An engineer configures the wireless LAN controller to perform 802.1x user authentication. Which option must be enabled to ensure that client devices can connect
to the wireless, even when WLC cannot communicate with the RADIUS?
A.
local EAP
B.
authentication caching
C.
рrе-authentication
D.
Cisco Centralized Key Management
Explanation:
Local EAP is an authentication method that allows users and wireless clients to be authenticated locally on the controller. It is designed for use in
remote offices that want to maintain connectivity to wireless clients when the backend system becomes disrupted or the external authentication server goes down.
When you enable local EAP, the controller serves as the authentication server and the local user database, so it removes dependence on an external authentication
server.
http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/100590-ldap-eapfast-config.html
After purchasing the dumps for the 300-375 Exam, I had no doubt that I’d easily pass the exam. Bundle of thanks to it for helping me pass the exam without any troubles:
QUESTION 61
Which attribute on the Cisco WLC v7.0 does RADIUS IETF attribute “Tunnel-Private-Group ID” assign?
A. ACL
B. DSCP
C. QoS
D. VLAN
Answer: D
QUESTION 62
Which three WLAN polices can be controlled by using the Cisco IBNS on the Cisco WLC and Cisco Secure ACS? (Choose three.)
A. QoS setting
B. VLAN
C. EAP type
D. ACL
E. authentication priority order
F. NAC state
Answer: ABD
QUESTION 63
An engineer is securing the wireless network from vulnerabilities. Which four strategies are recommended for mitigation? (Choose four.)
A. MFP
B. identity-based networking
C. rogue location
D. EAP-TLS
E. guest monitoring
F. RF profiles
G. rogue detection
H. password policies
Answer: ACEG
QUESTION 64
Refer to the exhibit. A client reports being unable to log into the wireless network, which uses PEAPv2. Which two issues appear in the output? (Choose two.)
A. There is a problem with the client supplicant.
B. The AP has the incorrect RADIUS server address.
C. The AP has lost IP connectivity to the authentication server.
D. The EAP client timeout value should be increased.
E. The authentication server is misconfigured on the controller.
F. The authentication server is misconfigured in the WLAN.
Answer: AD
QUESTION 65
When using the Standalone Profile Editor in the Cisco AnyConnect v3.0 to create a new NAM profile, which two statements describe the profile becoming active? (Choose two.)
A. selects the new profile from NAM
B. selects “Network Repair” from NAM
C. becomes active after a save of the profile name
D. ensures use of “configuration.xml” as the profile name
E. ensures use of “config.xml” as the profile name
F. ensures use of “nam.xml” as the profile name
Answer: BD
QUESTION 66
Which feature should an engineer select to implement the use of VLAN tagging, QoS, and ACLs to clients based on RADIUS attributes?
A. per-WLAN RADIUS source support
B. client profiling
C. AAA override
D. captive bypassing
E. identity-based networking
Answer: C
QUESTION 67
……
I have uploaded all the real questions of 300-375 exam to my Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDaUxFbEpISnFINk0
Welcome to download them freely!