Cisco 642-736

Implementing Advanced Cisco Unified Wireless Security (IAUWS)

Product Description Exam Number/Code: 642-736
Exam Number/Code: 642-736
Exam Name:Implementing Advanced Cisco Unified Wireless Security (IAUWS)
“Implementing Advanced Cisco Unified Wireless Security (IAUWS)”, also known as 642-736 exam, is a Cisco certification.With the complete collection of questions and answers, Pass4sure has assembled to take you through 85 Q&As to your 642-736 Exam preparation. In the 642-736 exam resources, you will cover every field and category in CCNP Wireless helping to ready you for your successful Cisco Certification.
Free Demo Download
Pass4sure offers free demo for 642-736 exam (Implementing Advanced Cisco Unified Wireless Security (IAUWS)). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.

Q&A V3.20

www.PassGuide.com

(C) Copyright 2006-2009 CertBible Tech LTD,All Rights Reserved.
Important Note
Please Read Carefully

Study Tips

This product will provide you questions and answers carefully compiled and written by our experts. Try to understand the concepts behind the questions instead of cramming the questions.

Go through the entire document at least twice so that you make sure that you are not
missing anything.

Latest Version

We are constantly reviewing our products. New material is added and old material is
revised. Free updates are available for 120 days after the purchase. You should check your
member zone at PassGuide an update 3-4 days before the scheduled exam date.

Feedback

If you spot a possible improvement then please let us know. We always interested in
improving product quality.
Feedback should be send to feedback@passguide.com. You should include the following:
Exam number, version, page number, question number, and your login ID.
Our experts will answer your mail promptly.

Be Prepared. Be Confident. Get Certified.
————————————————————————————————————————-
Sales and Support Manager
Sales Team: sales@passguide.com Support Team: support@passguide.com
———————————————————————————————————————

Copyright

Each pdf file contains a unique serial number associated with your particular name and
contact information for security purposes. So if we find out that a particular pdf file is
being distributed by you, CertBible reserves the right to take legal action against you
according to the International Copyright Laws.
Q: 1 What is the purpose of looking for anomalous behavior on a WLAN infrastructure?
A. identifying new attack tools
B. auditing employee’s bandwidth usage
C. identifying attacks using signature matching
D. improving performance by load balancing

Answer: A

Q: 2 As of controller release v5.2, which two statements about wired guest access support are true? (Choose two.)
A. It is not supported on the Cisco 2100 Series Controllers.
B. No more than three wired guest access LANs can be configured on a controller.
C. Layer 3 web authentication and passthrough are not supported.
D. Wired guest access cannot be configured in a dual-controller configuration that uses an anchor controller and a foreign controller.
E. The wired guest access ports must be in the same Layer 2 network as the foreign controller.

Answer: A, E

Q: 3 The wireless client can roam faster on the Cisco Unified Wireless Network infrastructure when which condition is met?
A. EAP-FAST is used for client authentication on the wireless network.
B. Cisco Centralized Key Management is used for Fast Secure Roaming.
C. QoS is being used on the WLAN to control which client packets get through the network faster.
D. RRM protocol is used between multiple APs that the client associates to while roaming.

Answer: B

Q: 4 Which option best describes an evil twin attack?
A. a rouge access point broadcasting a trusted SSID
B. a rogue access point broadcasting any SSID
C. a rouge ad-hoc with the SSID “Free WiFi”
D. a rouge access point spreading malware upon client connection

Answer: A

Q: 5 Which two configuration parameters does NAC OOB require on a SSID/WLAN? (Choose two.)
A. WMM enabled on the WLAN
B. open authentication on the WLAN
C. AAA override configuration on the WLAN
D. 802.1x configuration on the WLAN

Answer: B, D

Q: 6 Which two 802.11 frame types can be used in a virtual carrier (big NAV) attack? (Choose two.)
A. association
B. ACK
C. CTS
D. beacon
E. de-authentication

Answer: B, C

Q: 7 When adding the foreign controller as a mobility group member in the guest anchor controller, which statement is true?
A. The mobility group name on the guest anchor controller must match the mobility group name on the foreign controller.
B. The mobility group member IP address and MAC address belong to the management interface of the foreign controller.
C. To successfully add the foreign controller as a mobility group member in the guest anchor controller, all the parameters defined in the WLAN Security, QoS, and Advanced tabs must be configured identically in both the anchor and foreign controller.
D. In the guest anchor controller GUI, WLANs > Mobility Anchors page, use the Switch IP Address (Anchor) drop-down menu to select the IP address corresponding to the management interface of the anchor controller.

Answer: B

Q: 8 Drop Answer & Explanation Correct Answer
Explanations
No more information available

Answer: Check unicerts eEngine, Download from Member Center

Q: 9 For wireless NAC out-of-band operations, which protocol is used between the Cisco NAC Appliance Manager and the wireless controller to switch the wireless client from the quarantine VLAN to the access VLAN after the client passed the NAC authentication/posture assessment process?
A. RADIUS
B. TACACS+
C. SNMP
D. SSL
E. EAP

Answer: C

Q: 10 Which WLAN option, when enabled, allows different wireless clients to be connected to different VLANs based on the returned RADIUS attributes from the AAA server?
A. H-REAP
B. override interface ACL
C. NAC state
D. Cisco CKM
E. auth-proxy
F. allow AAA override

Answer: F

Q: 11 Which two statements about the EAP-FAST client-server authentication protocol are true? (Choose two.)
A. EAP-FAST establishes secure tunnel between the client and the server using certificates.
B. PAC can be distributed manually (out-of-band provisioning) or automatically (in-band provisioning).
C. EAP-FAST protocol uses PAC keys to establish secure encrypted tunnels between client and server.
D. Secure passwords are used to generate PAC key for creating secure TTLS tunnel between the client and the server.

Answer: B, C

Q: 12 When deploying guest WLAN access using the anchor controller, which is used to transport the guest data traffic between the foreign and anchor controllers?
A. UDP port 16666
B. UDP port 16667
C. IP protocol 97
D. UDP port 161
E. UDP port 162

Answer: C

Q: 13 What are the configuration steps, in order, for implementing wireless guest users using the foreign and anchor controllers approach?
A. 1) RF mobility group
2) lobby ambassador
3) SSID
B. 1) mobility domain name
2) mobility group
3) web portal
C. 1) anchor controller
2) WLAN
3) local guest server
4) lobby administrator
D. 1) anchor controller
2) mobility group
3) guest WLAN
4) guest account management

Answer: D

Q: 14 When troubleshooting clients on the Diagnostic channel, which two statements are true? (Choose two.)
A. When turning the Diagnostic channel on the WLAN, the WLAN becomes disabled.
B. Only clients with Cisco Compatible Extensions enabled can be used for troubleshooting on the Diagnostic channel.
C. Up to two WLAN can be turned on with Diagnostic channel at the same time.
D. Only Cisco-manufactured wireless cards are available for the Diagnostic channel troubleshooting.

Answer: A, B

Q: 15 Which ports are used by CAPWAP?
A. UDP 12222 and 12223
B. UDP 5246 and 5247
C. UDP 16666 and 16667
D. UDP 161 and 162
E. TCP 12222 and 12223
F. TCP 16666 and 16667

Answer: B

PassGuide CCNP Practice Test Questions

• testking ccnp 642-746 pdf
• pass4sure ccnp 642-741 practice test
• passguide cisco 642-736 pdf