PASS4TEST \ http://www.pass4test.com We offer free update service for one year
Exam : 642-737 Title : Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0 Vendor : Cisco Version : DEMO Get Latest & Valid 642-737 Exam's Question and Answers 1 from Pass4test.com. 1
NO.1 What two actions must be taken by an engineer configuring wireless Identity-Based Networking for a WLAN to enable VLAN tagging? (Choose two.) A. enable AAA override on the WLAN B. create and apply the appropriate ACL to the WLAN C. update the RADIUS server attributes for tunnel type 64, medium type 65, and tunnel private group type 81 D. configure RADIUS server with WLAN subnet and VLAN ID E. enable VLAN Select on the wireless LAN controller and the WLAN Answer: A,C NO.2 Which statement describes the major difference between PEAP and EAP-FAST client authentication? A. EAP-FAST requires a backend AAA server, and PEAP does not. B. EAP-FAST is a Cisco-only proprietary protocol, whereas PEAP is an industry-standard protocol. C. PEAP requires a server-side certificate, while EAP-FAST does not require certificates. D. PEAP authentication protocol requires a client certificate, and EAP-FAST requires a secure password. Answer: C NO.3 Client adapters on the wireless network are locking up and a packet capture shows many management frames with no SSID element. What signature should the engineer enable for the WLC to report this issue in the future? A. Deauth flood B. Null probe resp 2 C. EAPOL flood D. Wellenreiter NO.4 How should the Cisco Secure ACS v4.2 and the Cisco WLC v7.0 be configured to support wireless client authentication? A. The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (Cisco Airespace) B. The WLC configured for RADIUS and the Cisco Secure ACS configured for RADIUS (IETF) C. The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco Airespace) D. The WLC configured for TACACS+ and the Cisco Secure ACS configured for TACACS+ (Cisco IOS) Answer: A NO.5 In what three modes of operation do Lightweight Access Points participate in Infrastructure Management Frame Protection? (Choose three.) A. local B. monitor C. FlexConnect D. Bridge Get Latest & Valid 642-737 Exam's Question and Answers 2 from Pass4test.com. 2
E. SE-Connect F. Sniffer Answer: A,C,D NO.6 Which statement about the Cisco NAC Guest Server that is deployed in wireless guest access implementations is true? A. The Cisco NAC Guest Server integrates with the Cisco WCS through the RADIUS protocol. B. The Cisco NAC Guest Server can be used in place of Cisco WCS Lobby Ambassador functionality for guest provisioning and reporting. The Cisco WCS is still needed for WLAN management. C. The Cisco WLC acts as the guest accounts provisioning portal, and the Cisco NAC Guest Server acts as the captive portal capturing web requests from preassigned "guest ports" and requesting authentication. D. Guest accounts on the Cisco NAC Guest Server can be created using the Cisco WCS Lobby Ambassador feature. NO.7 An engineer must change the wireless authentication from WPA2-Personal to WPA2Enterprise. Which three requirements are necessary? (Choose three.) A. 802.1X B. EAP C. fast secure roaming D. 802.11i E. RADIUS F. 802.11u G. pre-shared key Answer: A,B,E NO.8 Client Management Frame Protection is supported on which Cisco Compatible Extensions version clients? A. v2 and later B. v3 and later C. v4 and later D. v5 only Answer: D NO.9 When deploying wireless Cisco NAC OOB operations, which appliance performs VLAN mappings to map the quarantine VLANs to the access VLANs? A. Cisco NAC Appliance Manager B. Cisco NAC Appliance Server C. Cisco NAC Guest Server D. Cisco Wireless LAN Controller E. the Layer 3 switch that connects the Cisco WLC to the Cisco NAC appliances Get Latest & Valid 642-737 Exam's Question and Answers 3 from Pass4test.com. 3
NO.10 What does the Cisco WLC v7.0 use to encrypt broadcast and multicast frames that are sent to a wireless client? A. PMK B. GTK C. PTK D. OKC E. PSK NO.11 When using the Standalone Profile Editor in the Cisco AnyConnect v3.0 to create a new NAM profile, which two statements describe the profile becoming active? (Choose two.) A. selects the new profile from NAM B. selects "Network Repair" from NAM C. becomes active after a save of the profile name D. ensures use of "configuration.xml" as the profile name E. ensures use of "config.xml" as the profile name F. ensures use of "nam.xml" as the profile name,d NO.12 Which EAP protocol(s) can be used by a controller-based AP on Ethernet for 802.1X authentication to a switch? A. EAP-LEAP B. EAP-FAST C. EAP-PEAP D. EAP-TLS E. 802.1X and EAP are not supported on AP-wired Ethernet NO.13 An engineer wants to configure guest access to redirect to a webpage and log in with provided credentials. Which configuration option on the WLAN is selected? A. authentication B. passthrough C. conditional web redirect D. splash page web redirect E. preauthentication ACL Answer: A NO.14 When configuring guest WLAN access, which two statements are true? (Choose two.) A. The SSID that is defined for the guest WLAN on the foreign controllers must be the same as that defined on the anchor controller. B. The foreign controllers must be defined with an ingress interface and an egress interface in the guest WLAN. Get Latest & Valid 642-737 Exam's Question and Answers 4 from Pass4test.com. 4
C. The foreign and anchor controllers must be configured in a mobility group for the foreign controllers to be able to initiate EoIP tunnels to one or more anchor controllers. D. The mobility domain name of the anchor controller should be the same as what is configured for the foreign controllers. Answer: A,C NO.15 When implementing certificates through the use of a CA, how is the certificate of client A validated by client B when received? A. verifying the client A certificate using the client A private key B. verifying the client A certificate using the client A public key C. verifying the client A certificate using the client B private key D. verifying the client A certificate using the client B public key E. verifying the client A certificate using the CA private key F. verifying the client A certificate using the CA public key Answer: F Get Latest & Valid 642-737 Exam's Question and Answers 5 from Pass4test.com. 5