Cisco 300-430 exam revealed answer (P. 14)

Question 131

An IT team is growing quickly and needs a solution for management device access. The solution must authenticate users from an external repository instead of the current local on the WLC, and it must also identify the user and determine what level of access users should have.
Which protocol do you recommend to achieve these goals?

A. network policy server

B. RADIUS

C. TACACS+

D. LDAP

Question 132

Refer to the exhibit. An engineer must connect a fork lift via a WGB to a wireless network and must authenticate the WGB certificate against the RADIUS server.
Which three steps are required for this configuration? (Choose three.)

Image 300-430_132Q.png related to the Cisco 300-430 Exam

A. Configure the certificate, WLAN, and radio interface on WGB.

B. Configure the certificate on the WLC.

C. Configure WLAN to authenticate using ISE.

D. Configure the access point with the root certificate from ISE.

E. Configure WGB as a network device in ISE.

F. Configure a policy on ISE to allow devices to connect that validate the certificate.

Question 133

During the EAP process and specifically related to the client authentication session,
Which encrypted key is sent from the RADIUS server to the access point?

A. WPA key

B. session key

C. encryption key

D. shared-secret key

Question 134

A network is set up to support wired and wireless clients. Both types must authenticate using 802.1X before connecting to the network. Different types of client authentication must be separated on a Cisco ISE deployment.
Which two configuration items achieve this task? (Choose two.)

A. device profiles

B. policy sets

C. separate networks

D. policy groups

E. policy results

Question 135

An engineer is troubleshooting a Cisco CMX high-availability deployment and notices that the primary and backup Cisco CMX servers are both considered primary.
Which command must the engineer run on the backup server?

A. cmxha convert backup

B. cmxha backup convert

C. cmxha secondary convert

D. cmxha convert secondary

Question 136

A network administrator managing a Cisco Catalyst 9800-80 WLC must place all iOS connected devices to the guest SSID on VLAN 101. The rest of the clients must connect on VLAN 102 distribute load across subnets. To achieve this configuration, the administrator configures a local policy on the WLC.
Which two configurations are required? (Choose two.)

A. Assign a policy map under global security policy settings.

B. Add local profiling policy under global security policy settings.

C. Create a service template.

D. Allow HTTP and DHCP profiling under policy map.

E. Enable device classification on global wireless settings.

Question 137

An engineer is assembling a PCI report for compliance purposes and must include missed best practices that are related to WLAN controllers. The engineer has access to all WLCs, Cisco MSE, and Cisco Prime Infrastructure.
Which method most efficiently displays a summary of inconsistencies?

A. WLC running-config

B. Cisco Prime Infrastructure monitoring

C. Cisco Prime Infrastructure reporting

D. WLC logs

Question 138

An engineer is ensuring that, on the IEEE 802.
1X wireless network, clients authenticate using a central repository and local credentials on the Cisco WLC.
Which two configuration elements must be completed on the WLAN? (Choose two.)

A. TACACS+

B. MAC authentication

C. local EAP enabled

D. web authentication

E. LDAP server

Question 139

An engineer must enable LSS for the AppleTV mDNS service only when ORIGIN is set to Wired.
Which action meets this requirement?

A. Set ORIGIN to Wired. Enable LSS by using the config mdns service Iss All command.

B. Set ORIGIN to Wired. Enable LSS by using the config mdns service Iss AppleTV command.

C. Set ORIGIN to either Wireless or All. Enable LSS by using the config mdns service Iss All command.

D. Set ORIGIN to either Wireless or All. Enable LSS by using the config mdns service Iss enable AppleTV command.

Question 140

A Cisco 8540 WLC manages Cisco Aironet 4800 Series Aps and send AoA data to a Cisco CMX 3375 Appliance for Hyperlocation. The load from the WLC is distributed to another virtual CMX server using CMX grouping. The virtual CMX server shows location RSSI data and not Hyperlocation. No AoA metrics are shown on the metrics page of the CMX virtual appliance under System > Metrics > Location Metrics. How must the network administrator resolve this issue?

A. Enable Wireless > Access Points > Global configuration > Enable Hyperlocation on the WLC.

B. Enable the HALO module on the CMX appliance for the data collection.

C. Allow port 2003 for AoA packets to flow through between the CMX appliances.

D. Use one Hyperlocation-enabled WLC and CMX for AoA data.

Win IT Exam with Last Dumps 2024

Cisco 300-430 Exam

Page 14/17

Viewing Questions 131 140 out of 165 Questions

A. network policy server

B. RADIUS

C. TACACS+

D. LDAP

Refer to the exhibit. An engineer must connect a fork lift via a WGB to a wireless network and must authenticate the WGB certificate against the RADIUS server.Which three steps are required for this configuration? (Choose three.)

A. Configure the certificate, WLAN, and radio interface on WGB.

B. Configure the certificate on the WLC.

C. Configure WLAN to authenticate using ISE.

D. Configure the access point with the root certificate from ISE.

E. Configure WGB as a network device in ISE.

F. Configure a policy on ISE to allow devices to connect that validate the certificate.

During the EAP process and specifically related to the client authentication session,Which encrypted key is sent from the RADIUS server to the access point?

A. WPA key

B. session key

C. encryption key

D. shared-secret key

A network is set up to support wired and wireless clients. Both types must authenticate using 802.1X before connecting to the network. Different types of client authentication must be separated on a Cisco ISE deployment.Which two configuration items achieve this task? (Choose two.)

A. device profiles

B. policy sets

C. separate networks

D. policy groups

E. policy results

An engineer is troubleshooting a Cisco CMX high-availability deployment and notices that the primary and backup Cisco CMX servers are both considered primary.Which command must the engineer run on the backup server?

A. cmxha convert backup

B. cmxha backup convert

C. cmxha secondary convert

D. cmxha convert secondary

A. Assign a policy map under global security policy settings.

B. Add local profiling policy under global security policy settings.

C. Create a service template.

D. Allow HTTP and DHCP profiling under policy map.

E. Enable device classification on global wireless settings.

An engineer is assembling a PCI report for compliance purposes and must include missed best practices that are related to WLAN controllers. The engineer has access to all WLCs, Cisco MSE, and Cisco Prime Infrastructure.Which method most efficiently displays a summary of inconsistencies?

A. WLC running-config

B. Cisco Prime Infrastructure monitoring

C. Cisco Prime Infrastructure reporting

D. WLC logs

An engineer is ensuring that, on the IEEE 802.1X wireless network, clients authenticate using a central repository and local credentials on the Cisco WLC.Which two configuration elements must be completed on the WLAN? (Choose two.)

A. TACACS+

B. MAC authentication

C. local EAP enabled

D. web authentication

E. LDAP server

An engineer must enable LSS for the AppleTV mDNS service only when ORIGIN is set to Wired.Which action meets this requirement?

A. Set ORIGIN to Wired. Enable LSS by using the config mdns service Iss All command.

B. Set ORIGIN to Wired. Enable LSS by using the config mdns service Iss AppleTV command.

C. Set ORIGIN to either Wireless or All. Enable LSS by using the config mdns service Iss All command.

D. Set ORIGIN to either Wireless or All. Enable LSS by using the config mdns service Iss enable AppleTV command.

A. Enable Wireless > Access Points > Global configuration > Enable Hyperlocation on the WLC.

B. Enable the HALO module on the CMX appliance for the data collection.

C. Allow port 2003 for AoA packets to flow through between the CMX appliances.

D. Use one Hyperlocation-enabled WLC and CMX for AoA data.

Refer to the exhibit. An engineer must connect a fork lift via a WGB to a wireless network and must authenticate the WGB certificate against the RADIUS server.
Which three steps are required for this configuration? (Choose three.)

During the EAP process and specifically related to the client authentication session,
Which encrypted key is sent from the RADIUS server to the access point?

A network is set up to support wired and wireless clients. Both types must authenticate using 802.1X before connecting to the network. Different types of client authentication must be separated on a Cisco ISE deployment.
Which two configuration items achieve this task? (Choose two.)

An engineer is troubleshooting a Cisco CMX high-availability deployment and notices that the primary and backup Cisco CMX servers are both considered primary.
Which command must the engineer run on the backup server?

An engineer is assembling a PCI report for compliance purposes and must include missed best practices that are related to WLAN controllers. The engineer has access to all WLCs, Cisco MSE, and Cisco Prime Infrastructure.
Which method most efficiently displays a summary of inconsistencies?

An engineer is ensuring that, on the IEEE 802.
1X wireless network, clients authenticate using a central repository and local credentials on the Cisco WLC.
Which two configuration elements must be completed on the WLAN? (Choose two.)

An engineer must enable LSS for the AppleTV mDNS service only when ORIGIN is set to Wired.
Which action meets this requirement?