CCNP Wireless IAUWS (642-736) Real Exam Questions
Implementing Advanced Cisco Unified Wireless Security
The 642-736 IAUWS Implementing Advanced Cisco Unified Wireless Security exam is the exam associated with the CCNP Wireless certification. This exam assesses a candidate’s capability to secure the wireless network from security threats via appropriate security policies and best practices, to properly implement security standards, and to properly configure wireless security components. Candidates can prepare for this exam by taking the IAUWS Implementing Advanced Cisco Unified Wireless Security course.
1: What is the purpose of looking for anomalous behavior on a WLAN infrastructure?
A.identifying new attack tools
B.auditing employee’s bandwidth usage
C.identifying attacks using signature matching
D.improving performance by load balancing
Correct Answers: A
2: When deploying guest WLAN access using the anchor controller, which is used to transport the guest data traffic between the foreign and anchor controllers?
A.UDP port 16666
B.UDP port 16667
C.IP protocol 97
D.UDP port 161
E.UDP port 162
Correct Answers: C
3: When is local EAP authentication on the controller used?
A.to authenticate the APs that act as 802.1X supplicants
B.as a backup in case the APs cannot reach the controllers
C.as a backup in case the RADIUS servers are not reachable
D.when deploying guest access using the anchor controller
Correct Answers: C
4: When adding a new Local Net User on the controller, what happens if the Guest User check box is selected?
A.Web authentication will be enabled on the guest account.
B.The amount of time the guest user has access to the local network will be limited.
C.The controller will authenticate the guest account using the Cisco NAC Guest Server.
D.The guest user traffic will be associated to the guest VLAN.
E.802.1x authentication will be disabled on the guest account.
Correct Answers: B
5: For wireless NAC OOB implementation, the Cisco WLC is added on the Cisco NAC Appliance Manager as what kind of device?
A.RADIUS client
B.RADIUS server
C.SNMP trap receiver
D.OOB management device
E.OOB virtual gateway
Correct Answers: D
6: Which function does a rogue detector access point perform?
A.RLDP
B.switch port tracing
C.rogue AP containment
D.identifying a rogue AP on the wired network
Correct Answers: D
7: If DHCP services are implemented on the anchor controller, what is locally populated in the primary DHCP server field?
A.DHCP relay IP address
B.next-hop router IP address
C.firewall DMZ interface IP address
D.management IP address of the controller
Correct Answers: D
8: When using Cisco Secure Services Client to configure a wireless LAN connection that uses EAP-FAST, which three options are available as the inner authentication method? (Choose three.)
A.GTC
B.PAC
C.MSChapV2
D.TLS
E.PAP
F.pre-shared key
Correct Answers: A C D
9: As of controller release v5.2, which two statements about wired guest access support are true? (Choose two.)
A.It is not supported on the Cisco 2100 Series Controllers.
B.No more than three wired guest access LANs can be configured on a controller.
C.Layer 3 web authentication and passthrough are not supported.
D.Wired guest access cannot be configured in a dual-controller configuration that uses an anchor controller and a foreign controller.
E.The wired guest access ports must be in the same Layer 2 network as the foreign controller.
Correct Answers: A E
10: The wireless client can roam faster on the Cisco Unified Wireless Network infrastructure when which condition is met?
A.EAP-FAST is used for client authentication on the wireless network.
B.Cisco Centralized Key Management is used for Fast Secure Roaming.
C.QoS is being used on the WLAN to control which client packets get through the network faster.
D.RRM protocol is used between multiple APs that the client associates to while roaming.
Correct Answers: B
Download | Password: certificatexam.com