Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-375

Cisco® 300-375 Exam Practice Questions (P. 1)

  • Full Access (53 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
Which two considerations must a network engineer have when planning for voice over wireless roaming? (Choose two.)
  1. A
    Roaming with only 802.1x authentication requires full reauthentication.
  2. B
    Roaming time increases when using 802.1x + Cisco Centralized Key Management.
  3. C
    Full reauthentication introduces gaps in a voice conversation.
  4. D
    Roaming occurs when the phone has reached -80 dBs or below.
  5. E
    Roaming occurs when the phone has seen at least four APs.

Correct Answer:
AC
In the absence of CCKM, a WPA/WPA2 client must perform a full EAP authentication to a remote AAA/RADIUS server, followed by a WPA/WPA2 4- way handshake whenever it roams. This process can take more than one second. With CCKM, the roaming client and WLC can use pre-established keying material to immediately establish a PTKnormally within a few ten of milliseconds.

Question #2
Which two 802.11 methods can be configured to protect card holder data? (Choose two.)
  1. A
    CCMP
  2. B
    WEP
  3. C
    SSL
  4. D
    TKIP
  5. E
    VPN

Correct Answer:
CE
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Compliance/Compliance_DIG/Compliance_DIG/PCI_AppC.html (Section: Build & Maintain a
Secure Network)

Question #3
An engineer is changing the authentication method of a wireless network from EAP-FAST to EAP-TLS. Which two changes are necessary? (Choose two.)
  1. A
    Cisco Secure ACS is required.
  2. B
    A Cisco NAC server is required.
  3. C
    All authenticating clients require their own certificates.
  4. D
    The authentication server now requires a certificate.
  5. E
    The users require the Cisco AnyConnect client.

Correct Answer:
CD
Reference: http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-1300-series/prod_qas09186a00802030dc.html

Question #4
Which mobility mode must a Cisco 5508 Wireless Controller be in to use the MA functionality on a Cisco Catalyst 3850 Series Switch with a Cisco 5508 Wireless
Controller as an MC?
  1. A
    classic mobility
  2. B
    new mobility
  3. C
    converged access mobility
  4. D
    auto-anchor mobility

Correct Answer:
C
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3850-series-switches/product_bulletin_c25-720777.html

Question #5
WPA2 Enterprise with 802.1x is being used for clients to authenticate to a wireless network through an ACS server. For security reasons, the network engineer wants to ensure only PEAP authentication can be used. The engineer sent instructions to clients on how to configure their supplicants, but users are still in the
ACS logs authenticating using E-FAST. Which option describes the most efficient way the engineer can ensure these users cannot access the network unless the correct authentication mechanism is configured?
  1. A
    Enable AAA override on the SSID, gather the usernames of these users, and disable their RADIUS accounts until they make sure they correctly configured their devices.
  2. B
    Enable AAA override on the SSID and configure an access policy in ACS that denies access to the list of MACs that have used EAP-FAST.
  3. C
    Enable АAА override on the SSID and configure an access policy in ACS that allows access only when the EAP authentication method is PEAP.
  4. D
    Enable AAA override on the SSID and configure an access policy in ACS that puts clients that authenticated using EАР-FAST into a quarantine VLAN.

Correct Answer:
D

Next Questions

All Pages