Your success in is our sole target and we develop all our in a way that facilitates the attainment of this target. Not only is our material the best you can find, it is also the most detailed and the most updated. for Cisco 300-375 are written to the highest standards of technical accuracy.
Also have 300-375 free dumps questions for you:
NEW QUESTION 1
A new MSE with wIPS service has been installed and no alarm information appears to be reaching
the MSE from controllers.
What protocol must be allowed to reach the MSE from the controllers?
- A. NMSP
- B. SOAP/XML
- C. SNMP
- D. CAPWAP
NEW QUESTION 2
Refer to the exhibit.
An engineer utilizing ISE as the wireless AAA service noticed that the accounting process on the server at 10.10.2.3 has failed, but authentication process is still functional.
Which ISE nodes receive WLC RADIUS traffic, using the CLI output and assuming the WLAN uses the servers in their indexed order?
- A. authentication to 10.10.2.4, accounting to 10.10.2.3.
- B. authentication to 10.10.2.3, accounting to 10.10.2.3.
- C. authentication to 10.10.2.4, accounting to 10.10.2.4.
- D. authentication to 10.10.2.3, accounting to 10.10.2.4.
NEW QUESTION 3
An engineer is securing the wireless network from vulnerabilities. Which four strategies are recommended for mitigation? (Choose four.)
- A. MFP
- B. identity-based networking
- C. rogue location
- D. EAP-TLS
- E. guest monitoring
- F. RF profiles
- G. rogue detection
- H. password policies
NEW QUESTION 4
Refer to the exhibit.
What is the 220.127.116.11 IP address?
- A. the wireless client IP address
- B. the RADIUS server IP address
- C. the controller management IP address
- D. the lightweight IP address
- E. the controller AP-manager IP address
- F. the controller virtual interface IP address
NEW QUESTION 5
Which condition introduce security risk to a BYOD policy?
- A. enterprise-managed MDM platform used for personal devices
- B. access to LAN without implementing MDM solution
- C. enforcement of BYOD access to internet only network
- D. enterprise life-cycle enforcement of personal device refresh
NEW QUESTION 6
A customer has deployed PEAP authentication with a Novell eDirectory LDAP Server. Which authentication method must be configured on the client to support this deployment?
- A. PEAP(EAP-MSCHAPv2)
- B. PEAP(EAP-TTLS)
- C. PEAP(EAP-GTC)
- D. PEAP(EAP-WPA)
NEW QUESTION 7
Client Management Frame Protection is supported on which Cisco Compatible Extensions version clients?
- A. v2 and later
- B. v3 and later
- C. v4 and later
- D. v5 only
NEW QUESTION 8
Which three properties are used for client profiling of wireless clients? (Choose Three)
- A. MAC OUI
- B. IP Address
- C. HTTP user agent
- D. DHCP
- E. hostname
- F. OS Version
NEW QUESTION 9
Which EAP type requires the use of device certificates?
- A. EAP-TLS
- B. EAP-FAST
- C. EAP-SSL
- D. PEAP
- E. LEAP
NEW QUESTION 10
Which three commands are part of the requirements on Cisco Catalyst 3850 series Switch with Cisco IOX XE to create a RADIUS authentication server group? (Choose three.)
- A. authentication dot1x default local
- B. aaa session-idcommon
- C. dot1x system-auth-control
- D. aaa new-model
- E. local-auth wcm_eap_prof
- F. security dot1x
NEW QUESTION 11
WPA2 Enterprise with 802.1x is being used for clients to authenticate to a wireless network through
an ACS server. For security reasons, the network engineer wants to ensure only PEAP authentication can be used. The engineer sent instructions to clients on how to configure their supplicants, but users are still in the ACS logs authentication using EAP-FAST. Which option describes the most efficient way the engineer can ensure these users cannot access the network unless the correct authentication mechanism is configured?
- A. Enable AAA override on the SSID, gather the usernames of these users, and disable their RADIUS accounts until they make sure they correctly configured their devices.
- B. Enable AAA override on the SSID and configure an access policy in ACS that denies access to the list of MACs that have used EAP-FAST.
- C. Enable AAA override on the SSID and configure an access policy in ACS that allows access only when the EAP authentication method is PEAP.
- D. Enable AAA override on the SSID and configure an access policy in ACS that puts clients that authenticated using EAP-FAST into a quarantine VLAN.
NEW QUESTION 12
During the EAP process and specifically related to the logon session, which encrypted key is sent from the RADIUS server to the access point?
- A. WPA key
- B. encryption key
- C. session key
- D. shared secret key
NEW QUESTION 13
When a wireless client uses WPA2 AES, which keys are created at the end of the four way handshake process between the client and the access point?
- A. AES key, TKIP key, WEP key
- B. AES key, WPA2 key, PMK
- C. KCK, KEK, TK
- D. KCK, KEK, MIC key
NEW QUESTION 14
A customer wants the access points in the CEO’s office to have different usernames and passwords for administrative support than the other access points deployed throughout the facility. Which feature can be enabled on the WLC and access points to achieve this criteria?
- A. Override global credentials
- B. HTTPS access
- C. 802.1x supplicant credentials
- D. local management users
You can configure administrator usernames and passwords to prevent unauthorized users from reconfiguring the switch and viewing configuration information. This section provides instructions for initial configuration and for password recovery.
You can also set administrator usernames and passwords to manage and configure one or more access points that are associated with the switch. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/16-1/configuration_guide/b_161_consolidated_3650_cg/b_161_consolidated_3650_cg_chapter_01010 111.pdf
NEW QUESTION 15
Which option describes the purpose of configuring switch peer groups?
- A. enforces RF profiles
- B. enables location services
- C. restricts roaming traffic to certain switches
- D. allows template based configuration changes
NEW QUESTION 16
An engineer is adding APs to an existing VoWLAN to allow for location based services. Which option
will the primary change be to the network?
- A. increased transmit power on all APs
- B. moving to a bridging model
- C. AP footprint
- D. cell overlap would decrease
- E. triangulation of devices
NEW QUESTION 17
An engineer is configuring central web authentication using a Cisco 5508 wireless controller and the Cisco identity Service Engine. Which two attributes must be configured on Cisco ISE to add the controller as a network device? (Choose two.)
- A. authentication protocol
- B. RADIUS shared secret
- C. out-of-band SGA PAC
- D. controller IP address
- E. controller software version
NEW QUESTION 18
An engineer is considering an MDM integration with Cisco ISE to assist with security for lost devices. Which two functions of MDM increase security for lost devices that access data from the network? (Choose two.)
- A. PIN enforcement
- B. Jailbreak/root detection
- C. data wipe
- D. data encryption
- E. data loss prevention
NEW QUESTION 19
Which two considerations must a network engineer have when planning for voice over wireless roaming? (Choose two.)
- A. Roaming with only 802.1x authentication requires full reauthentication.
- B. Full reauthentication introduces gaps in a voice conversation.
- C. Roaming occurs when e phone has seen at least four APs.
- D. Roaming occurs when the phone has reached -80 dBs or belo
100% Valid and Newest Version 300-375 Questions & Answers shared by Certleader, Get Full Dumps HERE: https://www.certleader.com/300-375-dumps.html (New 124 Q&As)