642-737 Latest Exam (Aug 2018)

[Free] 2018(Aug) Dumps4cert Cisco 642-737 Dumps with VCE and PDF Download 1-10

August 10, 2018

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug Cisco Official New Released 642-737
100% Free Download! 100% Pass Guaranteed!

Implementing Advanced Cisco Unified Wireless Security v2.0

Question No: 1

An engineer is responding to a man-in-the-middle attack and needs to enable security features to prevent such attacks in the future. What security feature would prevent a man- in-the-middle attack?

  1. Management Frame Protection

  2. ACL

  3. Enable client and infrastructure MFP

  4. AAA Override

Answer: C

Question No: 2

All users on one of the two guest WLANs are failing to connect after a configuration change was made to a controller. What is the cause of the outage?

  1. The interface or VLAN of the anchor controller and foreign controller no longer match.

  2. The configuration of the failing WLAN no longer matches the foreign controllers.

  3. The address of the NAC guest server has been changed.

  4. The DHCP server on the foreign controller was changed.

Answer: B

Question No: 3

When configuring the WLC for NAC out-of-band, which device will be used for SNMP trap receiver IP address entries?

  1. Cisco NAC Appliance Manager

  2. Cisco NAC Appliance Server

  3. Cisco NAC Guest Server

  4. Cisco ACS

  5. Cisco WCS

Answer: A

Question No: 4

Refer to the exhibit.

Dumps4Cert 2018 PDF and VCE

A WLAN with the SSID quot;Enterprisequot; is configured. Which rogue will be marked as malicious?

  1. a rogue with no clients, broadcasting the SSID quot;Enterprisequot; heard at -50dBm

  2. a rogue with two clients, broadcasting the SSID quot;Employeequot; heard at -50dBm

  3. a rogue with two clients, broadcasting the SSID quot;Enterprisequot; heard at -50dBm

  4. a rouge with two clients, broadcasting the SSID quot;Enterprisequot; heard at -80dBm

Answer: C

Question No: 5

Refer to the exhibit.

Dumps4Cert 2018 PDF and VCE

A client reports being unable to log into the wireless network, which uses PEAPv2. Which two issues appear in the output? (Choose two.)

  1. There is a problem with the client supplicant.

  2. The AP has the incorrect RADIUS server address.

  3. The AP has lost IP connectivity to the authentication server.

  4. The EAP client timeout value should be increased.

  5. The authentication server is misconfigured on the controller.

  6. The authentication server is misconfigured in the WLAN.

Answer: A,D

Question No: 6

MFP is enabled globally on a WLAN with default settings on a single controller wireless network. Older client devices are disconnected from the network during a deauthentication attack. What is the cause of this issue?

  1. The client devices do not support CCXv5.

  2. The client devices do not support WPA.

  3. The NTP server is not configured on the controller.

  4. The MFP on the WLAN is set to optional.

Answer: A

Question No: 7

Which one best describes the EAP Identity Request frame when a wireless client is connecting to a Cisco WLC v7.0-based AP WLAN?

  1. sourced from the Cisco ACS Server to the client

  2. sourced from the client to the Cisco ACS Server

  3. sourced from the WLC to the client

  4. sourced from the client to the WLC

  5. sourced from the AP to the client

  6. sourced from the client to the AP

Answer: C

Question No: 8

Which statement describes the major difference between PEAP and EAP-FAST client authentication?

  1. EAP-FAST requires a backend AAA server, and PEAP does not.

  2. EAP-FAST is a Cisco-only proprietary protocol, whereas PEAP is an industry-standard protocol.

  3. PEAP requires a server-side certificate, while EAP-FAST does not require certificates.

  4. PEAP authentication protocol requires a client certificate, and EAP-FAST requires a secure password.

Answer: C

Question No: 9

An engineer has narrowed down an authentication issue to the client laptop. What three items should be verified for EAP-TLS authentication? (Choose three.)

  1. The user account is the same in the certificate.

  2. The Subject Key Identifier is configured correctly.

  3. The client certificate is formatted as X.509 version 3.

  4. Validate server certificate is disabled.

  5. The supplicant is configured correctly.

  6. The client certificate has a valid expiration date.

Answer: A,C,E

Question No: 10

Which EAP protocol(s) can be used by a controller-based AP on Ethernet for 802.1X authentication to a switch?




  4. EAP-TLS

  5. 802.1X and EAP are not supported on AP-wired Ethernet

Answer: B

100% Dumps4cert Free Download!
642-737 PDF
100% Dumps4cert Pass Guaranteed!
642-737 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No