March Special Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

300-430 Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI) Questions and Answers

Questions 4

Refer to the exhibit.

300-430 Question 4

An engineer is troubleshooting a client connectivity issue. The client is in the RUN state, and no traffic is passed after authenticating by using Cisco ISE. Which action resolves the problem?

Options:

A.

Configure a different client VLAN after authentication.

B.

Disable the ACL that prevents traffic from being allowed.

C.

Apply a lower WMM QoS.

D.

Enable rate-limiting to the client.

Buy Now
Questions 5

A Cisco CMX 3375 appliance on the 10.6.1 version code counts duplicate client entries, which creates wrong location analytics. The issue is primarily from iOS clients with the private MAC address feature enabled. Enabling this feature requires an upgrade of the Cisco CMX 3375 appliance in a high availability pair to version 10.6.3. SCP transfers the Cisco CMX image, but the upgrade script run fails. Which configuration change resolves this issue?

Options:

A.

Upgrade the high availability pair to version 10.6.2 image first and then upgrade to version 10.6.3.

B.

Save configuration and use the upgrade script to upgrade the high availability pair without breaking the high availability.

C.

Break the high availability using the cmxha config disable command and upgrade the primary and secondary individuality.

D.

Run root patch to first upgrade to version 10.6.2 and then migrate to version 10.6.3.

Buy Now
Questions 6

A multitenant building contains known wireless networks in most of the suites. Rogues must be classified in the WLC. How are the competing wireless APs classified?

Options:

A.

adhoc

B.

friendly

C.

malicious

D.

unclassified

Buy Now
Questions 7

The security policy mandates that only controller web management traffic is allowed from the IT subnet. In testing, an engineer is trying to connect to a WLAN with Web Authentication for guest users, but the page is timing out on the wireless client browser. What is the cause of the issue?

Options:

A.

The implemented CPU ACL on the controller is blocking HTTP/HTTPS traffic from the guest clients.

B.

Web Authentication Redirect is not supported with CPU ACLs.

C.

The DNS server that is configured on the controller is incorrect.

D.

Web Authentication Redirect is supported only with Internet Explorer, and the client is using Google Chrome.

Buy Now
Questions 8

All APs are receiving multicast traffic, instead of only the APs that need it. What is the cause of this problem?

Options:

A.

The multicast group includes all APs

B.

The wrong multicast address was used

C.

The multicast group is assigned the wrong VLAN

D.

Multicast IGMP snooping is not enabled

Buy Now
Questions 9

An IT department receives a report of a stolen laptop and has information on the MAC address of the laptop. Which two settings must be set on the wireless infrastructure to determine its location? (Choose two.)

Options:

A.

Location History for Clients must be enabled on the MSE.

B.

Client location tracking must be enabled on the MSE.

C.

Location History for Visitors must be enabled on the MSE.

D.

Location History for Rogue APs & Rogue Clients must be enabled on the MSE.

E.

Tracking optimization must be enabled on the WLC.

Buy Now
Questions 10

An engineer is following the proper upgrade path to upgrade a Cisco AireOS WLC from version 7.3 to 8.9. Which two ACLs for Cisco CWA must be configured when upgrading from the specified codes? (Choose two.)

Options:

A.

Permit 0.0.0.0 0.0.0.0 any DNS any

B.

Permit 0.0.0.0 0.0.0.0 UDP DNS any

C.

Permit 0.0.0.0 0.0.0.0 UDP any DNS

D.

Permit any any any

E.

Permit 0.0.0.0 0.0.0.0 UDP any any

Buy Now
Questions 11

Where is a Cisco OEAP enabled on a Cisco Catalyst 9800 Series Wireless Controller?

Options:

A.

RF Profile

B.

Flex Profile

C.

Policy Profile

D.

AP Join Profile

Buy Now
Questions 12

A network engineer needs to configure multicast in the network. The implementation will use multiple multicast groups and PIM routers. Which address provides automatic discovery of the best RP for each multicast group?

Options:

A.

224.0.0.13

B.

224.0.0.14

C.

224.0.1.39

D.

224.0.1.40

Buy Now
Questions 13

Refer to the exhibit.

300-430 Question 13

An administrator notices slower location updates from the controller to Cisco CMX. Which command must be configured to get an update every 5 seconds for rogues?

Options:

A.

config location notification interval rssi rogues 5

B.

config nmsp notification interval rssi rogues 5

C.

config subscription notification interval rssi rogues 5

D.

config cmx notification interval rssi rogues 5

Buy Now
Questions 14

A network engineer is implementing a wireless network and is considering deploying a single SSID for device onboarding.

Which option is a benefit of using dual SSIDs with a captive portal on the onboard SSID compared to a single SSID solution?

Options:

A.

limit of a single device per user

B.

restrict allowed devices types

C.

allow multiple devices per user

D.

minimize client configuration errors

Buy Now
Questions 15

During the EAP process and specifically related to the client authentication session, which encrypted key is sent from the RADIUS server to the access point?

Options:

A.

WPA key

B.

session key

C.

encryption key

D.

shared-secret key

Buy Now
Questions 16

A network engineer is deploying 8865 IP phones with wireless clients connected to them. In order to apply the appropriate QoS, the IP voice traffic needs to be distinguished from client data traffic. Which switch configuration feature must be enabled?

Options:

A.

Voice VLAN

B.

QBSS

C.

WME

D.

QoS routing

Buy Now
Questions 17

Refer to the exhibit.

300-430 Question 17

An engineer must provide a position of rogue APs on a floor map using Cisco PI 3.0, but no rogue AP options are showing on the left-hand navigation menu under Maps. What is the reason for this omission?

Options:

A.

An assurance license is not installed.

B.

The controller operational status background task is disabled.

C.

The Show Detected Interferers feature under the AP option is disabled.

D.

Cisco MSE has not been added to Cisco PI.

Buy Now
Questions 18

An engineer must create an account to log in to the CLI of an access point for troubleshooting. Which configuration on the WLC will accomplish this?

Options:

A.

Allow New Telnet Sessions

B.

ReadWrite User Access Mode

C.

SNMP V3 User

D.

Global Configuration Enable Password

Buy Now
Questions 19

A customer is concerned that their wireless network is detecting spurious threats from channels that are not being used by their wireless infrastructure. Which two technologies must they deploy? (Choose two.)

Options:

A.

FlexConnect mode

B.

monitor mode

C.

sniffer mode with no submode

D.

local mode with WIPS submode

E.

rogue detector mode

Buy Now
Questions 20

Refer to the exhibit. Which two items must be supported on the VoWLAN phones to take full advantage of this WLAN configuration? (Choose two.)

Options:

A.

TSPEC

B.

SIFS

C.

802.11e

D.

WMM

E.

APSD

Buy Now
Questions 21

A customer is experiencing performance issues with its wireless network and asks a wireless engineer to provide information about all sources of interference and their impacts to the wireless network over the past few days. Where can the requested information be accessed?

Options:

A.

CleanAir reports on Cisco Prime Infrastructure

B.

Performance reports on Cisco Prime Infrastructure

C.

Interference Devices reports on Cisco Wireless LAN Controller

D.

Air Quality reports on Cisco Wireless LAN Controller

Buy Now
Questions 22

What is the default IEEE 802.1x AP authentication configuration on a Cisco Catalyst 9800 Series Wireless Controller?

Options:

A.

EAP-PEAP with 802.1x port authentication

B.

EAP-TLS with 802.1x port authentication

C.

EAP-FAST with CAPWAP DTLS + port authentication

D.

EAP-FAST with CAPWAP DTLS

Buy Now
Questions 23

An engineer must implement Cisco Identity-Based Networking Services at a remote site using ISE to dynamically assign groups of users to specific IP subnets. If the subnet assigned to a client is available at the remote site, then traffic must be offloaded locally, and subnets are unavailable at the remote site must be tunneled back to the WLC. Which feature meets these requirements?

Options:

A.

learn client IP address

B.

FlexConnect local authentication

C.

VLAN-based central switching

D.

central DHCP processing

Buy Now
Questions 24

The CTO of an organization wants to ensure that all Android devices are placed into a separate VLAN on their wireless network. However, the CTO does not want to deploy ISE. Which feature must be implemented on the Cisco WLC?

Options:

A.

WLAN local policy

B.

RADIUS server overwrite interface

C.

AAA override

D.

custom AVC profile

Buy Now
Questions 25

After receiving an alert about a rogue AP, a network engineer logs into Cisco Prime Infrastructure and looks at the floor map where the AP that detected the rogue is located. The map is synchronized with a mobility services engine that determines that the rogue device is actually inside the campus. The engineer determines that the rogue is a security threat and decides to stop if from broadcasting inside the enterprise wireless network. What is the fastest way to disable the rogue?

Options:

A.

Go to the location where the rogue device is indicated to be and disable the power.

B.

Create an SSID similar to the rogue to disable clients from connecting to it.

C.

Update the status of the rogue in Cisco Prime Infrastructure to contained.

D.

Classify the rogue as malicious in Cisco Prime Infrastructure.

Buy Now
Questions 26

A wireless engineer has performed a Wireshark ccapture on an 802.1x authentication process to troubleshoot a connectivity issue.

Which two types of packet does the EAP contain? (Choose two.)

Options:

A.

EAP complete

B.

EAP response

C.

EAP failure

D.

EAP request

E.

EAP reply

Buy Now
Questions 27

An enterprise has recently deployed a voice and video solution available to all employees using AireOS controllers. The employees must use this service over their laptops, but users report poor service when connected to the wireless network. The programs that consume bandwidth must be identified and restricted. Which configuration on the WLAN aids in recognizing the traffic?

Options:

A.

NetFlow Monitor

B.

AVC Profile

C.

QoS Profile

D.

Application Visibility

Buy Now
Questions 28

An engineer must control administrative access to the WLC using their Active Directory without being concerned about RBAC after the admin user is authenticated. Which two features does the engineer configure to accomplish this task? (Choose two.)

Options:

A.

Device Admin Policy Set

B.

User Access Mode: ReadWrite

C.

ACL

D.

RADIUS server

E.

TACACS server

Buy Now
Questions 29

A wireless engineer needs to implement client tracking. Which method does the angle of arrival use to determine the location of a wireless device?

Options:

A.

received signal strength

B.

triangulation

C.

time distance of arrival

D.

angle of incidence

Buy Now
Questions 30

CMX Facebook Wi-Fi allows access to the network before authentication. Which two elements are available? (Choose two.)

Options:

A.

Allow HTTP traffic only before authentication and block all the traffic.

B.

Allow all the traffic before authentication and intercept HTTPS only.

C.

Allow HTTPs traffic only before authentication and block all other traffic.

D.

Allow all the traffic before authentication and intercept HTTP only.

E.

Allow SNMP traffic only before authentication and block all the traffic.

Buy Now
Questions 31

An engineer just added a new MSE to Cisco Prime Infrastructure and wants to synchronize the MSE with the Cisco 5520 WLC, located behind a firewall in a DMZ. It is noticed that NMSP messages are failing between the two devices. Which traffic must be allowed on the firewall to ensure that the MSE and WLC are able to communicate using NMSP?

Options:

A.

TCP 1613

B.

UDP 16113

C.

UDP 1613

D.

TCP 16113

Buy Now
Questions 32

A company is collecting the requirements for an on-premises event. During the event, a wireless client connected to a dedicated WLAN will run a video application that will need on average 391595179 bits per second to function properly. What is the QoS marking that needs to be applied to that WLAN?

Options:

A.

Platinum

B.

Gold

C.

Silver

D.

Bronze

Buy Now
Exam Code: 300-430
Exam Name: Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI)
Last Update: Mar 29, 2024
Questions: 216

PDF + Testing Engine

$70  $174.99

Testing Engine

$54  $134.99
buy now 300-430 testing engine

PDF (Q&A)

$48  $119.99
buy now 300-430 pdf