Question 231
How do AAA operations compare regarding user identification, user services, and access control?
A. Authorization provides access control, and authentication tracks user services
B. Authentication identifies users, and accounting tracks user services
C. Accounting tracks user services, and authentication provides access control
D. Authorization identifies users, and authentication provides access control
Question 232
What is the difference between RADIUS and TACACS+?
A. RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands.
B. TACACS+ separates authentication and authorization, and RADIUS merges them.
C. TACACS+ encrypts only password information, and RADIUS encrypts the entire payload.
D. RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication.
Question 233
What is a difference between local AP mode and FlexConnect AP mode?
A. Local AP mode creates two CAPWAP tunnels per AP to the WLC
B. Local AP mode causes the AP to behave as if it were an autonomous AP
C. FlexConnect AP mode fails to function if the AP loses connectivity with the WLC
D. FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured
Question 234
The SW1 interface g0/1 is in the down/down state. What are two reasons for the interface condition? (Choose two.)
A. There is a protocol mismatch
B. There is a duplex mismatch
C. The interface is shut down
D. The interface is error-disabled
E. There is a speed mismatch
Question 235
How will Link Aggregation be implemented on a Cisco Wireless LAN Controller?
A. The EtherChannel must be configured in “mode active”.
B. When enabled, the WLC bandwidth drops to 500 Mbps.
C. To pass client traffic, two or more ports must be configured.
D. One functional physical port is needed to pass client traffic.
Question 236
Which two conditions must be met before SSH operates normally on a Cisco IOS switch? (Choose two.)
A. IP routing must be enabled on the switch.
B. A console password must be configured on the switch.
C. Telnet must be disabled on the switch.
D. The switch must be running a k9 (crypto) IOS image.
E. The ip domain-name command must be configured on the switch.
Question 237
Refer to the exhibit. Which password must an engineer use to enter the enable mode?
A. adminadmin123
B. cisco123
C. default
D. testing1234
Question 238
Which state does the switch port move to when PortFast is enabled?
A. blocking
B. listening
C. learning
D. forwarding
Question 239
Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?
A. RADIUS
B. HTTPS
C. TACACS+
D. HTTP
Question 240
An engineer must configure interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?
A. configure DSCP
B. configure IEEE 802.1q
C. configure ISL
D. configure IEEE 802.1p
