CCIE Wireless (v3.1)
Question No: 71 – (Topic 1)
Refer to the exhibit.
Which option describes what this sequence of commands achievers on a Cisco Autonomus AP?
This example shows how to permit SNMP access to all objects with read-only permission to only those three specific IP addresses using the community string public. The access point also sends config traps to the hosts 22.214.171.124 and 126.96.36.199 using SNMPv1 and to the host 188.8.131.52 using SNMPv2C. The community string public is not sent with the traps because is the default community value.
This example shows how to permit SNMP access to all objects with read-only permission to only those three specific IP addresses using the community string public. The access point also sends config traps to the hosts 184.108.40.206 and 220.127.116.11 using SNMPv1 and to the host 18.104.22.168 using SNMPv2C. The community string public is not sent with the traps.
This example shows how to permit any SNMP manager to access all objects with read- only permission using the community string public. The access point also sends config traps to the hosts 22.214.171.124 and 126.96.36.199 using SNMPv1 and to the host 188.8.131.52 using SNMPv2C. The community string public is not sent with the traps as this is the default community value.
This example shows how to permit any SNMP manager to access to all objects with read-only permission using the community string public. The access point also sends
config traps to the hosts 184.108.40.206 and 220.127.116.11 using SNMPv1 and to the host 18.104.22.168 using SNMPv2C. The community string public is sent with the traps.
Answer: D Explanation:
Confirmed: test in my demo switch, public default is ro
Question No: 72 – (Topic 1)
You have configured VideoStream on a Cisco WLC and users are now viewing the company video broadcast over the wireless network. How can you verify you have VideoStream configured and working in the Cisco WLC GUI?
The Multicast Status shows quot;Normal Multicastquot; in the Multicast Group Details.
The Multicast Status shows quot;MediaStream Ongoingquot; in the Client detail page.
The Multicast Status shows quot;Multicast-direct Allowedquot; in the Multicast Group Details.
The Multicast Status shows quot;MediaStream Allowedquot; in the Multicast Group Details.
Question No: 73 – (Topic 1)
Which two configurations are required on the Cisco 5760 WLC to ensure that APs will successfully join the Cisco WLC? (Choose two)
Ensure accurate configuration of the correct time and date on the wireless LAN controller.
Enable ip dhcp snooping trust on the wireless controller port-channel interface.
Ensure that Port-Fast is enabled on each access point switch port.
Activate the appropriate Right-to-Use AP license on the wireless LAN controller.
Question No: 74 – (Topic 1)
Refer to the exhibit. Which three statements about this extract of the configuration of an autonomous AP are true? (Choose three)
This configuration is of a non-root bridge access point.
The RADIUS server IP address I misconfigured. It points to the AP itself. Which creates a loop for the RADIUS packets.
This configuration allows bridging of VLANs 3 and 4.
The SSID is not visible for clients proting the wireless medium.
The administrator cannot access the AP via the web GUI using a secure connection.
The native VLAN must be VLAN 1 to match the native VLAN configured on the switch to which the AP is connecting.
Answer: C,D,E Explanation:
Root bridge basic Config of Autonomous AP AP SSID boardcast -(=mbssid guest- mode)
Question No: 75 – (Topic 1)
Which option is a feature of a Cisco Autonormous AP that prevents over-the-air direct P2P communication, which forces all traffic to hit the first-hop router where security policy is enforced?
Wi-Fi Direct Client Policy
P2P Secure Packet Public
Secure Packet Forwarding
P2P Blocking Action
Answer: C Explanation:
http://docwiki.cisco.com/wiki/Wireless_Technologies Cisco Aironet Access Points
Public Secure Packet Forwarding
Public Secure Packet Forwarding (PSPF) prevents client devices associated to an access point from inadvertently sharing files or communicating with other client devices associated
to the access point. It provides Internet access to client devices without providing other capabilities of a LAN.
No exchange of unicast, broadcast, or multicast traffic occurs between protected ports. Choose Enable so that the protected port can be used for secure mode configuration. PSPF must be set per VLAN.
Note: To prevent communication between clients associated to different access points on your wireless LAN, you must set up protected ports on the switch to which your access points are connected.
Wi-Fi Direct Client Policy | Security and Network Management J Cisco Support Community https://supportforums.cisco.com/discussion/11851216/wi-fi-direct-client-policy
Information About the Wi-Fi Direct Client Policy
Devices that are Wi-Fi Direct capable can connect directly to each other quickly and conveniently to do tasks such as printing, synchronization, and sharing of data. Wi-Fi Direct devices may associate with multiple peer-to-peer (P2P) devices and with infrastructure wireless LANs (WLANs) concurrently. You can use the controller to configure the Wi-Fi Direct Client Policy, on a per WLAN basis, where you can allow or disallow association of Wi-Fi devices with infrastructure WLANs, or disable Wi-Fi Direct Client Policy altogether
Question No: 76 – (Topic 1)
Two wireless IP phones are never able to call each other when connected to the same autonomous AP. However, they can place calls to other wireless IP phones that are connected to other APs or to wired IP phones. The wireless phones are operating on VLAN
100. Based on this output, which statement about the problem is true?
P2P blocking is enabled via the bridge-group 100 block-unknow-source command.
P2P blocking is enabled via the no bridge-group 100 unicast-flooding. command.
P2P blocking is enabled via the bridge-group 100 port-protected. command.
P2P blocking is enabled via the no bridge-group 100 source-learning command.
P2P blocking is enabled via the bridge-group 100 subscriber-loop-control command.
Answer: C Explanation:
Question No: 77 – (Topic 1)
Which two options are new features that are supported by IGMPv3compared to IGMPv2.(Choose two)
It extends IGMP. which allows for an explicit maximum response time field.
It adds support for source filtering.
Router can now send a group-specific query.
It adds support for IGMP Leave Message.
It supports the link local address 22.214.171.124. which is the destination IP address for membership reports.
Answer: B,E Explanation:
Do not understanding difference between IGMPv2 and v3 | LAN, Switching and Routing | Cisco Support Community
Internet Group Management Protocol (IGMP) is a protocol used by IPv4 systems to report IP multicast memberships to neighboring multicast routers.
This feature module introduces support for Version 3 of IGMP. In previous versions of Cisco IOS software only Version 1 and Version 2 were supported. IGMP Version 3 (IGMPv3) adds support for quot;source filtering,quot; which enables a multicast receiver host to signal to a router which groups it wants to receive multicast traffic from, and from which source(s) this traffic is expected. This membership information enables Cisco IOS software to forward traffic only from those sources from which receivers requested the traffic.
IGMPv3 supports applications that explicitly signal sources from which they want to receive traffic. With IGMPv3, receivers signal membership to a multicast host group in the following two modes:
INCLUDE mode-In this mode, the receiver announces membership to a host group and provides a list of IP addresses (the INCLUDE list) from which it wants to receive traffic.
EXCLUDE mode-In this mode, the receiver announces membership to a host group and provides a list of IP addresses (the EXCLUDE list) from which it does not want to receive traffic. This indicates that the host wants to receive traffic only from other sources whose IP addresses are not listed in the EXCLUDE list. To receive traffic from all sources, like in the case of the Internet Standard Multicast (ISM) service model, a host expresses EXCLUDE mode membership with an empty EXCLUDE list.
IGMPv3 is the industry-designated standard protocol for hosts to signal channel subscriptions in Source Specific Multicast (SSM). SSM was introduced in Cisco IOS Release 12.1(3)1, however SSM support for IGMPv3 was introduced in 12.1(5)T. For SSM to rely on IGMPv3; IGMPv3 must be available in last hop routers and host operating system network stacks, and be used by the applications running on those hosts.
In SSM deployment cases where IGMPv3 cannot be used because it is not supported by the receiver host or the receiver applications, there are two Cisco-developed transition
solutions that enable the immediate deployment of SSM services: URL Rendezvous Directory (URD) and IGMP Version 3 lite (IGMP v3lite). Both of these features are documented in the Cisco IOS Release 12.0(15)S Source Specific Multicast with IGMPv3, IGMP vSlite, and URD feature module.
Provides the basic query-response mechanism that allows the multicast
router to determine which multicast groups are active and other processes that enable hosts to join and leave a multicast group. RFC 1112 defines the IGMPvl host extensions for IP multicasting.
Extends IGMP. allowing such capabilities as the IGMP leave process, group-specific queries, and an explicit maximum response time field. IGMPv2 also adds the capability for routers to elect the IGMP querier without dependence on the multicast protocol to perform this task. RFC 2236 defines IGMPv2.
Provides for source filtering. which enables a multicast receiver host to
signal to a router which groups it wants to receive multicast traffic from, and from which sources this traffic is expected. In addition, IGMPv3 supports the link local address 126.96.36.199. which is the destination IP address for IGMPv3 membership reports; all IGMPv3-capable multicast routers must listen to this address. RFC 3376 defines IGMPv3.
Question No: 78 – (Topic 1)
Which statement about the high availability feature on Cisco Prime Infrastructure version
2.2 is correct?
With Manual Failover configured. e-mail notification is sent when the primary server goes down.
Server high availability role, that is , primary or secondary can be configured post installation form Cisco Prime Infrastructure GUI interface.
Port number 8088 is used to connect to the web interface of the secondary Cisco Prime Infrastructure Server.
Cisco Prime Infrastructure supports multiple high availability configurations, that is, one primary and two or more secondary systems.
Answer: A Explanation:
Question No: 79 – (Topic 1)
Refer to the exhibit.
Which statement about the rogue access point screenshot is true?
AP-2 sends de-authentication packets on air using BSSID 74:a2:e6:71:51:c3 as part of containment process.
This rogue AP is working on channel 1 and is manually contained using all detecting access points.
SSID on this rogue AP is WMM enabled and this rogue AP is contained by single closest detecting access point at a given time.
This rogue AP is contained by AP-1 and AP-2 in round-robin fashion during off-channel scan period.
Answer: C Explanation:
Question No: 80 – (Topic 1)
Heartbeats are used to maintain the high-availability status of an application. Which factor is most important?
Answer: D Explanation:
http://www.cisco.com/c/en/us/td/docs/wireless/controller/7- 4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_ chapter_01111101.html https://books.google.com.hk/books?id=YLHvHGGx5AECamp;pg=PT66amp;lpg=PT66amp;dq=wlc he atbeat round trip timeamp;source=blamp;ots=ClFsWOm0RHamp;sig=5NO_zaiDBOmHlDzXfLiLgrkg pP0amp;hl=zh- TWamp;sa=Xamp;ved=0ahUKEwjb0M31vdLPAhUT9mMKHRJkDv4Q6AEIWDAH#v=onepageamp;q= wlc heatbeat round trip timeamp;f=false
Cisco Prime Infrastructure 3.1.3 Administrator Guide – Configuring High Availability [Cisco Prime Infrastructure] – Cisco http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-1- 3/administrator/guide/PIAdminBook/config_HA.html
Health Monitor (HM) detects failure conditions using the heartbeat messages that the two servers exchange. If the primary server is not responsive to three consecutive heartbeat messages from the secondary, it is considered to have failed. During the health check. HM also checks the application process status and database health; if there is no proper response to these checks, these are also treated as having failed.
The HA system takes approximately 10 to 15 seconds to detect a process failure on the primary server and initiate a failover. If the secondary server is unable to reach the primary server due to a network issue, it might take more time to initiate a failover. In addition, it may take additional time for the application processes on the secondary server to be fully operational.
High Availability FAQ -Cisco. http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-1130-ag-series/qa_c67- 714540.html
Q. What are the recommendations for the network between the primary and secondary controllers connected via RP over Layer 2 VLAN/fiber to achieve client SSO? A. The Layer 2 network for RP connectivity needs to follow these recommendations to ensure
appropriate performance in case of a switchover:
Round-trip time (RTT) latency on the redundancy link: 80 ms or less for the default keep- alive timeout or 80 percent of the configured keep-alive timeout
Preferred maximum transmission unit (MTU) on the redundancy link: 1500 or above
Bandwidth on the redundancy link: 60 Mbps or more
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|