Cisco Exam Code: 400-351 Exam Name

Free VCE and PDF Exam Dumps from PassLeader
 Vendor: Cisco
 Exam Code: 400-351
 Exam Name: CCIE Wireless Written Exam, v3.1
 Question 1 – Question 30
Visit PassLeader and Download Full Version 400-351 Exam Dumps
QUESTION 1
Refer to the exhibit, based upon the given configuration, which two statements are true? (Choose
two.)
A.
B.
C.
D.
E.
local RADIUS server is used
No password is required everyone can join wireless network
Users will be required to provide a username and password for authentication
User will be required to provide a password only order to get access
Remote RADIUS servers is used
Answer: AC
QUESTION 2
Which two features require Network Time Protocol synchronization on the Cisco 5760 WLC?
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
(Choose two.)
A.
B.
C.
D.
AP CAPWAP multicast
SNMPv3
AP authentication
Band Select
Answer: BC
QUESTION 3
Refer the exhibit. The created dynamic interfaces are bound to an interface group for a specific
WLAN profile in a Cisco Wireless LAN Controller. You have noticed duplicated multicast streams
on the wireless medium for the given WLAN profile. Which statement is correct?
A.
Globalmulticast mode,globai 1Pv6 config,and multicast listener discovery snooping have not been enabled.
Enable this to avoid duplicate streams.
B. Global multicast mode and internet group management protocol snooping have not been enabled. To avoid
stream enable both.
C. The controller creates different multicast groups IDs for each multicast address and VLAN and a result the
upstream router sends one copy for each VLAN. Enable Multicast VLAN to avoid duplicate streams.
D. The controller always uses layer 3 multicast group 10 for all layer 3 multicast traffic sent to the access point
internet group management protocol snooping should be disabled to avoid duplicate streams.
Answer: C
QUESTION 4
Refer to the exhibit. The autonomous AP has a corporate and guest SSID configured. The security
team requested that you limit guest user traffic to DHCP ,DNS, and web browsing on the AP. Which
configuration best satisfies the request?
A. access-list 101 permit udp any any eq 67
access-list 101 permit udp 10.28.128.0 0.0.0.255 host 10128.10.15 eq 53
access-list 101 permit tcp 10.28.128.0.0.0.0.255 any eq 80
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
access-list 101 deny ip any any
interface dot11 radio 0 ip access-group 101 in
B. access-list 101 permit udp any any eq 67
access-list 101 permit udp 10.28.128 0.255.255.255 host 10128.10.15 eq 53
access-list 101 permit tcp 10.28.128 0.255.255.255 any eq 80
access-list 101 deny ip any any
interface dot11 radio 0 ip access-group 101in
C. access-list 101 permit udp any any eq 67
access-list 101 per mit udp 10.28.128.0 0.0.0.255 host 10128.10.15 eq 53
access- list 101 permit tcp 10.28.128.0 0.0.0.255 any eq 80
access-list 101 deny ip any any
interface fast Ethernet 0 ip access-group 101 in
D. access-list 101 permit udp any any eq 67
access-list 101 permit udp 10.28.128 0.255.255.255 host 10128.10.15 eq 53
access-list 101 permit tcp 10.28.128 0.255.255.255 any eq 80
access-list 101 deny ip any any
interface fast Ethernet 0 ip access-group 101 in
Answer: C
QUESTION 5
Refer to the exhibit. The network operations center is using PI to collect and monitor the AVC data
from a cisco WLC. However no AVC information is showing up in cisco PI. Based on this information
from the Cisco WLC reason that Cisco PI is not showing the information is True?
A.
B.
C.
D.
Cisco prime does not have the correct licensing installed.
The monitor-Name and exporter-name do note match.
The Exporter-IP should be the IP address of the cisco WLC.
The port number should be 9991.
Answer: D
QUESTION 6
Which two statements about LAG in the Cisco wireless LAN controller running Aire OS 8.0 are true?
(choose two.)
A.
B.
C.
D.
LAG bundles all of the crsco WLC distribution system ports into a single 802.3ad port channel.
There can be only one AP-manager interface if LAG is enabled.
LAG configuration change take effect immediately after they are configured.
Channel negotiation LACP and PAgP are supported.
Answer: AB
QUESTION 7
You have configured video stream on a Cisco WLC and users are now viewing the company video
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
broadcast over the wireless network, how can you verify you have video stream configures and
working in the cisco WLC GUI?
A.
B.
C.
D.
The multicast status shows "normalmulticast" in the multicast group detail
The multicast status shows "MediaStream allowed" in the multicast group detail
The WMM state shows "Enabled" into the clients detai
The multicast status shows "multicast-direct allowed" in the multicast group detail
Answer: D
QUESTION 8
Refer to the exhibit. APs on VLAN 2100 can get IP address but cannot register to the WLC. The iP
address of the WLC management interface is 24.244.4.227. Which option is the correct DHCP
option 43 configuration?
A.
B.
C.
D.
E.
f10412f41cd9
f10418f404227
f10818f41cd0a181cf4a01c
f10418f404e3
f1040a3f0701
Answer: D
QUESTION 9
Which two statements describe characteristics of high availability cisco 5760wireless LAN controller
that uses the stackwise-480 technology? (Choose two.)
A. A switch stach has only three WLCs one active WLC and two standby WLCs.
B. lf the WLC become unavailable the standby assumes the role of the active and continue to the keep
the stack operational.
C. A switch stack has only Two WlCs both WLCs are in active/active mode.
D. A switch stack has only two WLCs one active and one standby WLC.
Answer: BD
QUESTION 10
Which option in the cisco identity service engine allows for authorization based on Active Directory
user and domain computer login?
A.
B.
C.
D.
Machine access restnction
Active directory group
Active directory attributes
Identity source sequences
Answer: A
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
QUESTION 11
While troubleshooting a failed central web authentication configuration on cisco WLC, you discover
that the Cisco WLC policy manager state is showing RUN For new client and not
CENTRAL_WEB_AUTH, what is most likely the issue?
A.
B.
C.
D.
The WLAN Layer 2 security should be sent to WPA+WPA2
The WLAN NAC state should be set to RADIUS NAC
The web login page under the cisco WLC security should be set to external (redirect to external server)
The WLAN layer 3 security should be set to web page policy with condition web redirect
Answer: B
QUESTION 12
Two autonomous Aps are connected to a switch on the same VLAN both APS are configured with
the same SSID and WPA2-PSK. After making configuration changes to one of the APs .spanning
tree disabled one of the switch ports into which AP was plugged? Which two options describe
possible reasons that spanning tree disabled a port? (Choose two.)
A.
B.
C.
D.
E.
One of the Aps was configured as a universal workgroup bridge
It is not possible for spanning tree to disable a port. The bridging loop must have been coincidental
Spanning tree was disabled on both Aps
PortFast was enabled on all ports
One of the APs was configured as a standard workgroup bridge
Answer: AE
QUESTION 13
During the Cisco 5760 WLC high availability active and standby process (elected or re-elected),
which factor can determine which Cisco 5760 WLC become active?
A.
B.
C.
D.
The cisco 5760 WLC the highest stack member priority value
the cisco 5760 WLC the highest IP address
the cisco 5760 WLC the lowest stack member priority value
the cisco 5760 WLC the highest Mac address
Answer: A
QUESTION 14
Refer to the exhibit. Your colleague a junior network engineer is struggling to enable DHCP option
82 in the layer 3 switch which is in the DMZ for a mobile client under a guest anchor Cisco wireless
LAN controller deployment. What is your answer?
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
A.
DHCP proxy must be enabled for DHCP option 82 to operate correctly.
All Cisco WLCsthat will be in the setup must have the same DHCP proxy setting.
B. DHCP option 82 must be enabled on the dynamic interface with which theWLANis associated.
C. DHCP option 82 is not supported when it is used with auto-anchor mobility.
D. The mobility tunnel datapath control path or both between the anchor cisco WLC and foreign WLC are down.
Answer: C
QUESTION 15
RX-SOP is configured for SGHz radio with value set as "High Threshold". Which two clients will
associate to the AP? (Choose two.)
A.
B.
C.
D.
client with RSSI-75 dBm
client with RSSI-79d8m
client with RSSI-77dBm
client with RSSI-73dBm
Answer: AD
QUESTION 16
Which MSS value is appropriate on a Cisco 5508 WLC in an IPV6-only environment?
A.
B.
C.
D.
1236
2131
1285
1331
Answer: D
QUESTION 17
Refer to the exhibit. According to the debugs and loin the Cisco WLC and Cisco LAP which WLC
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
discovery Algorithem is used by the LAP to join the Cisco WLC?
A. DHCP server LAP sends a layer 3 CAPWAP discover request to the Cisco WLC that is listed m the
DHCP option 43.
B. configured LAP sends a uncast layer 3 CAPWAP discover request to the Cisco WLC IP address
that the LAP has in its NVRAM.
C. Broadcast lap broadcasts a layer 3 CAPWAP discover massage on the local ip subnet.
D. DNS lap resolve the DNS Name CISCO-CAPWAP-CONTEOLLER cisco to the Cisco WLC ip
address then it sends a uncast layer 3 CAPWAP discovery request to the Cisco WLC.
Answer: A
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
QUESTION 18
Which port does cisco JSE use by default to send RADIUS CoA messages to the Cisco WLC?
A.
B.
C.
D.
UDP 3799
UDP 1813
UDP 1700
TCP 1812
Answer: C
QUESTION 19
Which technology is used by AVC on a Cisco WLC for identification and classification of
applications?
A.
B.
C.
D.
modular QoS CLI
NBAR
ACL
IP precedence
Answer: B
QUESTION 20
Drag and Drop Question
Drag and drop the RRM function on the left to the entity that performs the function on the right.
Answer:
QUESTION 21
Refer to the exhibit. Which AAA attribute is not used by the Cisco WLC running AireOS 8.0?
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
A.
B.
C.
D.
Tunnel-Pnvate-Group-10
Tunnel-Type
Airespace-QOS-Level
DACL
Answer: D
QUESTION 22
When creating a guest account on Cisco identity Services Engine. Which option in the sponsor
portal allows for the guest credentials to be used for RADIUS authentication without requiring the
guest user to log into the guest portal?
A.
B.
C.
D.
Set the Guest role to Guest
Set the Guest role to Activated guest
Set the Time Profile to Radius 1Day
Check the box to send email not send email notification id the guest user name is based on the email address
Answer: B
QUESTION 23
Drag and Drop Question
Drag and drop the per-client downstream rate limiting settings on the left on their correct order of
preference on the right.
Answer:
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
QUESTION 24
Which two statements about 802.11are true? (Choose two.)
A.
B.
C.
D.
E.
MIC is appended for robust management frame.
IGTK is used to protect robust broadcast and multicast management frames.
Association and disassociation frames are protected.
PKC is used to protect robust unicast management frames.
Association responses are not protected.
Answer: BE
QUESTION 25
Your customer has high availability Clint SSO configure using a pair of Cisco 5508 WlCs running
8.0 code.The primary unit failed over and the secondary unit is now active. Which two statements
are true? (Choose two.)
A.
B.
C.
D.
Both controller RMIcan be in different subnets
Only the clients that are in the run state are maintained during failover
Clients that are in transition such as roaming are dissociated
New mobility is supported
Answer: BC
QUESTION 26
You are installing CA controllers that run Cisco ISO-XE and you are ready to implement QoS .Which
QoS target level apply to downstream traffic (toward the client)?
A.
B.
C.
D.
Client SSID
Client SSID radio
Client SSID Radio port
Client radio
Answer: C
QUESTION 27
Refer to the exhibit. Which statement about this CPU ACL is true?
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
A.
B.
C.
D.
A user on the 10.64.0.0/24 network can use SSH to access the WLC
A User on the 10.64.0.0/24 network can not use HTTPS to accessthe WLC GUI
A user on the 10.64.0.0/24 network can not use telnet to access the WLC 172.21.159.37
Any user on any other subnet can access the WLC
Answer: C
QUESTION 28
Which three AP modes are supported by Converged Access WLC (3650/3850/5760) in cisco ISOXE software 3.6E? (Choose three.)
A.
B.
C.
D.
E.
F.
sniffer
local
Fiexconnect
monitor
office extend
Mesh
Answer: ABD
QUESTION 29
Your customer needs the list of all the guest client that connected to Wi-Fi successfully but have
not yet authenticated. The customer decides to creat an advanced filter in Cisco PIunder monitor
client and user, which two conditions should be included in the filter? (Choose two.)
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps
Free VCE and PDF Exam Dumps from PassLeader
A.
B.
C.
D.
PEM state =WebauthReqD
On Network= Yes
Status =Associated
Type =Lightweight client
Answer: CD
QUESTION 30
Refer to the exhibit. Your customer is testing native supplicant provisioning using the ISE (at
192.168.1.2) and a Cisco WlC. The Cisco WlC has an ACcl onfigured on it called onboarding during
the testing of many different client devices (android apple windows) it appears that these devices
are never redirected to the on boarding portal through they a access the internet, which statement
explain this behavior?
A. The ACL has a permit any at the end of the list redirection does not take place unless the client hits
a website that gets denied
B. The source and destination port in the ACL are not set up correctly
C. The ACL has a permit any at the end of the list redirection does not take place unless the client hits
a websites that guest permitted
D. there is nothing wrong the acl the problem must exist either on the client side or on the configured
ISE authorization profile
Answer: C
Visit PassLeader and Download Full Version 400-351 Exam Dumps
400-351 Exam Dumps
400-351 Exam Questions 400-351 PDF Dumps
http://www.passleader.com/400-351.html
400-351 VCE Dumps