ExamGecko
Login
Home / Cisco / 300-430 / List of questions
Ask Question

Cisco 300-430 Practice Test - Questions Answers

List of questions

Question 1

Report Export Collapse

A customer managing a large network has implemented location services. Due to heavy load, it is needed to load balance the data coming through NMSP from the WLCs. Load must be spread between multiple CMX servers to help optimize the data flow for APs. Which configuration in CMX meets this requirement?

cmxctl config feature flags nmsplb.cmx-ap-grouping true

cmxctl config feature flags nmsplb.cmx-ap-grouping true

cmxctl config feature flags nmsplb.cmxgrouping true

cmxctl config feature flags nmsplb.cmxgrouping true

cmxctl config feature flags nmsplb.cmx-loadbalance true

cmxctl config feature flags nmsplb.cmx-loadbalance true

cmxctl config feature flags nmsplb.cmx-rssi-distribute true

cmxctl config feature flags nmsplb.cmx-rssi-distribute true

Suggested answer: B
Explanation:

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/mse/10-6/cmx_command/cmxcli106/cmxcli1051_chapter_010.html#wp7273815000

https://www.cisco.com/c/en/us/support/docs/wireless/connected-mobile-experiences/214894-optimize-cmx-performance.html

asked 07/10/2024
Nicholas Stoner
46 questions

Question 2

Report Export Collapse

An engineer needs to provision certificates on a Cisco Catalyst 9800 Series Wireless Controller. The customer uses a third-party CA server. Which protocol must be used between the controller and CA server to request and install certificates?

SCEP

SCEP

TLS

TLS

LDAP

LDAP

SSL

SSL

Suggested answer: A
Explanation:

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/configguide/trustpoints/b-configuring-trustpoints-on-cisco-catalyst-9800- series-controllers/c-workflow-toconfigure-a-trustpoint-for-a-third-party-certificate-on-catalyst-9800.html

asked 07/10/2024
Paul Pinero
36 questions

Question 3

Report Export Collapse

A corporation has recently implemented a BYOD policy at their HQ. Which two risks should the security director be concerned about? (Choose two.)

network analyzers

network analyzers

malware

malware

lost and stolen devices

lost and stolen devices

keyloggers

keyloggers

unauthorized users

unauthorized users

Suggested answer: B, C
asked 07/10/2024
Siddig Ahmed
50 questions

Question 4

Report Export Collapse

When implementing self-registration for guest/BYOD devices, what happens when an employee tries to connect four devices to the network at the same time?

The last device is removed and the newly added device is updated as active device.

The last device is removed and the newly added device is updated as active device.

The registration is allowed, but only one device is connected at any given time.

The registration is allowed, but only one device is connected at any given time.

All devices are allowed on the network simultaneously.

All devices are allowed on the network simultaneously.

Purge time dictates how long a device is registered to the portal.

Purge time dictates how long a device is registered to the portal.

Suggested answer: B
asked 07/10/2024
Marcel Janssen
40 questions

Question 5

Report Export Collapse

What is an important consideration when implementing a dual SSID design for BYOD?

After using the provisioning SSID, an ACL that used to make the client switch SSIDs forces the user to associate and traverse the network by MAC filtering.

After using the provisioning SSID, an ACL that used to make the client switch SSIDs forces the user to associate and traverse the network by MAC filtering.

If multiple WLCs are used, the WLAN IDs must be exact for the clients to be provisioned and traverse the network correctly.

If multiple WLCs are used, the WLAN IDs must be exact for the clients to be provisioned and traverse the network correctly.

SSIDs for this setup must be configured with NAC State-RADIUS NAC for the clients to authenticate with Cisco ISE, or with NAC State-ISE NAC for Cisco ISE to associate the client.

SSIDs for this setup must be configured with NAC State-RADIUS NAC for the clients to authenticate with Cisco ISE, or with NAC State-ISE NAC for Cisco ISE to associate the client.

One SSID is for provisioning and the other SSID is for gaining access to the network. The use of an ACL should not be enforced to make the client connect to the REAL SSID after provisioning.

One SSID is for provisioning and the other SSID is for gaining access to the network. The use of an ACL should not be enforced to make the client connect to the REAL SSID after provisioning.

Suggested answer: D
asked 07/10/2024
Budi Gunawan
49 questions

Question 6

Report Export Collapse

Refer to the exhibit.

Cisco 300-430 image Question 6 112339 10072024005858000000

A network administrator deploys the DHCP profiler service in two ISE servers: 10.3.10.101 and 10.3.10.102. All BYOD devices connecting to WLAN on VLAN63 have been incorrectly profiled and are assigned as unknown profiled endpoints. Which action efficiently rectifies the issue according to Cisco recommendations?

Nothing needed to be added on the Cisco WLC or VLAN interface. The ISE configuration must be fixed.

Nothing needed to be added on the Cisco WLC or VLAN interface. The ISE configuration must be fixed.

Disable DHCP proxy on the Cisco WLC.

Disable DHCP proxy on the Cisco WLC.

Disable DHCP proxy on the Cisco WLC and run the ip helper-address command under the VLAN interface to point to DHCP and the two ISE servers.

Disable DHCP proxy on the Cisco WLC and run the ip helper-address command under the VLAN interface to point to DHCP and the two ISE servers.

Keep DHCP proxy enabled on the Cisco WLC and define helper-address under the VLAN interface to point to the two ISE servers.

Keep DHCP proxy enabled on the Cisco WLC and define helper-address under the VLAN interface to point to the two ISE servers.

Suggested answer: C
asked 07/10/2024
giorgi durglishvili
44 questions

Question 7

Report Export Collapse

On a branch office deployment, it has been noted that if the FlexConnect AP is in standalone mode and loses connection to the WLC, all clients are disconnected, and the SSID is no longer advertised.

Considering that FlexConnect local switching is enabled, which setting is causing this behavior?

ISE NAC is enabled

ISE NAC is enabled

802.11r Fast Transition is enabled

802.11r Fast Transition is enabled

Client Exclusion is enabled

Client Exclusion is enabled

FlexConnect Local Auth is disabled

FlexConnect Local Auth is disabled

Suggested answer: D
asked 07/10/2024
Brian Wilson
41 questions

Question 8

Report Export Collapse

An engineer must implement intrusion protection on the WLAN. The AP coverage is adequate and on-channel attacks are the primary concern. The building is historic, which makes adding APs difficult. Which AP mode and submode must be implemented?

AP mode: local, AP submode: none

AP mode: local, AP submode: none

AP mode: monitor, AP submode: WIPS

AP mode: monitor, AP submode: WIPS

AP mode: monitor, AP submode: none

AP mode: monitor, AP submode: none

AP mode: local, AP submode: WIPS

AP mode: local, AP submode: WIPS

Suggested answer: D
asked 07/10/2024
Arun Pandian
46 questions

Question 9

Report Export Collapse

An engineer is implementing a FlexConnect group for access points at a remote location using local switching but central DHCP. Which client feature becomes available only if this configuration is changed?

multicast

multicast

static IP

static IP

fast roaming

fast roaming

mDNS

mDNS

Suggested answer: B
asked 07/10/2024
Filippo Bertuzzi
35 questions

Question 10

Report Export Collapse

A FlexConnect remote office deployment is using five 2702i APs indoors and two 1532i APs outdoors.

When a code upgrade is performed and FlexConnect Smart AP Image Upgrade is leveraged, but no FlexConnect Master AP has been configured, how many image transfers between the WLC and APs will occur?

1

1

2

2

5

5

7

7

Suggested answer: B
asked 07/10/2024
Vipulkumar Shukal
42 questions
Total 216 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An engineer must implement rogue containment for an SSID. What is the maximum number of APs that should be used for containment?
A wireless engineer must implement a corporate wireless network for a large company in the most efficient way possible. The wireless network must support 32 VLANs for 300 employees in different departments. Which solution must the engineer choose?
A Cisco CMX 3375 appliance on the 10.6.1 version code counts duplicate client entries, which creates wrong location analytics. The issue is primarily from iOS clients with the private MAC address feature enabled. Enabling this feature requires an upgrade of the Cisco CMX 3375 appliance in a high availability pair to version 10.6.3. SCP transfers the Cisco CMX image, but the upgrade script run fails. Which configuration change resolves this issue?
After receiving an alert about a rogue AP, a network engineer logs into Cisco Prime Infrastructure and looks at the floor map where the AP that detected the rogue is located. The map is synchronized with a mobility services engine that determines that the rogue device is actually inside the campus. The engineer determines that the rogue is a security threat and decides to stop if from broadcasting inside the enterprise wireless network. What is the fastest way to disable the rogue?
An engineer must implement a BYOD policy with these requirements: Onboarding unknown machines Easily scalable Low overhead on the wireless network Which method satisfies these requirements?
An engineer has configured passive fallback mode for RADIUS with default timer settings. What will occur when the primary RADIUS fails then recovers?
Refer to the exhibit. An engineer implemented the CPU ACL on your Cisco 5520 Series Wireless LAN Controller, and the controller is no longer manageable via the network. What must be changes on this CPU ACL to enable it to manage the controller again?
Refer to the exhibit. A network architect configured the Cisco Catalyst 9800 Series Controller to find out information on client types in the wireless network. RADIUS profiling is enabled so that the controller forwards the information about clients to a Cisco ISE server through vendor-specific RADIUS attributes. The ISE server is not profiling any data from the controller. Which configuration must be added in the blank in the code to accomplish the profiling on the Cisco 9800 Series controller?
An engineer is troubleshooting a Cisco CMX high-availability deployment and notices that the primary and backup Cisco CMX servers are both considered primary. Which command must the engineer run on the backup server?
A network engineer needs to configure multicast in the network. The implementation will use multiple multicast groups and PIM routers. Which address provides automatic discovery of the best RP for each multicast group?