Note:

  • CCIE Security 350-018 exam will be retired on January 30, 2017, the new exam is 400-251.
  • CCNA Data Center 640-911 DCICN exam will be retired on April 11, 2017.
  • CCNA Data Center 640-916 DCICT exam will be retired on April 11, 2017.
  • CCNP Data Center 642-035 DCUCT exam will be retired on July 3, 2017.
  • CCNP Data Center 642-980 DCUFT exam will be retired on July 3, 2017.
  • CCNP Data Center 642-996 DCUFD exam will be retired on July 3, 2017.
  • CCNP Data Center 642-997 DCUFI exam will be retired on July 3, 2017.
  • CCNP Data Center 642-998 DCUCD exam will be retired on July 3, 2017.
  • CCNP Data Center 642-999 DCUCI exam will be retired on July 3, 2017.
  • The new CCNP Data Center certification required exams are 300-180 DCIT, 300-165 DCII, 300-160 DCID, 300-175 DCUCI and 300-170 DCVAI exams.

Tag Archives: Integrate Client Device Security

05 Jul

300-375 WISECURE Online Test-Securing Wireless Enterprise Networks

Currently, our 300-375 WISECURE online test only provide 10 questions. Answer one question correctly, you can get 10 points. The content of these questions are the latest exam content. Please feel free to test your skill level.

If you have some opinions or suggestions about our online test, please leave your message, we will improve it step by step.

Now, begin to test:

1. A customer is concerned that radar is impacting the access point that service the wireless network in an office located near an airport. On which type of channel should you conduct spectrum analysis to identify if radar is impacting the wireless network?

 
 
 
 
 
 

2. A customer is concerned about DOS attacks from a neighboring facility. Which feature can be enabled to help alleviate these concerns and mitigate DOS attacks on a WLAN?

 
 
 
 

3. A network engineer is implementing a wireless network and is considering deploying a single SSID for device onboarding. Winch option is a benefit of using dual SSIDs with a captive portal on the onboard SSID compared to a single SSID solution?

 
 
 
 

4. Which mobility mode must a Cisco 5508 wireless Controller be in to use the MA functionality on a cisco catalyst 3850 series switch with a cisco 550 Wireless Controller as an MC?

 
 
 
 

5. MFP is enabled globally on a WLAN with default settings on single controller wireless network. Older client devices are disconnected from the network during a deauthentication attack. What is the cause of this issue?

 
 
 
 

6. An engineer is configuring client MFP. What WLAN Layer 2 security must be selected to use client MFP?

 
 
 
 

7. Access points at branch sites for a company are in FlexConncct mode and perform local switching, but they authenticate to the central RADIUS at headquarters. VPN connections to the headquarters have gone down, but each branch site has a local authentication server. Which three features on the wireless controller can be configured to maintain network operations if this situation reoccurs? (Choose three.)

 
 
 
 
 
 

8. When you configure BYOD access to the network, you face increased security risks and challenges. Which challenge is resolved by deploying digital client certificates?

 
 
 
 

9. An engineer must provide a graphical trending report of the total number of wireless clients on the network. Winch report provides the required data?

 
 
 
 

10. When a wireless client uses WPA2 AES, which keys are created at the end of the four way handshake process between the client and the access point?

 
 
 
 

Question 1 of 10

 

cart

28 Oct

cisco 642-737 iauws exam preparation

cisco 642-737 iauws exam preparation is available. This Cisco 642-737 IAUWS exam assesses a candidate’s capability to secure the wireless network from security threats via appropriate security policies and best practices, to properly implement security standards, and to properly configure wireless security components.

cisco 642-737 iauws exam preparation exam objectives are below.

22% 1.0 Integrate Client Device Security

1.1 Describe Extensible Authentication Protocol (EAP) authentication process
1.2 Configure client for secure EAP authentication
1.3 Configure the AnyConnect client
1.4 Describe the impact of security configurations on application and client roaming
1.5 Troubleshoot client wireless authentication issues
1.5.a Packet analyzers
1.5.b Debugs
1.5.c Logs
1.5.d Cisco Wireless Control System (WCS)
1.5.e Access Control Server (ACS)
1.6 Identify client security risks
1.6.a driver update
1.6.b MS hot fixes

11% 2.0 Design and Integrate Wireless Network with NAC

2.1 Describe the architectures
2.1.a inband
2.1.b out-of-band
2.1.c agent vs. agentless
2.1.d Cisco Network Admission Control (NAC) appliance
2.2 Describe the high-level authentication process flow
2.2.a CAS
2.2.b CAM
2.2.c RADIUS/ACS
2.2.d Wireless LAN controller (WLC)
2.2.e External authentication sources
2.3 Configure the WLC for Network Access Controller (NAC)
2.4 Verify wireless authentication with NAC

Practice cisco 642-737 iauws exam preparation here. 

 

09 Sep

642-737 IAUWS Implementing Advanced Cisco Unified Wireless Security

The Implementing Advanced Cisco Unified Wireless Security exam is the exam associated with the CCNP Wireless certification. This Cisco 642-737 IAUWS exam assesses a candidate’s capability to secure the wireless network from security threats via appropriate security policies and best practices, to properly implement security standards, and to properly configure wireless security components.

Implementing Advanced Cisco Unified Wireless Security is the full name of 642-737 IAUWS test. The Associated Certification is CCNP Wireless. There are 50-60 questions in real Cisco 642-737 IAUWS exam, which will take the candidates 90 minutes to complete the test. The available languages are English and Japanese. Candidates can register Cisco 642-737 IAUWS exam at Pearson VUE testing center.

It is important for the candidates to know Cisco 642-737 IAUWS exam topics.

22% 1.0 Integrate Client Device Security

1.1 Describe Extensible Authentication Protocol (EAP) authentication process
1.2 Configure client for secure EAP authentication
1.3 Configure the AnyConnect client
1.4 Describe the impact of security configurations on application and client roaming
1.5 Troubleshoot client wireless authentication issues
1.5.a Packet analyzers
1.5.b Debugs
1.5.c Logs
1.5.d Cisco Wireless Control System (WCS)
1.5.e Access Control Server (ACS)
1.6 Identify client security risks
1.6.a driver update
1.6.b MS hot fixes

11% 2.0 Design and Integrate Wireless Network with NAC

2.1 Describe the architectures
2.1.a inband
2.1.b out-of-band
2.1.c agent vs. agentless
2.1.d Cisco Network Admission Control (NAC) appliance
2.2 Describe the high-level authentication process flow
2.2.a CAS
2.2.b CAM
2.2.c RADIUS/ACS
2.2.d Wireless LAN controller (WLC)
2.2.e External authentication sources
2.3 Configure the WLC for Network Access Controller (NAC)
2.4 Verify wireless authentication with NAC

22% 3.0 Implement Secure Wireless Connectivity Services

3.1 Configure authentication
3.1.a Controller Local EAP with or without external Lightweight B. Directory Access
3.1.b Protocol (LDAP) database
3.1.c Client authentication on H-REAP access points (APs)
3.1.d 802.1X authentication for AP authentication to the switch
3.2 Configure autonomous AP for RADIUS authentication
3.3 Configure management frame protection on clients, APs and controllers
3.4 Configure IBN
3.4.a RADIUS based VLAN and ACLs
3.4.b AAA override
3.5 Define ACS parameters for integration with wireless network
3.6 Define client and server-side digital certificate requirements
3.7 Implement ACLs on controller
3.7.a CPU ACLs
3.7.b WLAN, interface, and client identity ACL
3.8 Troubleshoot secure wireless connectivity services
3.8.a Packet analyzers, debugs, logs, WCS, and ACS
3.8.b Verify firewall ports
3.8.c ACS and Controller authorization and authentication for clients

12% 4.0 Design and implement Guest Access Service

4.1 Describe the architectures for guest access services
4.1.a VLAN-based
4.1.b Anchor, DMZ, redundancy, and scaling
4.1.c NAC guest server
4.1.d Wired guest access
4.1.e Bandwidth limiting
4.2 Configure guest access accounts
4.2.a Lobby ambassador (controller and WCS-based)
4.2.b Guest roles
4.3 Configure controller web authentication
4.3.a Pass through
4.3.b Internal and external
4.3.c Authentication (local/RADIUS)
4.3.d Custom splash page (internal, external, and per WLAN)
4.3.e Understand design considerations (DNS, proxy)
4.3.f Pre-authentication ACL
4.3.g Wired guest access
4.3.h Install third party certificate on controller
4.4 Configure the anchor and internal controllers
4.5 Troubleshoot guest access issues
4.5.a Packet analyzers, debugs, logs, WCS, and ACS
4.5.b Verify firewall ports
4.5.c Mping and eping
4.5.d Proxies

11% 5.0 Translate Organizational and Regulatory Security Policies and Enforce Security Compliances

5.1 Describe Regulatory Compliance Considerations, such as HIPAA, PCI, SOX, and FERPA
5.1.a HIPAA
5.1.b PCI
5.1.c SOX
5.1.d FERPA
5.2 Segment traffic into different VLANs, based upon
5.2.a Security
5.2.b Application
5.2.c QoS
5.3 Configure administration security on controller and WCS
5.3.a TACACS+ and ACS integration
5.3.b Local
5.3.c RADIUS and AAA server integration
5.3.d Access point administration credential
5.3.e Admin roles
5.4 Manage WLC and WCS alarms
5.4.a SNMP and Trap receivers
5.4.b Syslog
5.4.c SMTP
5.4.d ACS log
5.4.e Modify WCS alarm levels
5.5 Utilize security audit tools
5.5.a Packet captures
5.5.b Penetration testing
5.5.c Third-party software (AirMagnet AirWise)
5.5.d PCI Audit tool in WCS

11% 6.0 Configure Native WLC security Feature Sets – IPS/IDS

6.1 Utilize WCS or controller for IDS and threat mitigation strategies
6.1.a Signature
6.1.b Custom signature
6.1.c Rogue classification management and (auto) containment
6.1.d Rogue reporting/location (WCS only)
6.1.e Switchport tracing (WCS only)
6.1.f Integrate Cisco spectrum expert to WCS
6.1.g Client exclusion
6.1.h CleanAir
6.2 Identify and mitigate wireless vulnerabilities
6.2.a Wireless packet injection (can’t be mitigated)
6.2.b Client misconfiguration
6.2.c DoS (RF jamming)
6.2.d Anomalous behavior attacks (association and authentication attacks)
6.2.e Signature attacks (NetStumbler and undetectable at this time
6.2.f Eavesdropping (wild packets and Honeypot)
6.2.g Hijacking/mimicry (evil Twin and HoneyPotting)
6.2.h Social engineering (human attack)

11% 7.0 Integrate Wireless Network with Advanced Security Platforms

7.1 Describe end-to-end security Solutions of Cisco and how they Integrate with the Cisco Wireless Solutions
7.1.a AnyConnect 3.0 and above
7.1.b NAC appliance
7.1.c NAC guest server
7.1.d Wired IPS
7.1.e ACS
7.2 Describe the CUWN firewall port configuration requirements
7.2.a Access control lists (ACLs)
7.2.b IP port pass-through
7.2.c DMZ
7.3 Configure the controller for wired IPS/IDS
7.4 Configure wireless Intrusion Prevention System (IPS) (MSE)

Related resource: http://www.cisco.com/web/learning/exams/list/iauws.html#~Topics

 

08 Aug

642-737 IAUWS Online Test-Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0

Currently, our 642-737 IAUWS online test only provide 10 questions. Answer one question correctly, you can get 10 points. The content of these questions are the latest exam content. Please feel free to test your skill level.

If you have some opinions or suggestions about our online test, please leave your message, we will improve it step by step.

Now, begin to test:

Please go to 642-737 IAUWS Online Test-Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0 to view the test

 

cart

 

 

 


Recent Posts


Tags

and/or Remove an End-Device and/or Remove an Infrastructure Device and/or Remove Cables (network and/or power) Cisco 642-997 DCUFI exam Cisco 642-999 DCUCI exam Configure Cisco Unity Connection Configure Cisco Unity Express using the GUI Describe and implement centralized call processing redundancy Describe Data Center Structure and Modularity Describe the Design Methodology Describe the Technologies used within the Data Center Describe WLAN Fundamentals Design and Deploy WLAN Infrastructure for Mobility Design Network Management Considerations into a Data Center Design the Access Layer of a Data Center General Networking Knowledge given a Network Design and a set of Requirements High Availability Routing Features Identify Cisco Equipment and Related Hardware Implement high availability features on Cisco Unified Fabric products in a Cisco Data Center Architecture Implement Multicast over Wireless Implement QoS for Wireless Applications Implement VoWLAN Infrastructure Security Infrastructure Services Install Integrate Client Device Security IP Services LAN Switching Technologies Layer 2 Technologies Layer 3 Technologies Maintain Appropriate End-Devices and Industrial Network Infrastructure Devices Manage the Unified Fabric in a Cisco Data Center Architecture Monitoring and Reporting Tools Network Principles Replace Service-Related Knowledge Threat Defense Threat Defense Architectures Troubleshoot Call Setup Issues Troubleshooting Troubleshoot Registration Issues UCS Compute Troubleshooting VPN Technologies WAN Technologies

Links

Powered by CCNP Exams Test Base