a measurement of the signal strength that one device receives from another device. It does not refer to a power gain relative to an isotropic antenna. The decibel (dB) is a power scale and can be used for such tasks as comparing sounds. The decibel is used to compare relative powers or strength and is followed by the relevant unit expressing that strength. Therefore, dBj compares joules, and dBHz compares hertz. When comparing power relative to an isotropic antenna, the relevant unit would be dBi, not merely dB.

Question: When initially configuring a WLC, which option is a default setting? A. Telnet is enabled B. SSH is enabled C. Session timeout is not set D. Session timeout is set at 10 minutes

!correct answer: B Your answer: D Explanation: The default settings for a wireless LAN controller (WLC) are Telnet disabled, SSH enabled, and a session timeout of 5 minutes. SSH is enabled by default because it is a more secure protocol than Telnet. Any or all of these settings can be changed during the initial configuration. The default setting for a wireless LAN controller (WLC) has Telnet disabled. SSH is enabled by default and the session timeout is set at 5 minutes. Telnet is disabled by default because it is an unsecured connection protocol. SSH is favored because it has built in encryption. The default session time out on a wireless LAN controller (WLC) is set at 5 minutes. The default session setting is set at 5 minutes so that any inactive session will be automatically terminated as a security precaution. Telnet is disabled, while SSH is enabled by default. Any of these settings can be changed during configuration. The default session time out on a wireless LAN controller (WLC) is set at 5 minutes. The default session setting is set at 5 minutes so that any inactive session will be automatically terminated as a security precaution. Increasing the timer to 10 minutes may constitute a security risk, as the connection remains open during that period. Telnet is disabled, while SSH is enabled by default. Any of these settings can be changed during configuration.

Question: Which statements are true concerning the anchor controller and the foreign controller when roaming in a centralized Layer 3 dynamic roaming deployment? ( A. The foreign controller is both the client's PoA and PoP. B. When roaming, the foreign controller is the client's PoA. C. When roaming, the anchor controller is the client's PoP. D. Both the anchor and foreign controllers share the same VLAN information.

!correct answer: B C Your answer: C D Explanation: When Layer 3 roaming occurs, the foreign controller is the client's point of attachment (PoA). The foreign controller exchanges mobility messages with the anchor controller, which is the point of presence (PoP), and copies the anchor controller's client database entry. From this point on when the client sends traffic through the network, it is sent back to the anchor controller from the foreign controller. This process is known as symmetric mobility tunneling. When Layer 3 roaming occurs the anchor controller is the client's point of presence (PoP). The anchor controller exchanges mobility messages with the foreign controller, which is the point of attachment (PoA), and sends a copy of its client database entry to the foreign controller. From this point on, when the client sends traffic through the network, it is sent back to the anchor controller from the foreign controller. This process is known as symmetric mobile tunneling. Layer 3 roaming occurs when a client connects to a new access point that is associated with a wireless controller that is not on the same subnet as the original controller. When this happens, the original wireless controller will become the anchor controller, the point of presence (PoP) and the new wireless controller becomes the foreign controller, also known as the point of attachment (PoA). This allows the client to keep their IP configuration information even when their PoA has moved to a different wireless controller on a different subnet. Layer 3 roaming occurs when a client connects to a new access point that is associated with a wireless controller that is not on the same subnet as the original controller. When this happens, the original wireless controller will become the anchor controller, the point of presence (PoP) and the new wireless controller becomes the foreign controller, also known as the point of attachment (PoA). This allows the client to keep their IP configuration information even when their PoA has moved to a different wireless controller on a different subnet.

Question: What are the purposes of a post-deployment site survey? ( A. Determine AP power settings B. Verify SNR C. Identify rogue APs D. Identify sources of RF interference E. Identify user areas

!correct answer: B C Your answer: D E Explanation: The primary objective of a post-deployment site survey is to analyze the deployed WLAN. The analysis is done to verify that the coverage, channel overlap, signal-to-noise ratio (SNR), noise floor, and bleed through are in reasonable ranges to support the WLAN design requirements. Post-deployment site surveys should also include information that addresses interference sources, equipment placement, and rogue devices. Signal-to-noise ratio (SNR) is the ratio of usable signal being transmitted to the undesired signal (noise). It is a measure of transmission quality. The ratio of good data (signal) to bad (noise) on a line, expressed in decibels (dB). The primary objective of a post-deployment site survey is to analyze the deployed WLAN. The analysis is done to verify that the coverage, channel overlap, signal-to-noise ratio (SNR), noise floor, bleed through, are in reasonable ranges to support the WLAN design requirements. Post-deployment site surveys should also include information that addresses interference sources, equipment placement, and rogue devices. A rogue AP is an unauthorized wireless access point on a corporate or private network. Rogue APs can cause considerable damage to an organization's data by allowing private network access to unauthorized users. A rogue AP can allow man-in-the-middle attacks and access to private information. Determining AP power settings is not the purpose of a post-deployment site survey. The information that is obtained by the passive site survey could be used to determine any of the following: - AP power settings - AP channel selection - AP types (certain vendors have technology that will attempt to mitigate RF interference, such as Cisco CleanAir) This provides information that will help in the removal of the RF interfering device/object. Passive site surveys can be performed during pre-deployment and post-deployment of a WLAN site design. Identifying sources of RF interference is not the purpose of a post-deployment site survey. A passive site survey using a Spectrum Analyzer during an initial walk-through allows an engineer to quickly gather data about and analyze the local RF environment. This allows them to identify the following: - Existing, nearby, or neighboring AP coverage - Existing, nearby, or neighboring AP signal strength - Existing, nearby, or neighboring AP channel usage - Sources of RF interference - Physical locations of RF interference devices Identifying user areas is not the purpose of a post-deployment site survey. To properly prepare for the pre-deployment site survey, it is necessary to perform an initial walk-through. The information that is needed to complete the initial walk-through is as follows: - Obtain a facility diagram - Visually inspect the facility - Determine temporary AP locations that are used during the pre-deployment survey - Identify user areas To identify user areas, you should mark the areas of fixed and mobile users on the facility diagram. In addition to illustrating where mobile users may roam, indicate where they will not go. You might get by with fewer access points if you can limit the roaming areas.

Question: A branch office has a wireless AP deployed to it. The branch office does not include a WLC. You need to be able to provide central management of the branch office AP from the corporate network. Which technology could be used to accomplish this? ( A. Mobility Agent B. OEAP C. ELM D. FlexConnect

!correct answer: B D Your answer: A B Explanation: OfficeExtend Access Point (OEAP) is a way of extending a corporate wireless network to an office site location. It is a secure and simple solution and is often used to support telecommuters. It provides a secure tunnel to the corporate network. A FlexConnect AP is a wireless solution typically deployed in remote office or in branch offices. A FlexConnect AP deployed in a branch office can still be managed from the central office via the WAN connection. Enhanced local mode (ELM) provides wireless intrusion prevention. This allows intruders to be detected on the channel that is serving clients. ELM does not provide a central management solution for remote APs. A Mobility Agent (MA) reports client states to the mobility controller. It will report both local and roaming states. An MA does not provide a central management solution for remote APs.

Question: Which type of frame is an ACK frame? A. Jumbo B. Management C. Control D. Data

!correct answer: C Your answer: A Explanation: IEEE 802.11 distinguishes three primary frame types: management, control, and data. The purpose of control frames is to help communication. Examples of control frames include power save poll (PS-Poll), request to send (RTS), clear to send (CTS), and acknowledgment (ACK). As the name indicates, the aim of management frames is to help manage the connection. The Frame Control field Type subfield indicates management and the subtype determines which type of management frame will be sent. Depending on the subtype, the body part contains special pieces of information about the basic service area (BSA) or the communication parameters. Depending on the type of management frame, there might be fewer than four address fields. Examples of management frames include beacon, association request, association response, disassociation, authentication, and deauthentication. ACK is not a type of management frame. Data frames carry information. The header can sometimes be precise if the AP needs to authorize the frame. Examples of data frames include Data (simple data frame), Data + contention free (CF)-ACK, Data + CF-Poll, and Data + CF-ACK + CF-Poll. ACK is not a type of data frame. Jumbo frames are not an actual frame type defined in the Frame Control field, as these are identified as management, control, and data. Jumbo frames support enables a larger than default (1,518 bytes) frame to be sent from a network card. Jumbo frames allow frame sizes up to 9,014 bytes and will provide a significant performance increase when transmitting large amounts of data, such as iSCSI network traffic.

Question: Refer to the exhibit. Which wave measurement does this figure best represent? A. Amplitude B. Frequency C. Phase D. Wavelength

!correct answer: C Your answer: A Explanation: The exhibit depicts the measurement of phase. Phase is the relationship between two signals that are at the same frequency. Wave signals that follow the same synchronous pattern (the crest of their cycles coincides) are considered to be in phase. If the signals are not aligned in this way, they are considered to be out of phase. The exhibit does not depict a measurement of wavelength. Wavelength is the physical distance from one point of a cycle to the same point in the next cycle. The wavelength can be defined as the physical distance that a wave covers in one cycle. Wavelength measurements do not compare the alignment of multiple wave crests as depicted. The exhibit does not depict a measurement of frequency. Frequency is the measurement of how often a wave repeats itself. Shorter waves (smaller wavelengths) repeat themselves more often and would be considered a higher frequency than longer waves. Frequency measurements do not compare the alignment of multiple wave crests as depicted. The exhibit does not depict a measurement of amplitude. Amplitude is the strength of a signal. In a graphical representation, amplitude is seen as the distance between the highest and lowest crests of the cycle. Amplitude represents the level of energy that is injected in one cycle. The more energy that is injected in a cycle, the higher the amplitude. Amplitude measurements do not compare the alignment of multiple wave crests as depicted.

Question: Which statement is true regarding beamforming? A. It is only used with 802.11ac networks. B. It is used to combine two adjacent channels within the same frequency band to improve throughput. C. Signal gain is increased when the AP transmits towards receiving devices. D. It is a measure of transmission quality.

!correct answer: C Your answer: B Explanation: Beamforming uses the transmit antennae that has the same signal except that the magnitude (amplitude) and phase are adjusted at each transmitter in such a way that a focused beam is generated. The receiver adds these signals together to increase the overall signal strength, thus also increasing the feasible range for that speed. Beamforming is not used to combine two adjacent channels within the same frequency band to improve data throughput. This is the purpose of channel bonding. Beamforming is not a measure of transmission quality. Signal-to-noise ratio (SNR) is the ratio of usable signal being transmitted to the undesired signal (noise). It is a measure of transmission quality. The ratio of good data (signal) to bad (noise) on a line, expressed in decibels (dB). Beamforming technology directs the radio frequency (RF) signals from 802.11n/ac APs to 802.11a/b/g/n/ac clients to improve performance and coverage and reduce coverage holes.

Question: What is generally an acceptable combination of transmitted signal and noise floor? A. Signal: -75 dBm Noise floor: -90 dBm B. Signal: -95 dBm Noise floor: -65 dBm C. Signal: -65 dBm Noise floor: -95 dBm D. Signal: -90 dBm Noise floor: -75 dBm

!correct answer: C Your answer: B Explanation: Signal-to-noise ratio (SNR) is the ratio (difference) of a given transmitted signal to the background noise on that channel. SNR directly affects performance of the WLAN connection. Typically, the higher the SNR value, the higher the bandwidth achieved. This information is used to determine if the background noise on that channel is at acceptable levels based the WLAN design. Generally, an acceptable SNR is at least 20 to 25 dB. In this case, the signal strength is -65 dBm and the noise floor is -95 dBm, resulting in an SNR of 30 dB. -65 dBm - (-95 dBm) = 30 dB The noise floor is a combination of all the background radio frequency (RF) radiation that is found in the environment. An AP's RF signals must be higher than the Noise Floor to be detectable as a useful signal by a receiver. In this case, the signal strength is -95 dBm and the noise floor is -65 dBm, resulting in an SNR of -30 dB. -95 dBm - (-65 dBm) = -30 dB The noise floor is a combination of all the background radio frequency (RF) radiation that is found in the environment. If the received signal is too close to the noise floor, it can cause data throughput issues. Generally, an acceptable SNR is at least 20 to 25 dB. In this case, the signal strength is -75 dBm and the noise floor is -90 dBm, resulting in an SNR of 15 dB. -75 dBm - (-90 dBm) = 15 dB The noise floor is a combination of all the background radio frequency (RF) radiation that is found in the environment. An AP's RF signals must be higher than the Noise Floor to be detectable as a useful signal by a receiver. In this case, the signal strength is -90 dBm and the noise floor is -75 dBm, resulting in an SNR of -15 dB. -90 dBm - (-75 dBm) = -15 dB

Question: Which 802.11 standard provides optimal throughput rates when operating at the 5 GHz spectrum? A. 802.11n B. 802.11g C. 802.11ac D. 802.11a

!correct answer: C Your answer: B Explanation: The 802.11ac standard builds on the 802.11n multiple-input-multiple-output (MIMO) technology and uses Multi-user MIMO (MU-MIMO). The number of spatial streams is doubled from four to eight. It also uses 256-quadrature amplitude modulation (QAM) coding for higher rates. The channels can be 20, 40, or 80 MHz wide for Wave 1 and up to 160 MHz wide for Wave 2. The first iteration of 802.11ac is Wave 1 (Wi-Fi certification) with data rates up to 1.3 Gbps. The second generation is Wave 2 (Wi-Fi certification) will have data rates up to 6.93 Gbps. 802.11ac operates in the 5 GHz band and can be backward-compatible with 802.11a and 802.11n. Operating in some unlicensed portion of the 5 GHz radio band, the 802.11a standard delivers a maximum data rate of 54 Mbps. This would not provide the most optimal data throughput rate. The 802.11g standard operates in the same spectrum as 802.11b and is backward compatible with the 802.11b standard. 802.11g supports the additional data rates of 6, 9, 12, 18, 24, 36, 48, and 54 Mbps. 802.11g delivers the same 54 Mbps maximum data rate as 802.11a but operates in the same 2.4 GHz band as 802.11b. The 802.11n standard uses a technology that is called spatial multiplexing. This technology utilizes multiple-input-multiple-output (MIMO), which actually benefits from multipath occurrences. MIMO typically uses two to three antennas to receive (input) the signal and two or three radios to transmit (output), plus special signal processing to improve range, reliability, and throughput. The standard proposes to increase bandwidth to data rates of up to 600 Mbps. It uses the 2.4 GHz Industrial, Scientific and Medical (ISM) band and the 5 GHz Unlicensed National Information Infrastructure (U-NII) band through channel bonding, thus making it compatible with older Wi-Fi devices.

Question: What is the role of the Wi-Fi Alliance? A. Defines radio frequencies B. Defines transmission power-level regulations C. Certifies interoperability between WLAN products D. Defines Layer 1 and Layer 2 protocols

!correct answer: C Your answer: B Explanation: The Wi-Fi Alliance was created to solve compatibility issues. The Wi-Fi Alliance develops rigorous tests and conducts Wi-Fi certification of Wi-Fi devices that implement various Wi-Fi IEEE 802.11 specifications. If a product is fully compatible with other devices currently on the market, then that product receives a Wi-Fi certified label, which is usually visible on the back of any certified WLAN adapter or AP. The IEEE defines Layer 1 and Layer 2 protocols, not the Wi-Fi Alliance. Regulatory bodies, such as the Federal Communications Commission (FCC) and the European Telecommunications Standards Institute (ETSI), define radio frequencies, not the Wi-Fi Alliance. Regulatory bodies, such as Federal Communications Commission (FCC) and the European Telecommunications Standards Institute (ETSI), define transmission power-level regulations, not the Wi-Fi Alliance.

Question: You are configuring an AP using the SSID Manager within the GUI Web browser interface for Cisco's autonomous AP software. After creating a new SSID, or using an existing one, which other setting is configured on this screen? A. IP address B. Encryption key C. Encryption mode D. VLAN number

!correct answer: D Your answer: A Explanation: After selecting a SSID, new or existing, the SSID Manager looks for a VLAN to be assigned to that specific SSID. Additionally, it gives the option to select which 802.11 radio interface and frequency band will be used for the SSID. The encryption mode is not set on the SSID Manager screen, but on the Encryption Manager screen. It is a setting that is configured for the VLANs and not the SSIDs. The encryption key is not set on the SSID Manager screen, but on the Encryption Manager screen. It is a setting that is configured for the VLANs and not the SSIDs. IP addresses are not configured for SSIDs. An IP address can be configured for the host, in this case, the access point. This configuration is done on the Network Configuration screen, found in the Easy Setup section of the Home tab or on the Network Interfaces screen, found under the Network tab.

Question: Which autonomous AP management options are disabled by default? A. Telnet B. SSH C. HTTP D. HTTPS

!correct answer: D Your answer: A Explanation: An autonomous AP can be managed through a command line interface, a GUI web interface, or from the Cisco Prime Infrastructure. By default, Telnet and SSH are enabled for autonomous AP management via the command line and HTTP for GUI web configuration. By default, HTTPS is disabled. Once enabled, a certificate will be generated. This must be installed on management clients to avoid warnings.

Question: A network failure occurs and a technician needs to recover a Cisco 5500 Series WLAN controller. The technician is unable to access the device using the service port. What is most likely the cause? A. Autosensing is disabled B. Invalid IPv6 address is assigned C. Device does not have a service port D. Wrong cable is used

!correct answer: D Your answer: A Explanation: The Cisco 5500 Series WLAN controller is equipped with an Ethernet service port. This port is not capable of autosensing detection. Therefore, if the wrong cable is used, you will not be able to successfully connect to the device. A service port is not able to autosense; therefore, the proper cable must be used. Autosensing cannot be configured. The Cisco 5500/7500/8500 Series WLAN controllers all have an Ethernet service port. A service port can be configured with a static IPv4 address or it can receive one through DHCP. A service port cannot use IPv6; this would not be the reason why the technician cannot connect.

Question: Which software can produce RF heat and coverage maps? A. MetaGeek InSSIDer 4 B. WLC Config Analyzer C. Omnipeek Professional D. MetaGeek Visiwave

!correct answer: D Your answer: B Explanation: MetaGeek Visiwave is an active site survey application that is often used when attempting to validate the results of a predictive site design. It analyzes the deployed WLAN and can create helpful features like a heat map to verify the coverage of the radio frequency (RF) network. It also verifies channel overlaps, signal-to-noise ratios (SNR), noise floors, bleed through, and other WLAN design requirements. The wireless LAN controller (WLC) config analyzer was developed by Cisco wireless engineers and is used to evaluate the WLC configuration for errors and check it against best practices. Two of its features are radio frequency (RF) analysis and audit checking. It does not, however, have the option to create RF heat or coverage maps. OmniPeek Professional is a Windows OS based packet analyzer that offers several different options from software to appliances (Omnipliance Wi-Fi). It captures packets and lists top protocols and top talkers. OmniPeek has a Peer Map that graphically represents all conversations between nodes on the network, but does not create a radio frequency (RF) heat or coverage map. MetaGeek InSSIDer 4 is a third-party laptop wireless local area network (WLAN) scanning tool. It works with the adapter on your device (dual band is required to see full Wi-Fi spectrum). It can display Service Set Identifiers (SSIDs), MAC addresses, channels, data rates, and security. It does not, however, have the option to create RF heat or coverage maps.

Question: Which technology allows the AP to process time-sensitive data while the WLC manages the data that is not time-sensitive? A. Link aggregation B. Autonomous mode C. Spatial streams D. Split MAC

!correct answer: D Your answer: B Explanation: Split MAC is a technology that allows the splitting of 802.11 functions. Items that are not time-sensitive are sent to the Cisco wireless LAN controller (WLC), while the AP processes real-time data. Some real-time portions include frame exchange handshake and wireless encryption/decryption frames. Autonomous mode is not a technology that is used to split 802.11 data across the wireless LAN controller (WLC) and AP. Autonomous mode is an operating mode for an AP. It is used for smaller enterprises and on individual APs. It is easy and cost effective to deploy. Link aggregation is a technology that bundles a series of channels together. This, in turn, allows a single channel of higher bandwidth. This is not a technology that splits data across the AP and wireless LAN controller (WLC). Spatial streams are a result of spatial multiplexing technology in MIMO wireless communication. Transmitted spatial streams are independent and separate signals from each transmit antenna. Spatial streams have nothing to do with separating data so it can be processed by different components.

Question: How can a WLC obtain an IPv6 address for the service port? A. The Teredo protocol assigned the address. B. WLC cannot obtain an IPv6 address for the service port. A service port can only use IPv4 addresses. C. It can be statically assigned using a reservation in DHCP. D. The address can be auto-configured using SLAAC.

!correct answer: D Your answer: B Explanation: Stateless address autoconfiguration (SLAAC) is a stateless DHCP service that is capable of providing an IP address to a service port. This wireless LAN controller (WLC) port is the only one that can be configured using SLAAC; the rest have to be statically assigned. Although a wireless LAN controller (WLC) service port address can be assigned statically, a static address is not the same thing as a reservation. A reservation is a DHCP configuration where a specific IP address is held for a specific MAC address. Teredo is not a means of assigning IP addresses; it is a means of transitioning networks from IPv4 to IPv6. This technology tunnels IPv6 traffic through IPv4 networks. A wireless LAN controller (WLC) can obtain an IPv6 address from static configuration or through Stateless address autoconfiguration (SLAAC).

Question: Which of the following architectures has the highest performance? A. Autonomous B. FlexConnect C. Centralized D. Converged

!correct answer: D Your answer: C Explanation: An autonomous architecture is ideally used for hotspots or smaller enterprises. It is preferred for single static access points. This architecture is simple to deploy and cost effective. FlexConnect is a means of extending data center services to branch or remote offices. Data from the remote offices is either tunneled to the head office wireless LAN controller (WLC) or locally switched. A centralized architecture is geared towards campus environments with centralized traffic. The APs connect to switches which are then connected to premise-based controllers. The converged architecture is the highest performance design. This model converges wired and wireless traffic together. Platforms run IOS software, which standardizes and simplifies the user interface.

When using WPA2 with PSK, how many keys can be configured per WLAN? 1 ASCII or 1 Hex 2 ASCII and 2 Hex 4 ASCII and 4 Hex 2 ASCII and 1 Hex

1 ASCII or 1 Hex

Which of the following are components of WPA? (Choose 3) Message Equivalency Check (MEC) 802.11i standard 48-bit initialization vector Key management using preshared key (PSK) authentication Key management using 802.1X EAP authentication

48-bit initialization vector, Key management using preshared key (PSK) authentication, Key management using 802.1X EAP authentication

A WLAN deployment uses a combination of Cisco Aironet 1260 APs and multiple Cisco 5500 Wireless LAN Controllers to provide wireless LAN access to end-users. The network administrator has decided to use DHCP Option 43 to enable the APs to discover the wireless LAN controllers. When configuring the DHCP scope, which format should be used for the Cisco WLC addresses?

A hexadecimal string of Cisco WLC management addresses

What is an MBSSID?

A virtual AP configured on a physical AP that share a single physical device, which is one half- duplex radio

What does DHCP option 43 provide for in a Cisco WLAN? DNS server name DNS domain name Advertise WLC addresses Default gateway

Advertise WLC addresses

Which of the following are correct regarding troubleshooting methodology? (Choose 2) Bottom-up starts at the physical layer Bottom-up starts at the application layer Top-down starts at the application layer Top-down starts at the physical layer

Bottom-up starts at the physical layer, Top-down starts at the application layer

question: You are setting up a Cisco access point that requires 18.5 watts of power to function properly. Which standard would be used to provide the power to the AP? A. 802.3at B. 802.11ac C. 802.3af D. 802.11a

Correct answer: : A B Explanation: 802.3at is a Power over Ethernet (PoE) standard that can deliver a power load of up to 30 watts. It is required if an AP needs more than 12.95 watts of power. 802.3af is a Power over Ethernet (PoE) standard that can deliver a power load of up to 15.4 watts. It is not recommended for APs that require more than 12.95 watts of power. This is because long cable runs tend to reduce its load to this amount. Even at maximum power, it would not be able to produce enough power for an 18.5 watt AP. 802.11ac is a Wi-Fi standard and not a Power over Ethernet (PoE) standard. It uses the 5 GHz frequency band can operate more multiple-input multiple-output (MIMO) streams than previous standards. Specifically, it can use up to eight different antennas for transmitting and receiving and wider bands to support 500 Mbps per wireless link. It does not fit the power-supplying requirement of this scenario. The 802.11a is a Wi-Fi standard and not a Power over Ethernet (PoE) standard. It uses the 5 GHz frequency and has a maximum theoretical throughput of 54 Mbps. It does not fit the power-supplying requirement of this scenario.

question: When associating with a Cisco Meraki AP, which authentication option sends the auth requests through an Mtunnel to the Cloud? A. WPA2 Enterprise with Meraki authentication B. WPA2 Enterprise with My RADIUS server C. MAC-based access control D. Pre-shared key with WPA2

Correct answer: : A B Explanation: Meraki authentication uses local user accounts and sends auth requests through the Mtunnel to the Cloud. As the Meraki Cloud is used as the server, credentials have to be created for each user, on the Cloud. The Cloud typically uses the user e-mail address for the login name and sends to that address the credentials when the user is created. When using My RADIUS server for authentication, external servers must be configured and can be tested. The servers are not in the Cloud, but local in the enterprise network. It is accomplished by using Cisco Meraki Switching (MS) and Cisco Meraki Security Management (MX). When using MAC-based access control for authentication, there is no encryption used, rather the RADIUS server is queried at association time. The servers used for this are not in the Cloud, but local in the enterprise network. There is no tunneling used for this process. When using pre-shared key authentication, users must enter a pre-determined key to associate with the SSID. This option is available with Wi-Fi Protected Access 2 (WPA2) encryption and not WPA. There is no tunneling used for this process.

question: Which term refers to the strength of a radio wave during transmission? A. Amplitude B. Wavelength C. Phase D. Frequency

Correct answer: : A C Explanation: Amplitude is the strength of a signal. In a graphical representation, amplitude is seen as the distance between the highest and lowest crests of the cycle. Amplitude represents the level of energy that is injected in one cycle. The more energy that is injected in a cycle, the higher the amplitude. Wavelength is not the strength of a signal, but the physical distance from one point of a cycle to the same point in the next cycle. The wavelength can be defined as the physical distance that a wave covers in one cycle. Frequency is not the strength of a signal, but the measurement of how often a wave repeats itself. Shorter waves (smaller wavelengths) repeat themselves more often and would be considered a higher frequency than longer waves. Phase is not the strength of a signal, but the relationship between two signals that are at the same frequency. Wave signals that follow the same pattern and are synchronized with each other are considered to be in phase. If the signals are not aligned in this way, they are considered to be out of phase.

question: Which antenna is designed with a comb-shaped antenna that is often encased in a protective cylinder? A. Yagi Uda B. Mast-mount omnidirectional C. Parabolic dish D. Wall-mount patch

Correct answer: : A C Explanation: The Yagi Uda is a directional antenna that was invented by H. Yagi and S. Uda in Japan in 1926. The antenna has a comb shape, and is usually encased in a protective cylinder. It is thin on the vertical and horizontal planes and reaches far in a narrow beam. A wall-mount patch antenna is ideal for an indoor environment because of its flat design. Its appearance is discrete and does not draw attention. The antenna radiates slightly toward the back, which becomes useful when positioning this kind of antenna over a door. The antenna is internal to the unit and not comb-shaped. A mast-mounted antenna can have one antenna or several antennae with similar gain but different radiation patterns, making a donut shape. Using an omnidirectional antenna allows for coverage of side-to-side and up and down equally. Mast-mounted omnidirectional antennae typically have a wand shape instead of a comb shape. The shape of a parabolic dish antenna makes it adaptable to long-range outdoor links, mainly in a point-to-point scenario. Since the beam is so focused, the gain is very high. The 21 dBi gain makes this antenna almost 100 times as powerful as a dipole antenna. The parabolic dish antenna has a protruding receiver, which, on rare-occasions, is comb-shaped, but mostly is circular, square, or cylindrical.

question: Which term describes the distribution system linking two or more APs? A. ESS B. PAN C. BSS D. VTP

Correct answer: : A C Explanation: When the distribution system links two access points, or two cells, the group is called an Extended Service Set (ESS). This scenario is very common in most wireless networks because it not only allows wireless stations in two separate areas of the network to communicate together, but it also permits (with a proper design) roaming. An ESS is a combination of two or more Basic Service Sets (BSSs) that appear as a single BSS to form a single network. Through the strategic placement of APs, the coverage of a wireless network may be increased. A Basic Service Set (BSS) is an IEEE 802.11 network comprised of two or more workstations and an AP. It does not link two or more APs. VLAN Trunking Protocol (VTP) provides the management side of VLAN traffic. It manages the deletion, addition, and renaming of VLANs reducing the amount of administration that is needed. It does not link two or more APs. A personal area network (PAN) is not the distribution system linking two or more APs. A PAN is a network that exists within a relatively small area and connects electronic devices such as desktop computers, printers, scanners, fax machines, PDAs, and notebook computers. In the past, connecting these devices required extensive cabling, connectors, and adapters.

question: What is the approximate half wavelength of antennae on the 2.4 GHz spectrum? A. 2.5 in (6.35 cm) B. 1.1 in (2.8 cm) C. 2.2 in (5.6 cm) D. 5 in (12.70 cm)

Correct answer: : A D Explanation: 2.5 inches (6.35 centimeters) is approximately the measurement of one half of the wavelength used by antennae on the 2.4 GHz spectrum. 1.1 inches (2.8 centimeters) is approximately the measurement of one half of the wavelength used by antennae on the 5.2 GHz spectrum, not the 2.4 GHz spectrum. 5 inches (12.70 centimeters) is approximately the measurement of one whole wavelength used by antennae on the 2.4 GHz spectrum, not one half wavelength. 2.2 inches (5.6 centimeters) is approximately the measurement of one whole wavelength used by antennae on the 5.2 GHz spectrum, not one half wavelength on the 2.4 GHz spectrum.

question: You are remotely viewing WLC logs that show information on rogue APs, channel changes, and invalid settings. Which WLC log type fits this description? A. Trap B. Event C. Message D. Console

Correct answer: : A D Explanation: Trap logs are very useful for troubleshooting issues related to failures, such as client association failures and AP association failures. The controller displays the reason why an AP is no longer associated or why it could not associate when attempting to do so. Trap logs also show rogue AP, channel changes, and invalid settings. Message logs show message information on system conditions that are useful for troubleshooting. An example of this would be showing a mobility group connection failure. They do not give collective information on rogue AP, channel changes, and invalid settings. Console logs are log messages that a router sends to its console port once a user has physically connected a console to that port. It is a direct connection to the wireless LAN controller (WLC) rather than a remote connection. Event logs are used by the Cisco Meraki Dashboard not a wireless LAN controller (WLC). They are used to track events that happen on the network, including all events for clients and devices.

question: What are the two submodes for monitor mode? ( A. Tracking optimization B. wIPS C. Split tunneling D. Trusted AP

Correct answer: : A B A B C D Explanation: Tracking optimization is one of the monitor submodes in which an AP can operate. This mode is used to optimize the monitoring and location calculation of RFID. In monitoring mode, the AP scans all channels; tracking optimization lets you specify the band to search. One of the monitor submodes is wIPS. This mode is configurable from the wireless LAN controller (WLC) GUI or PI. This mode is used to scan all channels in the DCA list. The scan time per channel is 250 ms. Trusted AP is not an AP monitoring mode. Trusted AP policies are a set of policies that can be set on an AP. Policies can be used to exclude the AP from network services to simply monitoring for trusted services. Split tunneling is not an AP monitoring mode. Split tunneling is an OfficeExtend Access Point (OEAP) feature that allows clients to connect directly to the Internet without going through a connected VPN link.

question: Which autonomous AP management options are enabled by default? A. Telnet B. SSH C. HTTP D. HTTPS

Correct answer: : A B C A B C D Explanation: An autonomous AP can be managed through a command line interface, a GUI web interface, or from the Cisco Prime Infrastructure. By default, Telnet and SSH are enabled for autonomous AP management via the command line and HTTP for GUI web configuration. By default, HTTPS is disabled. Once enabled, a certificate will be generated. This must be installed on management clients to avoid warnings.

question: Which statements regarding a predictive site survey are true? ( A. It is used to save time and cost. B. It records RF information from wireless devices. C. Proper calibration is important. D. It requires time on-site. E. It eliminates the need for on-site analysis.

Correct answer: : A C A D Explanation: A predictive site survey is a software-based method to simulate AP RF propagation based on the environment imported into the program. Performing this type of site survey can save time and cost by limiting, or even eliminating, the need to spend time on-site, at least during this form of survey. A predictive site survey is a software-based method to simulate AP RF propagation based on the environment imported into the program. Floor plans can be imported into a predictive site survey program to be used in estimating placement and AP coverage area necessary for the WLAN. However, it is very important to ensure proper calibration has been performed to ensure scale accuracy or survey results will be completely inaccurate. Although it is recommended to visit the site by doing an initial walkthrough, it is not a requirement for a predictive site survey. If properly executed, a predictive site survey can be a relatively accurate and efficient means of beginning the wireless design process. However, it should not be used as a substitution for on-site analysis. A passive site survey is performed to record RF information from APs and other wireless devices, not a predictive site survey.

question: What are three purposes of RRM? ( A. Coverage hole detection and mitigation B. Auto-anchor mobility C. Transmit power control D. Dynamic channel assignment E. Spectrum intelligence

Correct answer: : A C D A B C D E Explanation: Radio Resource Management (RRM) automatically detects and configures new Cisco wireless LAN controllers (WLCs) and lightweight access points as they are added to the network. It then automatically adjusts associated and nearby lightweight access points to optimize coverage and capacity. Adequate coverage with the appropriate level of performance (throughput) to all users is necessary. Often it requires the deployment of many APs, operating on different channels that must be selected intelligently so as not to interfere with each other. Such a task is accomplished by the use of dynamic channel assignment (DCA) on the WLC. Radio Resource Management (RRM) automatically detects and configures new Cisco wireless LAN controllers (WLCs) and lightweight access points as they are added to the network. It then automatically adjusts associated and nearby lightweight access points to optimize coverage and capacity. The level of network performance and unnecessary noise in the wireless environment is directly attributed to the selected TX power levels of the APs. Maintaining performance levels without contributing excess noise in the RF environment is accomplished by allowing the WLC to collectively manage the AP power levels. This done through the application of the transmit power control (TPC) algorithm, which is run on the RF group leader. Radio Resource Management (RRM) automatically detects and configures new Cisco wireless LAN controllers (WLCs) and lightweight access points as they are added to the network. It then automatically adjusts associated and nearby lightweight access points to optimize coverage and capacity. Whenever a change in the AP infrastructure happens, such as an AP failure, displacement, or a change in TX power, a coverage hole may appear and must be detected and managed. This management is accomplished by the coverage hole detection (CHD) algorithm, which runs on the individual WLCs. Auto-anchor mobility is not a purpose of radio resource management (RRM). In a centralized deployment model, wireless LAN controllers (WLCs) are placed at a centralized location in the enterprise network. The deployment can be accomplished using AireOS WLCs, but can also be deployed using an IOS-XE WLC. Auto-anchor mobility is a feature of AireOS. In auto-anchor mobility, the client's point of attachment (PoA) moves with them on inter-controller roams. Auto-anchor mobility uses a static guest anchor to fix the wireless client's point of presence (PoP). Spectrum Intelligence (SI) is not a purpose of radio resource management (RRM). Maintaining a healthy wireless environment today requires knowledge of what is in the air, which is known as SI. SI is a core technology that is designed for proactively managing the challenges of a shared wireless spectrum. Essentially, SI is data about RF spectrum activity that is derived from advanced interference identification algorithms, similar to the algorithms used in the military. SI provides visibility to all the users of the shared spectrum, both Wi-Fi devices and non-Wi-Fi interferers.

question: The autonomous APs in your wireless network require their images to be updated. You decide to use the Web GUI to complete the updates. Which steps will be required to complete this task? ( A. Browse to the image file B. Enable popup blockers C. Enter the TFTP server IP, file path, and image filename D. Disable popup blockers

Correct answer: : A D A B C D Explanation: When using HTTP from the Web GUI, you have to browse to the image (.tar) file and also ensure that any pop-up blockers are disabled before selecting to upgrade. When using HTTP from the Web GUI, you have to browse to the image (.tar) file and also ensure that any pop-up blockers are disabled before selecting to upgrade. If the popup blocker is enabled it will prevent the upgrade from opening the required additional browser window. When using HTTP from the Web GUI, you have to ensure that any pop-up blockers are disabled before selecting to upgrade. While using HTTP, you have to browse to the image (.tar) file. If the popup blocker is enabled, it will prevent the upgrade from opening the required additional browser window. While using HTTP, you have to browse to the image (.tar) file. Entering the TFTP server IP, file path, and image name is done when using the TFTP method and the Web GUI.

question: Which tools can be used to perform a passive site survey? ( A. Cisco CleanAir B. OmniPeek Professional C. Wireshark D. MetaGeek inSSIDer E. MetaGeek Chanalyzer

Correct answer: : A E A B C D Explanation: Radio frequency (RF) spectrum analysis applications are used when performing passive site surveys. There are numerous RF spectrum analysis tools from which to choose. MetaGeek Chanalyzer can be used with its own RF Spectrum adapter (Wi-Spy) or by connecting it to a Cisco AP in Spectrum Expert mode (additional license from MetaGeek). It measures RF signals in the 2.4GHz and 5GHz spectrum. It can detect co-channel and overlapping channels in the RF spectrum. It can also show and identify the interferers (non-Wi-Fi) in the RF space. Radio frequency (RF) spectrum analysis applications are used when performing passive site surveys. Cisco CleanAir can be enabled on your Cisco WLC/WCM (with CleanAir capable APs) to scan your RF space automatically. It cannot only identify RF interference, but indicate which APs have reported the interference to better locate it. It also has reports to indicate the severity to each channel, which is based on the interference device. Radio frequency (RF) spectrum analysis applications are used when performing passive site surveys. MetaGeek inSSIDer is not used during a passive site survey, as it is an example of a WiFi scanner. MetaGeek inSSIDer is a tool that helps you identify what is being used in the WLAN. It works with the adapter on your device (dual band is required to see full Wi-Fi spectrum). It can display SSIDs, MAC addresses, Channels, Data rates, and security. Radio frequency (RF) spectrum analysis applications are used when performing passive site surveys. OmniPeek Professional is not used during a passive site survey, as it is an example of a packet analyzer. This packet analyzer has several different options from software to appliances (Omnipliance Wi-Fi). The focus here will be the OmniPeek Professional. Like the other packet analyzers, this product requires a special wireless USB adapter. It captures packets and lists top protocols and top talkers. It also has a Peer Map that graphically represents all conversations between nodes on the network. Radio frequency (RF) spectrum analysis applications are used when performing passive site surveys. Wireshark is not used during a passive site survey, as it is an example of a packet analyzer. This packet analyzer is open-source software (OSS). It can capture wired packets from a network adapter in promiscuous mode. The AirPCAP wireless adapter is required for wireless captures. It lets you filter and analyze traffic by protocol.

question: Consider a client roaming to an AP that is associated with a different controller than the previous AP in a centralized Layer 3 roaming deployment. When the client has completed connecting to the new AP, how will the client's PoP and PoA change? A. The PoA will stay fixed to the original wireless controller and the PoP will move to the new wireless controller. B. The PoP will stay fixed to the original wireless controller and the PoA will move to the new wireless controller. C. Both the PoP and the PoA will move to the new wireless controller. D. Both the PoP and the PoA will stay fixed to the original wireless controller.

Correct answer: : B A Explanation: A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. All traffic is then funneled from the client's PoA to the PoP before continuing through the network. This is referred to as symmetric mobility tunneling. The PoA will not stay fixed to the original wireless controller and the PoP will not move to the new wireless controller. A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. If the client's PoP was moved to the new wireless controller, the client would lose their IP address and the roaming process would be interrupted. The PoA will not stay fixed to the original wireless controller. A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. In order for the client's PoA to stay fixed to the original controller the client would need to connect to an AP that is associated with the original controller. The PoP will not move to the new wireless controller. A centralized Layer 3 roaming deployment can help administrators ensure continuity of policies by allowing clients to keep their IP address when roaming to multiple APs. The client is able to keep their IP address regardless of the subnet the new AP is associated with due to their PoP. The client's PoP stays fixed to the original controller that was associated with the original AP, while their PoA changes to the new controller associated with the new AP. If the client's PoP was moved to the new wireless controller, the client would lose their IP address and the roaming process would be interrupted.

question: Which encryption type will provide the strongest level of security? A. TKIP B. AES CCMP C. WPA2-PSK D. WEP 40 bit + TKIP

Correct answer: : B A Explanation: Advanced Encryption Standard and Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (AES CCMP) uses an algorithm to convert plain text into cipher text during encryption. It then converts cipher text back into plain text during decryption. Both processes require the same encryption key. AES has a block size of 128 bits and supports key sizes of 128, 192, or 256 bits. This is the most secure encryption to use. Temporal Key Integrity Protocol (TKIP) has a dynamic key system that changes the encryption key after 10,000 packets have been sent. It uses a 128 bit encryption key. TKIP is known for being susceptible to network hackers. It would not be the most secure encryption to use. Wi-Fi Protected Access 2 (WPA2) with a Pre-Shared Key (PSK) uses a pre-determined key that is entered in ASCII or Hexadecimal and stored locally on the AP. This is actually used for authentication of network users and not encryption. Wired Equivalent Privacy (WEP) uses an encryption key that is static, which means that the key never changes throughout all sessions. Temporal Key Integrity Protocol (TKIP) has a dynamic key system that changes the encryption key after 10,000 packets have been sent. Both are known for being susceptible to network hackers, which would make WEP 40 bit + TKIP a less secure encryption to use.

question: What can be imported into a site survey program to help predict RF coverage of APs? A. Cost estimates B. Floor plans C. Yagi D. Electrical specifications

Correct answer: : B A Explanation: The primary goal of the WLAN design process is to determine the number and location of APs required to meet the WLAN design goals, such as coverage. You will complete the predictive WLAN design process by gathering the appropriate information that is required for the WLAN and by using a predictive WLAN design tool. Floor plans can be imported into a predictive site survey program to be used in estimating placement and AP coverage area necessary for the WLAN. Cost estimates are not imported into a predictive site survey program to help predict RF coverage of APs. Cost estimates, however, are used later on in the site survey process during the pre-deployment phase. Electrical specifications are not imported into a predictive site survey program to help predict RF coverage of APs. Electrical specifications, however, are used later on in the site survey process during the pre-deployment phase. They can be used to help determine whether upgrades may be required to the existing infrastructure to support network devices. Yagi is not imported into a predictive site survey program to help predict RF coverage of APs. Yagi is a type of directional radio antenna consisting of several short rods capable of transmitting and receiving narrow band frequencies.

question: Which type of device can be used to observe RF signals? A. Wi-Fi scanner B. Spectrum analyzer C. Packet analyzer D. Sniffer

Correct answer: : B D Explanation: A spectrum analyzer is a device that can be used to detect radio frequency (RF) signals. This device can determine if a wireless transmitter is working as expected or if variations exist due to interference. It typically displays the signal amplitude on a vertical axis as it relates to the signal frequency on a horizontal axis. A Wi-Fi scanner is not used to observe radio frequency (RF) signals. A Wi-Fi scanner is a wireless traffic discovery tool. It can detect beacons and will report the service set identifier (SSID) for each AP as well as the channels being used. A packet analyzer is not used to observe radio frequency (RF) signals. A packet analyzer may also be referred to as a protocol analyzer. It is a tool used to examine the contents of captured network traffic. Protocol analyzers may also collect the network traffic and save it to a capture file for later analysis. A sniffer is not used to observe radio frequency (RF) signals. A sniffer is typically another name used for a protocol analyzer. However, a protocol analyzer is a tool used to examine the contents of captured network traffic. A sniffer is a tool that is used to capture network traffic.

question: Which term defines a signal that is reflected off surfaces and split into parts that arrive at the receiver at different times? A. Absorption B. Multipath C. Refraction D. Downfade

Correct answer: : B D Explanation: Multipath happens when one portion of a wave travels in a straight line from the sender to the receiver, while another part of the same wave hits obstacles and is reflected. Some of the reflected portion makes its way toward the same receiver reaching the destination slightly later. As a result, the first wave (the main signal) becomes mixed up with its own reflection. Downfade occurs when the difference in the amplitude of the primary and secondary wave signals is 121 to 179 degrees. It can also result in signal cancelation from 180 - 269 degrees. Downfade can be caused by reflection, but does not result in multiple parts of a signal arriving at different times. Refraction is the bending of a signal and the changing of its direction as it passes from one medium to another. This is only a minor issue when it comes to indoor networks, but is a much bigger issue when radio waves continue across areas that have water, or even high or low humidity spots, that can bend and distort the signal. Refraction does not reflect a signal and would not result in multiple parts of a signal arriving at different times. Absorption is the loss of signal as it passes through different types of material. Each material absorbs part of the energy. In the air, dust and humidity can weaken the signal. Solid objects, such as walls, also cause a loss of wave energy. Absorption is the opposite of reflection and would not result in multiple parts of a signal arriving at different times.

question: You have implemented a WLAN consisting of three APs to ensure users can roam within the company building without losing wireless connection. Which channels should the APs be configured to use to optimize connections? A. 1, 2, and 3 B. 1, 6, and 11 C. 2, 5, and 10 D. 1 only

Correct answer: : B D Explanation: The Industrial, Scientific and Medical (ISM) band (2.4 GHz spectrum) was planned with channels that are 22 MHz wide. The channels also require 5 MHz of separation from each other. There are 11 channels available in the United States, 13 in Europe, and 14 in Japan. If a device uses a channel that is 22 MHz wide (11 MHz on each side of the peak channel), that channel will encroach on the neighboring channels. Therefore, two devices that use two overlapping channels in the same area will interfere with each other. As a result, there are three non-overlapping channels in the United States: 1, 6, and 11. Any attempt to use channels that are closer to each other will result in interference issues. Using a single channel can cause interference between adjacent APs. Therefore, it is recommended to use channels 1, 6, and 11 to ensure sufficient coverage and ensure they do not interfere with each other. The Internal Services Module (ISM) band (2.4 GHz spectrum) was planned with channels that are 22 MHz wide. The channels also require 5 MHz of separation from each other. Using channels 1, 2, and 3 would result in each overlapping causing interference issues. The Internal Services Module (ISM) band (2.4 GHz spectrum) was planned with channels that are 22 MHz wide. The channels also require 5 MHz of separation from each other. Using channels 2, 5, and 10 would result in channels 2 and 5 overlapping causing interference issues.

question: Which statements are true concerning Layer 2 dynamic roaming in a centralized deployment? ( A. Any wireless controllers involved in the roaming process do not share the same VLAN information. B. Any wireless controllers involved in the roaming process will share the same VLAN information. C. Any wireless controllers involved in the roaming process are in the same Mobility Group. D. Layer 2 roaming can only occur between two or more wireless controllers. E. Layer 2 roaming will cause the client to change subnets.

Correct answer: : B C A B C D Explanation: When Layer 2 roaming is being used, any wireless controller involved with the roaming process will be on the same VLAN and Mobility Group. Because wireless controllers in Layer 2 dynamic roaming share the same subnet information, there is no need for the client's IP information to change. When Layer 2 roaming is being used, any wireless controller involved with the roaming process will be on the same VLAN and Mobility Group. Because wireless controllers in Layer 2 dynamic roaming are a part of the same Mobility Group, they are able to dynamically share the state of client devices. When Layer 2 roaming is being used, any wireless controller involved with the roaming process will be on the same VLAN and Mobility Group. If wireless controllers do not share the same VLAN information, Layer 3 roaming will occur, not Layer 2 roaming. When Layer 2 roaming is being used, any wireless controller involved with the roaming process will be on the same VLAN and Mobility Group. Layer 2 roaming can either be intra-controller, where the client's point of presence (PoP) and point of attachment (PoA) remain the same, or inter-controller, where the client's PoP and PoA change. When Layer 2 roaming is being used, any wireless controller involved with the roaming process will be on the same VLAN and Mobility Group. It is assumed that in a Layer 2 roaming scenarios, no IP configuration changes will occur because the wireless controllers are on the same subnet.

question: Which term describes a network that uses a centralized dedicated device to increase the network capabilities of stations? A. IBSS B. SSID C. BSS D. BSSID

Correct answer: : C B Explanation: A Basic Service Set (BSS) can be defined as the area within which a computer is reachable through its wireless connection. It is comprised of two or more workstations and an AP. Communication between computers involves one computer sending information to an AP, which then sends it to the destination computer. Although this system may be more complex than the simple peer-to-peer network, a benefit is that an AP is usually better equipped than a simple machine to handle congestion. Independent Basic Service Set (IBSS) describes a computer-to-computer wireless communication. It does not use a dedicated device, such as an AP. A Basic Service Set Identifier (BSSID) is not a network that implements a centralized dedicated device for communications. A BSSID used to identify a particular Basic Service Set (BSS). Networks using ad hoc mode use an automatically generated random MAC address; whereas, those that use infrastructure mode use the MAC address of the AP as the BSSID. An SSID is not a network that implements a centralized dedicated device for communications. An SSID uniquely identifies a WLAN and consists of up to 32 ASCII characters. For all devices within Basic Service Set (BSS) to communicate, each device must use the same SSID.

question: Which of the following architectures is preferred for premise-based controller installations? A. Autonomous B. FlexConnect C. Centralized D. Converged

Correct answer: : C D Explanation: An autonomous architecture is ideally used for hotspots or smaller enterprises. It is preferred for single static access points. This architecture is simple to deploy and cost effective. FlexConnect is a means of extending data center services to branch or remote offices. Data from the remote offices is either tunneled to the head office wireless LAN controller (WLC) or locally switched. A centralized architecture is geared towards campus environments with centralized traffic. The APs connect to switches which are then connected to premise-based controllers. The converged architecture is the highest performance design. This model converges wired and wireless traffic together. Platforms run IOS software, which standardizes and simplifies the user interface.

question: Which FCC rule applies to United States-based equipment using a fixed, point-to-point link in the 2.4 GHz band? A. The maximum antenna gain must not exceed 21 dBi. B. For every 1 dBi of antenna gain, transmit power is reduced by 1 dBm. C. For every 3 dBi of antenna gain, transmit power is reduced by 1 dBm. D. The maximum EIR allowed is 36 dBm.

Correct answer: : C D Explanation: The Federal Communications Commission (FCC) rules enforce that, for point-to-point links, if the antenna is more than 6 dBi, each additional gain of 3 dBi must be compensated by a 1 dB decrease in transmitter power. For example, if the maximum allowed transmit power is 30 dBm with a 6 dBi antenna, using a 36 dBi antenna (which is 30 dB more than 6 dBi) implies that the transmit power must be reduced 10 dBm. This reduction respects the rule because each additional 3 dB in antenna gain effectively implies a 1 dBm decrease in transmitter power. For the United States, the maximum gain on an antenna must not exceed 16 dBi unless installed by a professional. For point-to-multipoint links, not point-to-point links, each additional gain of 1 dBi on the antenna must be compensated by a 1 dBm decrease in transmitter power. For point-to-multipoint links, not point-to-point links, the maximum EIRP that is allowed must not exceed 36 dBm.

question: Which node acts as the configuration and management interface for ISE? A. MnT B. PSN C. PAN D. IPN

Correct answer: : C D Explanation: The Policy and Administration node (PAN) is the interface for policy management and configuration. The PAN is the control center for the Identity Services Engine (ISE) deployment and pushes out the configurations to other nodes in a distributed deployment. The Policy Service node (PSN) is the engine that makes the policy decisions. The PSN persona processes all the network messaging pertaining to the Identity Services Engine (ISE) deployment. The messages include DHCP, CDP, NetFlow, RADIUS, and others. The Monitoring and Troubleshooting node (MnT) is the interface for reporting and logging. The MnT is also the destination for syslog messages from the network access devices (NAD). The Inline Posture Node (IPN) is responsible for enforcing the policies. The policies are applied by the network access devices (NAD) using the RADIUS responses from the Policy Service node (PSN).

question: Which AireOS WLC CLI show commands details both an access point's name and serial number? A. show boot B. show sysinfo C. show inventory D. show license all

Correct answer: : C D Explanation: The show inventory command gives a variety of information, such as an access point's MAC address, maximum APs supported, name, description, product ID, and serial number. The show boot command shows which software is primary or active. It gives the identification of the primary and backup boot image. It does not show an AP's name and serial number. The show license all command gives information on primary and evaluation licenses. It details license type, state, count, and priority. It does not show an AP's name and serial number. The show sysinfo command gives a variety of information, such as the following: - Manufacturer's name - Wireless LAN controller (WLC) Software level - IP address - Date/time - Country - Temperature and fan status - Enabled radio networks - MAC address - Hostname It does not show an AP's name and serial number.

question: Which statement is true regarding Cisco CleanAir? A. It is Window OS based B. It automatically optimizes the radio network C. It uses Wi-Spy RF spectrum adapter D. It indicates which APs are reporting interferences

Correct answer: : D A Explanation: Cisco CleanAir is a spectrum analyzer that can be enabled on a Cisco wireless LAN controller (WLC), with CleanAir capable access points (APs), to scan a radio frequency (RF) space automatically. It not only identifies RF interference, but also indicates which APs have reported the interference to better locate it. It also has reports to indicate the severity to each channel that is based on the interference device. Wi-Spy radio frequency (RF) spectrum adapter is used by MetaGeek Chanalyzer, not Cisco CleanAir. MetaGeek Chanalyzer can either use its own adapter or be connected to a Cisco AP running in Spectrum Expert mode. It measures RF signals in the 2.4GHz and 5GHz spectrum and can detect co-channel and overlapping channels. Cisco CleanAir is enabled and run directly through a Cisco wireless LAN controller (WLC), and not through Windows OS. MetaGeek Chanalyzer is an example of a spectrum analyzer that is Windows OS based. Cisco CleanAir is designed to monitor and analyze radio frequencies (RFs) for reporting purposes, but does not automatically optimize the network. The Cisco Meraki Dashboard, however, does have this feature. It uses a dedicated radio to continuously monitor the 2.4 GHz and 5GHz spectrum. It can then use this information to automatically optimize the radio network.

question: To manage a Cisco Meraki device through Dashboard, it must be able to communicate with the Cisco Meraki Cloud. Which feature would it use to accomplish this? A. VPN B. Cisco MSE C. WGB D. Mtunnel

Correct answer: : D A Explanation: Mtunnel is a secure tunnel that is created between Cisco Meraki devices and Dashboard to pass management and reporting traffic. Outbound communication to the Meraki Cloud typically takes place through UDP port 7351. A Work Group Bridge (WGB) is created by selecting WGB mode on an autonomous access point. An access point, which is running this mode, is typically connected to a group of wired devices through a hub or switch. It then uses the Work Group Bridge to connect to another access point wirelessly and transmits traffic to and from the wired clients. It is not used for the specific purpose of connecting a Cisco Meraki device through Dashboard. A VPN is used to enable IP traffic to travel securely over a public TCP/IP network by encrypting all traffic from one network to another. A VPN uses tunneling to encrypt all information at the IP level. Cisco Meraki devices use an Mtunnel, not a VPN tunnel, to connect through Dashboard. The Cisco Mobility Services Engine (MSE) is a platform that uses Wi-Fi to increase visibility into the network, deploy location-based mobile services, and strengthen security. It is not used for connecting a Cisco Meraki device through Dashboard.

question: Which of the following is a networking protocol used for centralized authentication, authorization, and accounting management that facilitate users attempting to access a network and its resources? A. LDAP B. PSK C. Web Authentication D. RADIUS E. 802.1X

Correct answer: : D A Explanation: Remote authentication dial-in user service (RADIUS) is a networking protocol. RADIUS allows the management of authentication, authorization, and accounting (AAA). This allows an administrator to enforce who is allowed to access a network and network resources.

question: What information would typically be observed on a Wi-Fi scanner? A. RF Map B. Channel overlap C. Top protocols D. SSID security

Correct answer: : D A Explanation: SSIDs and SSID security can usually be viewed by Wi-Fi scanners. Wi-Fi scanners can also display other information, such as MAC addresses, channels, data rates, signal strengths, Received Signal Strength Indicators (RSSIs), and the last time SSIDs were seen. Radio frequency (RF) maps are generally viewed on site survey applications and not Wi-Fi scanners. Site survey tools also display information, like channel overlaps, signal-to-noise ratios (SNR), noise floors, bleed through, interference sources, equipment placement, rogue devices, and other WLAN features. Channel overlaps are typically picked up by spectrum analyzers and not Wi-Fi scanners. Spectrum analyzers also display information about radio frequency (RF) interferences, including which APs have reported the interference, and how severe the interference is to each channel. A list of top protocols is usually viewed by packet analyzers and not Wi-Fi scanners. Packet analyzers capture packets and display information, like which devices are transmitting the most (top talkers), frame data (as well as control, management, type, and usage of frames). They can also have a Peer Map that graphically represents all conversations between nodes on the network.

question: A client roams from one AP to another AP with the SSID. The new AP that the client connects to is associated with a different controller, but remains on the same VLAN interface. A control message is then exchanged between the two controllers. This allows the client database entry to be copied into the new controller and for the client to retain their IP configuration. Which type of roaming is being implemented in this scenario? A. Guest tunneling B. Intra-controller C. Inter-controller (Layer 3) D. Inter-controller (Layer 2)

Correct answer: : D A Explanation: When a client device, such as a laptop or mobile phone, connects to a new AP with the same SSID, it is known as roaming. Layer 2 inter-controller roaming occurs when a client connects to a different AP that is associated with a different controller. However, both controllers will share the same VLAN information and both controllers will be a part of the same mobility group. This means that even when the client roams to another AP, it will retain its IP configuration and remain on the same subnet. When a client device, such as a laptop or a mobile phone, connects to a new AP with the same SSID, it is known as roaming. Layer 3 inter-controller roaming occurs when a client connects to a different AP that is associated with a different controller. However, the controllers do not share the same VLAN information. This means that the original controller will become the client's point of presence (PoP), which is where the client is seen on the wired portion of the network. Additionally, the client's point of attachment (PoA) changes to the new controller associated with the new AP. This will allow the client to retain its IP configuration and use the new AP's controller to forward frames as if they were still connected to the original controller. When a client device, such as a laptop or a mobile phone, connects to a new AP with the same SSID, it is known as roaming. Intra-controller roaming occurs when a client connects to a different AP that is associated with the same controller as the original AP. The controller simply updates the client database with newly associated AP. In this scenario, the new AP is associated with a different controller; therefore, intra-controller roaming is not occurring. Guest tunneling, also known as auto-anchor static roaming, is a type of Layer 3 roaming. Guest tunneling allows for an administrator to assign a specific controller as a guest anchor. The guest anchor acts as the client's point of presence (PoP) and all traffic sent from the client, regardless of the AP to which they are connected, is sent to the guest anchor. This allows an administrator to easily set security policies for guest network traffic and protect the corporate network by only allowing guests Internet access and not access to the corporate network. Guest tunneling is not the type of roaming implemented in the scenario.

question: Which type of survey requires authentication and association to an AP? A. Manual B. Predictive C. Passive D. Active

Correct answer: : D B Explanation: An active site survey uses an actively transmitting AP and a WLAN enabled laptop to measure wireless signal strength from the AP in the actual environment. This is done to determine coverage, performance, the number of APs required, and where they will be installed. A passive site survey does not require authentication and association with an AP. A passive site survey uses a survey station to monitor and record radio frequency (RF) information from APs and other wireless devices. A predictive site survey can be performed off-site. Therefore, it does not require authentication and association with an AP. Manual site surveys are either active or passive. Although active site surveys require authentication and association with an AP, a passive site survey does not. Therefore, manual site surveys may not necessarily require authentication and association with an AP.

question: Which autonomous AP management options are disabled by default? A. Telnet B. SSH C. HTTP D. HTTPS

Correct answer: : D B Explanation: An autonomous AP can be managed through a command line interface, a GUI web interface, or from the Cisco Prime Infrastructure. By default, Telnet and SSH are enabled for autonomous AP management via the command line and HTTP for GUI web configuration. By default, HTTPS is disabled. Once enabled, a certificate will be generated. This must be installed on management clients to avoid warnings.

question: Which AP mode requires that IP-MAC address binding be disabled? A. Enhanced Local B. Monitor C. SE-Connect D. Sniffer

Correct answer: : D C Explanation: Sniffer Mode is used to monitor a single 2.4GHz and a single 5GHz channel simultaneously. The AP and can capture all of the 802.11 traffic on the monitored channel and forward the traffic to a remote station. IP-MAC address binding must be disabled when using Sniffer Mode as the wireless LAN controller (WLC) checks the IP address and MAC against registered addresses and will only forward packets with matching addresses. Monitor Mode is used to allow an AP to act as a sensor for an intrusion detection system (IDS), rogue AP detection, and context-aware services. The AP cannot serve clients while in Monitor Mode, as it cycles through all configured channels while listening. IP-MAC address binding does not need to be disabled for Monitor Mode. SE-Connect Mode allows the AP to be configured as a network-connected sensor for transmission signal strength and duty cycle. The AP cannot serve clients while in SE-Connect Mode. IP-MAC address binding does not need to be disabled for SE-Connect Mode. Enhanced Local Mode (ELM) provides Wireless Intrusion Prevention Services (wIPS) security to detect, locate, mitigate, and contain wireless and wired rogues at Layer 1 - 3. IP-MAC address binding does not need to be disabled for ELM.

Question: Which AP mode provides security detection, location, mitigation, and containment of network threats and rogues on the active channel? A. Enhanced Local B. Rogue Detector C. Monitor D. Local

Correct answer: A Explanation: Enhanced Local Mode (ELM) provides security detection using Wireless Intrusion Prevention System on the channel that is active while still servicing clients. For all other channels the security detection is considered as best effort. Local mode is the default mode for an AP after it has joined its preferred wireless LAN controller (WLC) if not configured for another operation mode. There is no security detection provided while using Local mode. Enhanced Local Mode (ELM) is the operation mode that provides security while still servicing clients. Monitor mode is an AP operation mode that allows an AP to act as a dedicated sensor for intrusion detection, rogue APs, and location-based services. The AP is not able to bridge client communication while in Monitor mode. Enhanced Local Mode (ELM) is the operation mode that provides security while still servicing clients. An AP that is in Rogue Detector mode has its radio services turned off and only listens to wired traffic. This mode is used to listen for and cache ARP packets. The cached addresses can then be used for determining the Layer 2 addresses of any rogue APs or clients. Enhanced Local Mode (ELM) is the operation mode that provides security while still servicing clients.

Question: DHCP has been configured to provide the IP addresses and WLC addresses to your APs. The APs and WLC are in separate broadcast domains. Which option field provides the WLC IP address information? A. Option 043 B. Option 006 C. Option 015 D. Option 042

Correct answer: A Explanation: When DHCP has been configured to provide the wireless LAN controller (WLC) IP address along with an IP address to an AP, the WLC information is entered in Option field 043. Using Option 043 allows the DHCP offer to advertise the WLC address to the AP. The AP then sends a unicast discovery message to each WLC address received. DHCP Option 015 is configured to provide the DNS domain name information to an AP. Option 015 is another commonly used DHCP option for wireless networks. This option does not provide the wireless LAN controller (WLC) IP address information to an AP. DHCP Option 006 is configured to provide the DNS Server information to an AP. Option 006 is another commonly used DHCP option for wireless networks. This option does not provide the wireless LAN controller (WLC) IP address information to an AP. DHCP Option 042 configuration is used to provide the NTP Server addresses. Option 042 will not provide wireless LAN controller (WLC) IP addresses to an AP.

Question: Which of the following technologies are unsupported in a converged infrastructure? A. Mesh B. FlexConnect C. OEAP D. AP direct connect E. AP modules

Correct answer: A B C E Explanation: Mesh is not supported in converged infrastructures. Cisco Wireless Mesh Access Points is a technology that allows scalable, central management of a Cisco based wireless network. FlexConnect is an unsupported feature in converged infrastructures. FlexConnect is a solution for connecting remote offices to the main office without the need for a controller in each remote office. OfficeExtend Access Point (OEAP) is a feature that is not supported in converged infrastructures. OfficeExtend is a way to deploy office wireless policies to telecommuters while allowing them full 802.11n performance and dual-band support. AP Modules like those used in Aironet, such as the 3600/3700, are not supported in a converged infrastructure. AP direct connect is a feature that allows an AP to have direct connectivity. This is accomplished by attaching an AP to the switch and assigning it to the Wireless Management Interface VLAN. This is a feature that is supported in converged infrastructure.

Question: Which of the following architectures is preferred for data center hosted environment? A. Autonomous B. FlexConnect C. Centralized D. Converged

Correct answer: B Explanation: An autonomous architecture is ideally used for hotspots or smaller enterprises. It is preferred for single static access points. This architecture is simple to deploy and cost effective. FlexConnect is a means of extending data center services to branch or remote offices. Data from the remote offices is either tunneled to the head office wireless LAN controller (WLC) or locally switched. A centralized architecture is geared towards campus environments with centralized traffic. The APs connect to switches which are then connected to premise-based controllers. The converged architecture is the highest performance design. This model converges wired and wireless traffic together. Platforms run IOS software, which standardizes and simplifies the user interface.

Question: Which channels are used in the ETSI domains to provide non-overlapping channels? A. 1, 5, 9, 14 B. 1, 5, 9, 13 C. 1, 6, 11 D. 1, 6, 11, 14

Correct answer: B Explanation: Regulations for power and channel usage vary by country. In the European Telecommunications Standards Institute (ETSI) domains, 13 channels are available. Having 13 channels makes it possible to have four non-overlapping channels (1, 5, 9, and 13), even though the noise level of each is higher than the three U.S. non-overlapping channels. The Federal Communications Commission (FCC) specifies 11 different channels for the 2.4 GHz band; each occupying a bandwidth of 22 MHz. Overlapping channels would cause co-channel interference. As a result, there are three non-overlapping channels in the United States: 1, 6, and 11. There are 11 channels available in the United States, 13 in Europe, and 14 in Japan. Japan has an additional channel at the top end of the band. It is possible to use this channel, along with three other channels, for a total of four non-overlapping channels (1, 6, 11, and 14); the fourth channel is far apart from the first three. There are 11 channels available in the United States, 13 in Europe, and 14 in Japan. The four non-overlapping channels for the European Telecommunications Standards Institute (ETSI) domains are 1, 5, 9, and 13, not 1, 5, 9, and 14.

Question: Which wireless standard will most likely be used for cellular offloading? A. 802.11ah B. 802.11af C. 802.11y D. 802.11ad

Correct answer: B Explanation: The 802.11af specification was approved Feb 2014. It is also referred to as TV White Space (TVWS), White-Fi, and Super Wi-Fi. The benefit of this frequency is better wall-penetrability and a larger coverage area. The most likely uses will be rural area broadband and cellular offloading (using it instead of 3G/4G). The 802.11af specification provides rates up to 300 Mbps depending on the number of spatial streams and has a range less than 5 km (3 miles). The 802.11ah frequency range varies by country, but is under the 1 MHz spectrum. Due to the frequency, the range will be greater than typical 2.4 GHZ or 5 GHz networks. The 802.11ah specification will not most likely be used for cellular offloading. The most probable use of this technology will be sensor networks and will compete with ZigBee. Channel bandwidth and power vary by country. The 802.11ah specification provides rates between 100 Kbps to 40 Mbps and has a range less than 1 km (0.6 miles). The 802.11y specification allows for a higher effective isotropic radiated power (EIRP) of up to 20 watts. This increase of power allows for an operating distance of 5 km (3 miles) or more. This band is for commercial use only. Licensees pay a small fee for a nationwide, non-exclusive license. They then pay an additional nominal fee for each high-powered base station that they deploy. The 802.11y specification will not likely be used for cellular offloading. Applications and benefits include longer distances, point-to-point links for bridging to link campus buildings, and link hotspots in deployed large area. The 802.11y specification provides rates up to 54 Mbps and has a range greater than 5 km (3 miles). The WiGig alliance was formed to promote the IEEE 802.11ad protocol. The 60 GHz is only good for short distances, as it does not propagate though walls or people. It can take advantage of reflection and uses beam-forming technology. The 802.11ad specification provides rates up to 7 Gbps and has a range between 1 to 10 meters (3 to 32 feet). The 802.11ad specification will not most likely be used for cellular offloading. This specification can be used in the following applications: - Very high-speed wireless transmission of audio/visual data (replacing cables) - Wi-Fi connection to external storage devices - New routers may use this band to supplement existing 2.4/5.0 GHz Wi-Fi for short range applications

Question: Which measurement takes into account both noise and interference? A. SNR B. RSSI C. SINR D. dBi

Correct answer: C Explanation: Signal-to-interference-plus-noise ratio (SINR) is a quantity used to give theoretical upper bounds on channel capacity (the rate of information transfer) in wireless communication systems. This calculation takes into account not only the noise floor, but also the strength of any interference to the signal. Signal-to-noise ratio (SNR) is the ratio of usable signal being transmitted to the undesired signal (noise). It is a measurement of transmission quality that is expressed in decibels (dB). SNR only accounts for noise, not interference. Received signal strength indicator (RSSI), also known as signal value, gives a measurement of the signal strength that one device receives from another device. It is measured in decibels in milliwatts (dBms). This measurement does not factor in noise or interference. Decibels-isotropic (dBi) is defined as the ratio of power produced by an antenna, from a far-field source on the antenna's beam axis, to the power produced by a hypothetical lossless isotropic antenna, which is equally sensitive to signals from all directions. This measurement does not factor in noise or interference.

Question: Which two statements are true regarding dynamic WLC interfaces? ( A. Support IPv6 addresses B. An IPv6 address is used for DHCP relay C. An IPv4 address is used for DHCP relay D. Support IPv4 addresses

Correct answer: C D Explanation: Dynamic interfaces are also referred to as VLAN interfaces. These allow separate communication streams to exist. They do not support IPv6 addresses, only IPv4. Dynamic interfaces are also referred to as VLAN interfaces. These allow separate communication streams to exist. They do not support IPv6 addresses, only IPv4. The IPv4 address is used for DHCP relay purposes, as there is no IPv6 DHCP relay on a wireless LAN controller (WLC). Dynamic interfaces only support IPv4 address, not IPv6 addresses. Dynamic interfaces are also referred to as VLAN interfaces. These allow separate communication streams to exist. The IPv4 address is used for DHCP relay purposes, as there is no IPv6 DHCP relay on a wireless LAN controller (WLC). Dynamic interfaces only support IPv4 address, not IPv6 addresses. Dynamic interfaces are also referred to as VLAN interfaces. These allow separate communication streams to exist. The IPv4 address is used for DHCP relay purposes, as there is no IPv6 DHCP relay on a wireless LAN controller (WLC).

Question: You need to ensure that only 802.11g clients are able to connect to an 802.11b/g WLAN. Which speeds must be disabled on the AP? A. 6, 9, 11, and 12 B. 5.5, 6, 9, and 12 C. 1, 2, 5.5, and 6 D. 1, 2, 5.5, and 11

Correct answer: D Your answer: C Explanation: The 802.11g protocol is backward-compatible with 802.11b, so 802.11b devices and 802.11g devices can coexist in the same cell connecting to the same AP. However, 802.11b devices cannot understand orthogonal frequency-division multiplexing (OFDM), so they cannot detect that an 802.11g client is sending unless direct sequence spread spectrum (DSSS) is the modulation that is being used. DSSS supports data rates of 1, 2, 5.5, and 11 Mbps. The 802.11g standard OFDM technology that was used in the 802.11a standard that allows for faster data rates. These rates are 6, 9, 12, 18, 24, 36, 48, and 54 Mbps. 802.11g also supports the data rates supported by 802.11b and when operating at these rates, it uses DSS modulation. Therefore, disabling the data rates of 1, 2, 5.5, and 11 Mbps will ensure that only 802.11g clients will be able to connect to the WLAN. To ensure that 802.11b clients will not be able to connect to an 802.11b/g network, you must disable the 1, 2, 5.5, and 11 Mbps data rates, not 5.5, 6, 9, and 12. To ensure that 802.11b clients will not be able to connect to an 802.11b/g network, you must disable the 1, 2, 5.5, and 11 Mbps data rates, not 1, 2, 5.5, and 6. To ensure that 802.11b clients will not be able to connect to an 802.11b/g network, you must disable the 1, 2, 5.5, and 11 Mbps data rates, not 6, 9, 11, and 12.

Omnidirectional antennas are best used for what environment? (Choose 2)

Covering a large area Point-to-point bridges Conference rooms Long hallways You Answered - Covering a large area Conference rooms Correct Answer - Covering a large area, Conference rooms

What information is needed to complete the initial walkthrough? (Choose 4) Determine temporary AP locations Obtain as-built facility diagram Bill-of-Material (BOM) Identify user areas Visually inspect the facility

Determine temporary AP locations, Obtain as-built facility diagram, Identify user areas, Visually inspect the facility

Trap logs can be viewed from where in the WLC? (Choose 3) GUI - Management Menu > SNMP GUI - Management Menu > Logs GUI-Monitor Summary CLI - show snmp logs CLI - show traplog

GUI - Management Menu > SNMP, GUI-Monitor Summary, CLI - show traplog

Which statement best describes scattering of a signal?

Loss of signal as it passes through an object A wave passing from one medium to another Encroachment into the Fresnel Zone Reflection of a signal in the air causing it to be sent it multiple directions You Answered - Reflection of a signal in the air causing it to be sent it multiple directions Correct Answer - Reflection of a signal in the air causing it to be sent it multiple directions

Which of the following is true regarding Prime Infrastructure 2.2 and WLCs? (Choose 3) PI 2.2 can be used to audit WLC configurations PI .2.2 can manage WLCs and their APs PI 2.2 cannot monitor WLCs PI 2.2 cannot monitor client devices PI 2.2 can monitor client devices

PI 2.2 can be used to audit WLC configurations, PI .2.2 can manage WLCs and their APs, PI 2.2 can monitor client devices

The typical Site Survey process requires the following steps? (Choose 3) Pre-deployment Site Survey Initial walkthrough Predictive WLAN design Indirect Site Survey Post Deployment Site Survey

Pre-deployment Site Survey, Initial walkthrough, Post Deployment Site Survey

Which of the following is the correct sequence for data transmission on a WLAN?

RTS - CTS - DATA - ACK

Which of the following lists the key features of Cisco Compatible Extensions v5?

Roaming and real-time diagnostics, MFP, a diagnostic channel that allows troubleshooting of the client, client reporting, optional location service, and expedited bandwidth

Beacon frames contain which of the following (Choose 3) Supported rates Supported SSIDs Time stamp Encryption key Keep alive time

Supported rates, Supported SSIDs, Time stamp

Switch ports to WLAN controllers should be configured as? (Choose 2) Switchport mode access Switchport mode trunk Spanning Tree - PortFast disabled Spanning Tree - PortFast enabled

Switchport mode trunk, Spanning Tree - PortFast disabled

Switch ports to access points should be configured as? (Choose 3) Switchport mode trunk Switchport mode access Spanning Tree - PortFast enabled Spanning Tree - PortFast disabled

Switchport mode trunk, Switchport mode access, Spanning Tree - PortFast enabled

Which of the following are questions in the WLC CLI/GUI wizards? (Choose 3) MAC Address System Name Management Interface IP address Country Code AP Mode

System Name, Management Interface IP address, Country Code

Which of the following correctly describes the procedure for a lightweight AP to successfully establish a connection to a controller?

The AP sends its certificate to the controller. The AP then authenticates the received Cisco WLC certificate as valid.

An Ad Hoc network is also referred to as Independent Basic Service Set (IBSS) network. True or False

True

In addition to being used during initial site survey, passive site surveys can be used during post-implementation to validate the final RF settings provide sufficient coverage to support the design requirements. True False

True

Split MAC splits the 802.11 protocol between the access point and the WLAN controller. True Or False

True

WebAuth authentication can be configured with user authentication. True False

True

A client cannot connect to the WLAN, what could be the issues? (Choose 3) Client has dual band radios WLAN SSID is disabled RADIUS server is down Client radio is set for full power Client is using an unsupported data rate

WLAN SSID is disabled, RADIUS server is down, Client is using an unsupported data rate

Question: Which command shows the IP address of a client associated with an AP? A. show client detail B. show client ap 802.11 {a || b} all C. show client ap 802.11 {a || b} D. show client summary

correct answer: A Your answer: D Explanation: The show client detail command displays detailed information on a client associated with the Cisco AP. It gives details such as: client's username, associated AP, Service Set Identifier (SSID), IP Address, supported data rates, mobility state, security, VLAN number, etc. The show client summary command gives a brief summary of clients that are associated to a Cisco AP. It gives details on clients' MAC addresses, AP associations, WLAN IDs, and radio protocol used (e.g. 802.11a). This command does not display a client's IP addresses. The show client ap 802.11 {a || b} command displays the clients that are associated on a radio (e.g. 802.11a, 802.11b) for a particular AP. It gives details on clients' MAC addresses, AP associations, WLAN IDs, and radio protocol type. This command does not display a client's IP addresses. The show client ap 802.11 {a || b} all command displays the clients that are associated on a radio (e.g. 802.11a, 802.11b) for all APs. It gives details on clients' MAC addresses, AP associations, WLAN IDs, and radio protocol type. This command does not display a client's IP addresses.