642-737 IAUWS Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0

$108.00 $58.00

Product Description

Exam Number/Code: 642-737

Exam Name: Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0

Questions and Answers: 206 Q&As

Version: PDF

Sample: 642-737 IAUWS Free Online Test

Purchase this product now and earn 58 Points!

Product Description

The last day to test 642-737 IAUWS exam is September 21, 2016. The new one is 300-375 WISECURE. Try Cisco 300-375 WISECURE free online test here.

Exam Number 642-737 IAUWS
Associated Certifications CCNP Wireless
Duration 90 minutes (50 – 60 questions)
Available Languages English, Japanese
Register Pearson VUE

The Implementing Advanced Cisco Unified Wireless Security exam is the exam associated with the CCNP Wireless certification. This 642-737 IAUWS exam assesses a candidate’s capability to secure the wireless network from security threats via appropriate security policies and best practices, to properly implement security standards, and to properly configure wireless security components.


22% 1.0 Integrate Client Device Security

1.1 Describe Extensible Authentication Protocol (EAP) authentication process
1.2 Configure client for secure EAP authentication
1.3 Configure the AnyConnect client
1.4 Describe the impact of security configurations on application and client roaming
1.5 Troubleshoot client wireless authentication issues
1.5.a Packet analyzers
1.5.b Debugs
1.5.c Logs
1.5.d Cisco Wireless Control System (WCS)
1.5.e Access Control Server (ACS)
1.6 Identify client security risks
1.6.a driver update
1.6.b MS hot fixes

11% 2.0 Design and Integrate Wireless Network with NAC

2.1 Describe the architectures
2.1.a inband
2.1.b out-of-band
2.1.c agent vs. agentless
2.1.d Cisco Network Admission Control (NAC) appliance
2.2 Describe the high-level authentication process flow
2.2.a CAS
2.2.b CAM
2.2.d Wireless LAN controller (WLC)
2.2.e External authentication sources
2.3 Configure the WLC for Network Access Controller (NAC)
2.4 Verify wireless authentication with NAC

22% 3.0 Implement Secure Wireless Connectivity Services

3.1 Configure authentication
3.1.a Controller Local EAP with or without external Lightweight B. Directory Access
3.1.b Protocol (LDAP) database
3.1.c Client authentication on H-REAP access points (APs)
3.1.d 802.1X authentication for AP authentication to the switch
3.2 Configure autonomous AP for RADIUS authentication
3.3 Configure management frame protection on clients, APs and controllers
3.4 Configure IBN
3.4.a RADIUS based VLAN and ACLs
3.4.b AAA override
3.5 Define ACS parameters for integration with wireless network
3.6 Define client and server-side digital certificate requirements
3.7 Implement ACLs on controller
3.7.a CPU ACLs
3.7.b WLAN, interface, and client identity ACL
3.8 Troubleshoot secure wireless connectivity services
3.8.a Packet analyzers, debugs, logs, WCS, and ACS
3.8.b Verify firewall ports
3.8.c ACS and Controller authorization and authentication for clients

12% 4.0 Design and implement Guest Access Service

4.1 Describe the architectures for guest access services
4.1.a VLAN-based
4.1.b Anchor, DMZ, redundancy, and scaling
4.1.c NAC guest server
4.1.d Wired guest access
4.1.e Bandwidth limiting
4.2 Configure guest access accounts
4.2.a Lobby ambassador (controller and WCS-based)
4.2.b Guest roles
4.3 Configure controller web authentication
4.3.a Pass through
4.3.b Internal and external
4.3.c Authentication (local/RADIUS)
4.3.d Custom splash page (internal, external, and per WLAN)
4.3.e Understand design considerations (DNS, proxy)
4.3.f Pre-authentication ACL
4.3.g Wired guest access
4.3.h Install third party certificate on controller
4.4 Configure the anchor and internal controllers
4.5 Troubleshoot guest access issues
4.5.a Packet analyzers, debugs, logs, WCS, and ACS
4.5.b Verify firewall ports
4.5.c Mping and eping
4.5.d Proxies

11% 5.0 Translate Organizational and Regulatory Security Policies and Enforce Security Compliances

5.1 Describe Regulatory Compliance Considerations, such as HIPAA, PCI, SOX, and FERPA
5.1.a HIPAA
5.1.b PCI
5.1.c SOX
5.1.d FERPA
5.2 Segment traffic into different VLANs, based upon
5.2.a Security
5.2.b Application
5.2.c QoS
5.3 Configure administration security on controller and WCS
5.3.a TACACS+ and ACS integration
5.3.b Local
5.3.c RADIUS and AAA server integration
5.3.d Access point administration credential
5.3.e Admin roles
5.4 Manage WLC and WCS alarms
5.4.a SNMP and Trap receivers
5.4.b Syslog
5.4.c SMTP
5.4.d ACS log
5.4.e Modify WCS alarm levels
5.5 Utilize security audit tools
5.5.a Packet captures
5.5.b Penetration testing
5.5.c Third-party software (AirMagnet AirWise)
5.5.d PCI Audit tool in WCS

11% 6.0 Configure Native WLC security Feature Sets – IPS/IDS

6.1 Utilize WCS or controller for IDS and threat mitigation strategies
6.1.a Signature
6.1.b Custom signature
6.1.c Rogue classification management and (auto) containment
6.1.d Rogue reporting/location (WCS only)
6.1.e Switchport tracing (WCS only)
6.1.f Integrate Cisco spectrum expert to WCS
6.1.g Client exclusion
6.1.h CleanAir
6.2 Identify and mitigate wireless vulnerabilities
6.2.a Wireless packet injection (can’t be mitigated)
6.2.b Client misconfiguration
6.2.c DoS (RF jamming)
6.2.d Anomalous behavior attacks (association and authentication attacks)
6.2.e Signature attacks (NetStumbler and undetectable at this time
6.2.f Eavesdropping (wild packets and Honeypot)
6.2.g Hijacking/mimicry (evil Twin and HoneyPotting)
6.2.h Social engineering (human attack)

11% 7.0 Integrate Wireless Network with Advanced Security Platforms

7.1 Describe end-to-end security Solutions of Cisco and how they Integrate with the Cisco Wireless Solutions
7.1.a AnyConnect 3.0 and above
7.1.b NAC appliance
7.1.c NAC guest server
7.1.d Wired IPS
7.1.e ACS
7.2 Describe the CUWN firewall port configuration requirements
7.2.a Access control lists (ACLs)
7.2.b IP port pass-through
7.2.c DMZ
7.3 Configure the controller for wired IPS/IDS
7.4 Configure wireless Intrusion Prevention System (IPS) (MSE)



成为第一个评论 “642-737 IAUWS Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0” 的人
There are no products