400-351 VCE | 2017 Latest Cisco 400-351 VCE Exam Questions And Answers

Question No : 1
You are implementing a WLC at a remote site and want to make sure that you are able to sync up with the Cisco WCS at the central site. Which two statements about this process are true? (Choose two.)       The best Cisco https://www.lead4pass.com/400-351.html exam study guide and practice materials
A. If the WLC is behind a firewall, you must make sure that UDP ports 161 and 162 are open.
B. The Cisco WCS server does not need direct IP connectivity to the WLC.
C. Cisco WCS will not be able to communicate with the WLC if the WLC is behind a NAT device.
D. If the WLC is behind a NAT device, the WLC’s dynamic AP-manager interface must be configured with the external NAT IP address.
Answer: A,C

Question No : 2
While troubleshooting a failed central web authentication configuration on cisco WLC you discover that the Cisco WLC policy manager state is showing RUN For new client and not CENTRAL_WEB_AUTH what is most likely the issue.?
A. The WLAN Layer 2 security should be sent to WPA+WPA2
B. The WLAN NAC state should be set to RADIUS NAC
C. The web login page under the cisco WLC security should be set to external (redirect to external server)
D. The WLAN layer 3 security should be set to web page policy with condition web redirect.
Answer: B

Question No : 3
400-351
Refer to the exhibit which syslog logging facility and severity level is enabled on this AP ?
A. logging trap severity 6, logging syslog facility local7
B. logging trap severity 3,logging syslog facility sys 10
C. logging trap severity 5,logging syslog facility local14
D. logging trap severity 7, logging syslog facility local 7
E. Logging trap severity 9,logging syslog facility kernel
Answer: D

Question No : 4
Which two options are valid mobility roles in which a controller can operate in during a client mobility session? (Choose two.)
A. local
B. auto anchor
C. export anchor
D. mobility announcer
Answer: A,C

Question No : 5
Which statement about wireless LAN security in a Cisco 400-351 vce Unified Wireless Network VoWLAN deployment is false?
A. EAP-FAST, if available, is the recommended EAP type for use in VoWLAN deployments.
B. Although LEAP is considered secure for VoWLAN handsets when correctly deployed, it is recommended that a different EAP method (FAST, PEAP, TLS) is used, if available.
C. Dynamic WEP mitigates the security weaknesses in static WEP, making it a viable option that can be relied upon to secure a VoWLAN deployment.
D. When using EAP authentication, the EAP-Request timeout value should be adjusted based only on the advice of the VoWLAN handset vendor.
E. When using WPA Personal, strong keys should be used to avoid a dictionary attack.
Answer: D

Question No : 6
Which port does cisco JSE use by default to send RADIUS CoA messages to the Cisco WLC?
A. UDP 3799
B. UDP 1813
C. UDP 1700
D. TCP 1812
Answer: C

Question No : 7
When creating a guest account on Cisco identity Services Engine .Which option in the sponsor portal allows for the guest credentials to be used for RADIUS authentication without requiring the guest user to log into the guest portal?
A. Set the Guest role to Guest
B. Set the Guest role to Activated guest
C. Set the Time Profile to Radius 1Day
D. Check the box to send email not send email notification id the guest user name is based on the email address.
Answer: B

Question No : 8
Your customer has a Cisco unified Wireless Network running AireOS 8.0 and wants to learn about the FlexConnect mode that is available on his APs which two statementsare true?(choose two)   400-351 vce
A. When an AP is changed from localmode to FlexConnect mode a reboot is required.
B. A newly connected AP can be booted in FlexConnect mode
C. When an AP IS changed from local mode to FlexConnect mode a reboot IS not required.
D. Cisco Centralized Key Management require the use of FlexConnect group
Answer: C,D

Read more:The Cisco https://www.lead4pass.com/400-351.html vce exam practice questions and answers covers all the knowledge points of the real exam, 100% success and guarantee to pass 400-351 exam easily at the first time.

Reference: http://www.cisco.com/c/en/us/training-events/training-certifications/exams/current-list/ccie-wireless2.html

Related: http://www.geturnet.com/latest-cisco-300-070-dumps/

Click here to learn more: http://www.trainingvce.com/latest-emc-e20-690-dumps/

exam