300-370 Troubleshooting Cisco Wireless Enterprise Networks

Page 1   
Question 1

An engineer must open a support case with Cisco TAC. Which two commands verify the
model and serial number of a controller? (Choose two)

  • A. show sysinfo
  • B. show udi
  • C. show inventory
  • D. show boot
  • E. show tech-support

Answer : A,B

Question 2

A network engineer is troubleshooting why EAP authentication with a client is failing. Which
two commands should be used to resolve the issue? (Choose two)

  • A. debug dot1x notifications enable
  • B. debug dot1x events enable
  • C. debug arp
  • D. debug aaa detail enable
  • E. debug aaa events detail enable

Answer : B,E

Question 3

Refer to the exhibit.
A client reports being unable to log into the wireless network, which uses PEAPv2. Which
two issues appear in the output? (Choose two)

  • A. The AP has the incorrect RADIUS server address
  • B. There is a problem with the client supplicant
  • C. The AP has lost IP connectivity to the authentication server
  • D. The authentic at ion server is misconfigured on the controller
  • E. The EAP client timeout value should be increased
  • F. The authentication server is misconfigured in the WLAN

Answer : A,C

Question 4

Clients are failing EAP authentication A debug shows that an EAP handshake started and
the clients are then de-authenticated. Which two issues can cause this problem'? (Choose

  • A. The clients are configured for machine authentication, but the RADIUS server is configured for user authentication.
  • B. The WLC has not been added to the RADIUS server as a client.
  • C. The WLC certificate has changed.
  • D. The shared secret of the WLC and RADIUS server do not match.
  • E. The WLAN is not configured for the correct EAP supplicant type.

Answer : B,E

Question 5

The Big Engineering IT team has been working in the lab to do some testing of some new
features the existing network won't support. They are AP Croups, AP Failover, and Local
Web Auth. They have been having problems with all three features. In this test environment
the controllers only support the Composite and Structural Engineering and Aerodynamic
Engineering groups. All SSIDs should omit the department name. Refer to the exhibit. This
is a diagram of the floor plan for the Big Engineering office and the distribution of the
departments. The tables below show how the controllers have been configured.
Note, not all menu items, text boxes, or radio buttons are active.

When you review the configuration of the test network controller what needs to be changed
to resolve the problems? (Choose four.)

  • A. Change the High Availability Primary Controller Management Interface IP address.
  • B. Remove the current WLANs and replace them with WLANs that have the same SSID names as on the AE-2504A controller.
  • C. Add the Local Net User names and passwords
  • D. Change the Layer 2 security to none and Layer 3 Security to Web Policy for the CSE- Contractors WLAN
  • E. Remove me current WLAN from the CSE-WLAN AP Group and add all three of the WLANs configured in the CSE-2504A
  • F. Add the CSE APs to the CSE-WLANs AP-Group.

Answer : B,C,D,F

Question 6

A network engineer has identified clients who are experiencing delays white roaming. The
network is configured with WPA2-Enterpnse. AES encryption, 802 1X authentication, and
Cisco Centralized Key Management Which change resolves the roaming delays?

  • A. Utilize a supplicant that supports Cisco Centralized Key Management."
  • B. Enable AES and TKIP encryption
  • C. Disable client session timeout
  • D. Install wireless device drivers from Cisco

Answer : A

Question 7

Which statement about the join process of the access point is true?
Refer to the exhibit.

  • A. The AP failed to join because the self-signed certificate of the AP was not correct on the controller.
  • B. The time on the controller is outside of the certificates validity time interval so the join phase failed.
  • C. The AP moved from this controller to its primary controller.
  • D. The AP successfully joined the controller.

Answer : B

Question 8

An engineer has configured 802 1x for the network and all but one of the APs are passing
authentication. Which configuration is causing the failure?

  • A. The AP has override global credentials checked.
  • B. The switch AAA credentials do not match what is configured on ISE.
  • C. The controller 802 1x supplicant credentials do not match what is configured on ISE
  • D. EAP-FAST is configured on ISE for this AP.

Answer : A

Question 9

An engineer has received an alarm on a wireless LAN controller and is unsure of its
meaning. The engineer attempted to ping the wireless LAN controller interfaces. Which
troubleshooting methodology does this action demonstrate?

  • A. bottom-up
  • B. follow the path
  • C. shoot from the hip
  • D. top-down
  • E. divide and conquer

Answer : E

Question 10

Drag and drop the Layer 3 WLAN controller mutual authentication join process events on
the left into the order in which they occur on the right Not all options are used.

Answer :

Question 11

A client is failing EAP authentication and a debug shows that the server is sending an
Access-Reject message. Which action must you take to resolve authentication?

  • A. Verify that the Validate server certificate on the client is disabled.
  • B. Verify that the client certificates are from the proper CA and server certificate.
  • C. Verify that the client server certificate has the proper Windows OlDs.
  • D. Verify that the user account is the same in the client certificate.
  • E. Verify that the user is using the same password that is on the server

Answer : B

Question 12

A VoWLAN has been deployed at a customer site. and users report that audio is choppy in
some areas The exhibit captures a voice exchange between one phone that is associated
to the AP at the end of the corridor (172.31 255 101) and another phone that is positioned
in a conference room nearby. Which action enhances the voice application quality of
Refer to the exhibit.

  • A. Change the basic rate configuration on the WLC to include 54 Mbps.
  • B. Change the WLAN QoS profile to platinum.
  • C. Decrease the AP power level.
  • D. Disable higher data rates on the controller.

Answer : A

Question 13

Which statement about the usage of the debug command in a Cisco Unified Wireless
Network is true?

  • A. Debug is enabled until manual shut off.
  • B. Debug is a message logging severity 7.
  • C. Debug is a restricted command and is not available in the AP CLI.
  • D. Debug is available on the WLC serial console and web interface.

Answer : B

Question 14

A wireless engineer has completed the configuration of a new WLAN on the existing Cisco
wireless infrastructure. During testing he found that the wireless client's authenticate and
received the correct ip address from the switch, but they were not able to access any of the
internal or external resources. Which action will resolve the issue?

  • A. Configure static ip addresses for the wireless clients.
  • B. Configure the default-router on the switch DHCP pool.
  • C. Configure option 82 on the switch DHCP pool.
  • D. Configure a dns-server on the switch DHCP pool.

Answer : C

Question 15

The AP is unable to join the controller. What is the cause of this error?
Refer to the exhibit.

  • A. The controller code version is lower than the code of the AP attempting to join.
  • B. AP code is not the same as the controller and must download firmware.
  • C. AP model \% not compatible with the controller code version.
  • D. The AP is riot conjured in the controller auth-list of acceptable APs.

Answer : C

Page 1