2017 January Cisco Official New Released 400-351 Dumps in Lead2pass.com!
100% Free Download! 100% Pass Guaranteed!
Lead2pass is constantly updating 400-351 exam dumps. We will provide our customers with the latest and the most accurate exam questions and answers that cover a comprehensive knowledge point, which will help you easily prepare for 400-351 exam and successfully pass your exam. You just need to spend 20-30 hours on studying the exam dumps.
Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/400-351.html
QUESTION 121
Which statement about ACLs used on a Cisco WLC is true?
A. A WLAN ACL will override an interface access-list.
B. An interface ACL will override a WLAN ACL.
C. A WLAN ACL will get applied first followed by an interface ACL.
D. An interface ACL will get applied first followed by a WLAN ACL.
Answer: A
QUESTION 122
You need to open the appropriate firewall port for RLDP. Which port must you open?
A. UDP 6352
B. UDP 5246
C. TCP 37540
D. TCP 8443
E. TCP 16113
F. UDP 16666
Answer: A
Explanation:
Rogue Location Discovery Protocol (RLDP) is an active approach, which is used when rogue AP has no authentication (Open Authentication) configured. This mode, which is disabled by default, instructs an active AP to move to the rogue channel and connect to the rogue as a client. During this time, the active AP sends de-authentication messages to all connected clients and then shuts down the radio interface. Then, it associates to the rogue AP as a client. The AP then tries to obtain an IP address from the rogue AP and forwards a User Datagram Protocol (UDP) packet (port 6352) that contains the local AP and rogue connection information to the controller through the rogue AP. If the controller receives this packet, the alarm is set to notify the network administrator that a rogue AP was discovered on the wired network with the RLDP feature.
QUESTION 123
What are the three fundamental properties that are provided by the antenna of an AP? (Choose three.)
A. frequency
B. gain
C. dB loss
D. polarization
E. direction
F. modulation
Answer: BDE
Explanation:
An antenna gives the wireless system three fundamental properties: gain, direction and polarization. Gain is a measure of increase in power. Gain is the amount of increase in energy that an antenna adds to a radio frequency (RF) signal. Direction is the shape of the transmission pattern. As the gain of a directional antenna increases, the angle of radiation usually decreases. This provides a greater coverage distance, but with a reduced coverage angle. The coverage area or radiation pattern is measured in degrees. These angles are measured in degrees and are called beamwidths.
QUESTION 124
Refer to the exhibit. A wireless engineer at ACME Company is troubleshooting a wireless client that is unable to associate to a WLAN. What is likely the cause of the problem?
A. The AP CAPWAP tunnel is down, and is unable to handle any new connections.
B. The client is providing a wrong credential for dot1x authentication.
C. The WPA PSKs do not match.
D. The client uses WPA, but the AP is advertising only WPA2 support.
E. A firewall is blocking the ports that are necessary for the AP to join the WLC.
Answer: B
QUESTION 125
Why would you enable the RFC 3578 option when adding a new RADIUS authentication server to a WLC?
A. you want to run both RADIUS and TACACS
B. to support Disconnect and Change of Authorization
C. to encrypt communications between the WLC and the RADIUS server
D. to support RADIUS key wrapping
Answer: B
Explanation:
If you are configuring a new RADIUS authentication server, choose Enabled from the Support for RFC 3576 drop-down list to enable RFC 3576, which is an extension to the RADIUS protocol that allows dynamic changes to a user session, or choose Disabled to disable this feature. The default value is Enabled. RFC 3576 includes support for disconnecting users and changing authorizations applicable to a user session and supports disconnect and change-of-authorization (CoA) messages. Disconnect messages cause a user session to be terminated immediately where CoA messages modify session authorization attributes such as data filters.
QUESTION 126
Which two statements are true with regards to RRM? (Choose two.)
A. RRM neighbor messages are sent at the lowest mandatory speed.
B. RRM neighbor messages are sent on channel 1.
C. RRM neighbor messages are sent at minimum power.
D. RRM neighbor messages are sent over the air.
E. RRM neighbor messages are sent every 120 sec by default.
Answer: AD
Explanation:
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/71113-rrm-new.html
QUESTION 127
Refer to the exhibit. Which two statements about this output are true? (Choose two.)
A. Unclassified traffic belongs to the traffic class default, and packets in this class are treated as FIFO.
B. For traffic to match class1, the traffic that is being evaluated must match one of the specified criteria.
C. For traffic to match class1, the traffic that is being evaluated must match both of the specified criteria.
D. Unclassified traffic will be dropped because no default class is created.
Answer: B
QUESTION 128
Which data rate mode allows the transmission of both unicast and multicast packets on a Cisco AP?
A. disabled mode
B. enabled mode
C. mandatory mode
D. multicast mode
E. supported mode
Answer: B
Explanation:http://www.cisco.com/c/en/us/td/docs/wireless/access_point/12-2_15_JA/configuration/guide/i12215sc/s15rf.html (configuring radio data rates)
QUESTION 129
Which statement about wireless LAN security in a Cisco Unified Wireless Network VoWLAN deployment is false?
A. EAP-FAST, if available, is the recommended EAP type for use in VoWLAN deployments.
B. Although LEAP is considered secure for VoWLAN handsets when correctly deployed, it is recommended that a different EAP method (FAST, PEAP, TLS) is used, if available.
C. Dynamic WEP mitigates the security weaknesses in static WEP, making it a viable option that can be relied upon to secure a VoWLAN deployment.
D. When using EAP authentication, the EAP-Request timeout value should be adjusted based only on the advice of the VoWLAN handset vendor.
E. When using WPA Personal, strong keys should be used to avoid a dictionary attack.
Answer: D
QUESTION 130
Which of the following organizations certifies WLAN product compatibility and interoperability between vendors by providing certification testing?
A. CCX
B. ETSI
C. FCC
D. IEEE
E. Wi-Fi Alliance
Answer: E
QUESTION 131
Refer to the exhibit. Which statement about the Cisco WCS RRM event message is true?
A. Excessive non-802.11 interference caused the channel change.
B. An event-driven RRM caused the channel change.
C. A CleanAir AP detected a persistence interferer and forced an RRM channel reassignment.
D. Two adjacent APs on the same channel caused a signal collision.
Answer: A
QUESTION 132
Which three options are valid AP modes for lightweight APS in the WLC 7.0.116 release? (Choose three.)
A. SE-Connect
B. WPS
C. RAM
D. OEAP
E. Rogue Detector
F. Sniffer
Answer: BCE
QUESTION 133
Which key is derived on the client supplicant and the authentication server as a result of the 802.1x/EAP authentication phase?
A. Group Temporal Key
B. Pairwise Transient Key
C. Master Session Key
D. Pairwise Master Key
Answer: C
QUESTION 134
Drag and Drop Question
Drag and drop the Cisco WLC discovery attempt method on the left to the correct order on the right.
Answer:
QUESTION 135
Drag and Drop Question
Drag and drop the 802.11 technology feature on the left to the related frame type and IE on the right.
Answer:
QUESTION 136
Drag and Drop Question
Drag and drop the route type on the left to their intended usage on the right.
Answer:
QUESTION 137
Drag and Drop Question
Answer:
QUESTION 138
Drag and Drop Question
Answer:
QUESTION 139
Drag and Drop Question
Drag and drop the Cisco MSE context-aware solution problem on the left to the possible reason for the failure on the right.
Answer:
QUESTION 140
Drag and Drop Question
Drag and drop the RF performance metric on the left to the threshold that is recommended to provide good voice over wireless performance on the right.
Answer:
Lead2pass is no doubt your best choice. Using the Cisco 400-351 exam dumps can let you improve the efficiency of your studying so that it can help you save much more time.
400-351 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDWGllc2pTVTM0TDg
2017 Cisco 400-351 exam dumps (All 231 Q&As) from Lead2pass:
http://www.lead2pass.com/400-351.html [100% Exam Pass Guaranteed]