An engineer is configuring client MFP. What WLAN Layer 2 security must be selected to use client MFP?
A.
Static WEP
B.
CKIP
C.
WPA + WPA2
D.
802.1x
Explanation:
In 802.11, management frames such as (de)authentication, (dis)association, beacons, and probes are always unauthenticated and unencrypted. In
other words, 802.11 management frames are always sent in an unsecured manner, unlike the data traffic, which are encrypted with protocols such as WPA, WPA2,
or, at least, WEP, and so forth.
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/82196-mfp.html#climfp
(21/July/2017 Updated) New 300-375 Exam Questions:
NEW QUESTION 61
Which attribute on the Cisco WLC v7.0 does RADIUS IETF attribute “Tunnel-Private-Group ID” assign?
A. ACL
B. DSCP
C. QoS
D. VLAN
Answer: D
NEW QUESTION 62
Which three WLAN polices can be controlled by using the Cisco IBNS on the Cisco WLC and Cisco Secure ACS? (Choose three.)
A. QoS setting
B. VLAN
C. EAP type
D. ACL
E. authentication priority order
F. NAC state
Answer: ABD
NEW QUESTION 63
An engineer is securing the wireless network from vulnerabilities. Which four strategies are recommended for mitigation? (Choose four.)
A. MFP
B. identity-based networking
C. rogue location
D. EAP-TLS
E. guest monitoring
F. RF profiles
G. rogue detection
H. password policies
Answer: ACEG
NEW QUESTION 64
Refer to the exhibit. A client reports being unable to log into the wireless network, which uses PEAPv2. Which two issues appear in the output? (Choose two.)
……
A. There is a problem with the client supplicant.
B. The AP has the incorrect RADIUS server address.
C. The AP has lost IP connectivity to the authentication server.
D. The EAP client timeout value should be increased.
E. The authentication server is misconfigured on the controller.
F. The authentication server is misconfigured in the WLAN.
Answer: AD
NEW QUESTION 65
When using the Standalone Profile Editor in the Cisco AnyConnect v3.0 to create a new NAM profile, which two statements describe the profile becoming active? (Choose two.)
A. Selects the new profile from NAM
B. Selects “Network Repair” from NAM
C. Becomes active after a save of the profile name
D. Ensures use of “configuration.xml” as the profile name
E. Ensures use of “config.xml” as the profile name
F. Ensures use of “nam.xml” as the profile name
Answer: BD
NEW QUESTION 66
Which feature should an engineer select to implement the use of VLAN tagging, QoS, and ACLs to clients based on RADIUS attributes?
A. per-WLAN RADIUS source support
B. client profiling
C. AAA override
D. captive bypassing
E. identity-based networking
Answer: C
NEW QUESTION 67
How should the Cisco Secure ACS v4.2 and the Cisco WLC v7.0 be configured to support wireless client authentication?
A. The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (Cisco Airespace)
B. The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (IETF)
C. The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco Airespace)
D. The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco IOS)
Answer: A
NEW QUESTION 68
Clients are failing EAP authentication. A debug shows that an EAPOL start is sent and the clients are then de-authenticated. Which two issues can cause this problem? (Choose two.)
A. The WLC certificate has changed.
B. The WLAN is not configured for the correct EAP supplicant type.
C. The shared secret of the WLC and RADIUS server do not match.
D. The WLC has not been added to the RADIUS server as a client.
E. The clients are configured for machine authentication, but the RADIUS server is configured for user authentication.
Answer: CD
NEW QUESTION 69
……
P.S. Get The Newest 300-375 Dumps In PDF And VCE From — https://www.passleader.com/300-375.html (77q VCE and PDF)
Good Luck!
What’s more, part of that new 77Q 300-375 dumps are available here:
https://drive.google.com/open?id=0B-ob6L_QjGLpQ2hZQ0c4c2d1QjA
Best Regards!