Home > Wireless Questions

Wireless Questions

March 16th, 2020 in ENCOR 350-401 Go to comments

Quick Wireless Summary
Cisco Access Points (APs) can operate in one of two modes: autonomous or lightweight
+ Autonomous: self-sufficient and standalone. Used for small wireless networks.
+ Lightweight: A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function. LAP and WLC communicate with each other via a logical pair of CAPWAP tunnels.

Control and Provisioning for Wireless Access Point (CAPWAP) is an IETF standard for control messaging for setup, authentication and operations between APs and WLCs. CAPWAP is similar to LWAPP except the following differences:

+CAPWAP uses Datagram Transport Layer Security (DTLS) for authentication and encryption to protect traffic between APs and controllers. LWAPP uses AES.
+ CAPWAP has a dynamic maximum transmission unit (MTU) discovery mechanism.
+ CAPWAP runs on UDP ports 5246 (control messages) and 5247 (data messages)

An LAP operates in one of six different modes:
+ Local mode (default mode): measures noise floor and interference, and scans for intrusion detection (IDS) events every 180 seconds on unused channels
+ FlexConnect, formerly known as Hybrid Remote Edge AP (H-REAP), mode: allows data traffic to be switched locally and not go back to the controller. The FlexConnect AP can perform standalone client authentication and switch VLAN traffic locally even when it’s disconnected to the WLC (Local Switched). FlexConnect AP can also tunnel (via CAPWAP) both user wireless data and control traffic to a centralized WLC (Central Switched).
+ Monitor mode: does not handle data traffic between clients and the infrastructure. It acts like a sensor for location-based services (LBS), rogue AP detection, and IDS
+ Rogue detector mode: monitor for rogue APs. It does not handle data at all.
+ Sniffer mode: run as a sniffer and captures and forwards all the packets on a particular channel to a remote machine where you can use protocol analysis tool (Wireshark, Airopeek, etc) to review the packets and diagnose issues. Strictly used for troubleshooting purposes.
+ Bridge mode: bridge together the WLAN and the wired infrastructure together.

Mobility Express is the ability to use an access point (AP) as a controller instead of a real WLAN controller. But this solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC. A Mobility Express WLC can support up to 100 APs.

Question 1

Explanation

The Lightweight AP (LAP) can discover controllers through your domain name server (DNS). For the access point (AP) to do so, you must configure your DNS to return controller IP addresses in response to CISCO-LWAPP-CONTROLLER.localdomain, where localdomain is the AP domain name. When an AP receives an IP address and DNS information from a DHCP server, it contacts the DNS to resolve CISCO-CAPWAP-CONTROLLER.localdomain. When the DNS sends a list of controller IP addresses, the AP sends discovery requests to the controllers.

The AP will attempt to resolve the DNS name CISCO-CAPWAP-CONTROLLER.localdomain. When the AP is able to resolve this name to one or more IP addresses, the AP sends a unicast CAPWAP Discovery Message to the resolved IP address(es). Each WLC that receives the CAPWAP Discovery Request Message replies with a unicast CAPWAP Discovery Response to the AP.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/107606-dns-wlc-config.html

Question 2

Explanation

Signal to Noise Ratio (SNR) is defined as the ratio of the transmitted power from the AP to the ambient (noise floor) energy present. To calculate the SNR value, we add the Signal Value to the Noise Value to get the SNR ratio. A positive value of the SNR ratio is always better.

Here is an example to tie together this information to come up with a very simple RF plan calculator for a single AP and a single client.
+ Access Point Power = 20 dBm
+ 50 foot antenna cable = – 3.35 dB Loss
+ Signal attenuation due to glass wall with metal frame = -6 dB
+ External Access Point Antenna = + 5.5 dBi gain
+ RSSI at WLAN Client = -75 dBm at 100ft from the AP
+ Noise level detected by WLAN Client = -85 dBm at 100ft from the AP

Based on the above, we can calculate the following information.
+ EIRP of the AP at source = 20 – 3.35 + 5.5 = 22.15 dBm
+ Transmit power as signal passes through glass wall = 22.15 – 6 = 16.15 dBm
+ SNR at Client = -75 + -85 = 10 dBm (difference between Signal and Noise)

Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/CMX/CMX_RFFund.html

Receive Signal Strength Indicator (RSSI) is a measurement of how well your device can hear a signal from an access point or router. It’s a value that is useful for determining if you have enough signal to get a good wireless connection.

EIRP tells you what’s the actual transmit power of the antenna in milliwatts.

dBm is an abbreviation for “decibels relative to one milliwatt,” where one milliwatt (1 mW) equals 1/1000 of a watt. It follows the same scale as dB. Therefore 0 dBm = 1 mW, 30 dBm = 1 W, and -20 dBm = 0.01 mW

Question 3

Explanation

The EAP-FAST protocol is a publicly accessible IEEE 802.1X EAP type that Cisco developed to support customers that cannot enforce a strong password policy and want to deploy an 802.1X EAP type that does not require digital certificates.

EAP-FAST is also designed for simplicity of deployment since it does not require a certificate on the wireless LAN client or on the RADIUS infrastructure yet incorporates a built-in provisioning mechanism.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-fixed/72788-CSSC-Deployment-Guide.html

Question 4

Explanation

If the clients roam between APs registered to different controllers and the client WLAN on the two controllers is on different subnet, then it is called inter-controller L3 roam.

In this situation as well controllers exchange mobility messages. Client database entry change is completely different that to L2 roam(instead of move, it will copy). In this situation the original controller marks the client entry as “Anchor” where as new controller marks the client entry as “Foreign“.The two controllers now referred to as “Anchor controller” & “Foreign Controller” respectively. Client will keep the original IP address & that is the real advantage.

Note: Inter-Controller (normally layer 2) roaming occurs when a client roam between two APs registered to two different controllers, where each controller has an interface in the client subnet.

Question 5

Question 6

Explanation

According to the Meraki webpage, radar and rogue AP are two sources of Wireless Interference.

Interference between different WLANs occurs when the access points within range of each other are set to the same RF channel.

Note: Microwave ovens (not conventional oven) emit damaging interfering signals at up to 25 feet or so from an operating oven. Some microwave ovens emit radio signals that occupy only a third of the 2.4-GHz band, whereas others occupy the entire band.

Reference: https://www.ciscopress.com/articles/article.asp?p=2351131&seqNum=2

So answer D is not a correct answer.

Question 7

Explanation

This paragraph was taken from the link https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html#c5:

“The next step is to configure the WLC for the Internal web authentication. Internal web authentication is the default web authentication type on WLCs.”

In step 4 of the link above, we will configure Security as described in this question. Therefore we can deduce this configuration is for Internal web authentication.

webauth_security_WLC.jpg

Question 8

Explanation

FlexConnect is a wireless solution for branch office and remote office deployments. It enables customers to configure and control access points in a branch or remote office from the corporate office through a wide area network (WAN) link without deploying a controller in each office.

The FlexConnect access points can switch client data traffic locally and perform client authentication locally when their connection to the controller is lost. When they are connected to the controller, they can also send traffic back to the controller. In the connected mode, the FlexConnect access point can also perform local authentication.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html

Question 9

Explanation

Deploying WPA2-Enterprise requires a RADIUS server, which handles the task of authenticating network users access. The actual authentication process is based on the 802.1X policy and comes in several different systems labelled EAP. Because each device is authenticated before it connects, a personal, encrypted tunnel is effectively created between the device and the network.

Reference: https://www.securew2.com/solutions/wpa2-enterprise-and-802-1x-simplified/

Question 10

Explanation

802.11r Fast Transition (FT) Roaming is an amendment to the 802.11 IEEE standards. It is a new concept for roaming. The initial handshake with the new AP occurs before client roams to the target AP. Therefor it is called Fast Transition. 802.11r provides two methods of roaming:

+ Over-the-air: With this type of roaming, the client communicates directly with the target AP using IEEE 802.11 authentication with the Fast Transition (FT) authentication algorithm.
+ Over-the-DS (distribution system): With this type of roaming, the client communicates with the target AP through the current AP. The communication between the client and the target AP is carried in FT action frames between the client and the current AP and is then sent through the controller.

But both of these methods do not deal with legacy clients.

The 802.11k allows 11k capable clients to request a neighbor report containing information about known neighbor APs that are candidates for roaming.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/80211r-ft/b-80211r-dg.html

IEEE 802.11v is an amendment to the IEEE 802.11 standard which describes numerous enhancements to wireless network management. One such enhancement is Network assisted Power Savings which helps clients to improve the battery life by enabling them to sleep longer. Another enhancement is Network assisted Roaming which enables the WLAN to send requests to associated clients, advising the clients as to better APs to associate to. This is useful for both load balancing and in directing poorly connected clients.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/802-11v.pdf

Cisco 802.11r supports three modes:
+ Pure mode: only allows 802.11r client to connect
+ Mixed mode: allows both clients that do and do not support FT to connect
+ Adaptive mode: does not advertise the FT AKM at all, but will use FT when supported clients connect

Therefore “Adaptive mode” is the best answer here.

Question 11

Explanation

Link aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller’s distribution system ports into a single 802.3ad port channel.

Restriction for Link aggregation:

+ LAG requires the EtherChannel to be configured for ‘mode on’ on both the controller and the Catalyst switch.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/configuration-guide/b_cg75/b_cg75_chapter_0100010.html

Question 12

Question 13

Explanation

Mobility Express is the ability to use an access point (AP) as a controller instead of a real WLAN controller. But this solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC. A Mobility Express WLC can support up to 100 APs. Mobility Express WLC also uses CAPWAP to communicate to other APs.

Note: Local mode is the most common mode that an AP operates in. This is also the default mode. In local mode, the LAP maintains a CAPWAP (or LWAPP) tunnel to its associated controller.

Question 14

Explanation

A Cisco lightweight wireless AP needs to be paired with a WLC to function.

An AP must be very diligent to discover any controllers that it can join—all without any preconfiguration on your part. To accomplish this feat, several methods of discovery are used. The goal of discovery is just to build a list of live candidate controllers that are available, using the following methods:
+ Prior knowledge of WLCs
+ DHCP and DNS information to suggest some controllers (DHCP Option 43)
+ Broadcast on the local subnet to solicit controllers

Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

If you do not tell the LAP where the controller is via DHCP option 43, DNS resolution of “Cisco-capwap-controller.local_domain”, or statically configure it, the LAP does not know where in the network to find the management interface of the controller.

In addition to these methods, the LAP does automatically look on the local subnet for controllers with a 255.255.255.255 local broadcast.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html

Question 15

Explanation

A patch antenna, in its simplest form, is just a single rectangular (or circular) conductive plate that is spaced above a ground plane. Patch antennas are attractive due to their low profile and ease of fabrication.

The azimuth and elevation plane patterns are derived by simply slicing through the 3D radiation pattern. In this case, the azimuth plane pattern is obtained by slicing through the x-z plane, and the elevation plane pattern is formed by slicing through the y-z plane. Note that there is one main lobe that is radiated out from the front of the antenna. There are three back lobes in the elevation plane (in this case), the strongest of which happens to be 180 degrees behind the peak of the main lobe, establishing the front-to-back ratio at about 14 dB. That is, the gain of the antenna 180 degrees behind the peak is 14 dB lower than the peak gain.

patch_atenna.jpg

Again, it doesn’t matter if these patterns are shown pointing up, down, to the left or to the right. That is usually an artifact of the measurement system. A patch antenna radiates its energy out from the front of the antenna. That will establish the true direction of the patterns.

Reference: https://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas-accessories/prod_white_paper0900aecd806a1a3e.html

Comments
  1. wireless
    April 26th, 2020

    Question 6

    What are two common sources of interference for WI-FI networks? (Choose two)
    A. radar
    B. LED lights
    C. rogue AP
    D. conventional oven
    E. fire alarm

    Answer: C D

    Conventional ovens don’t emit signals and thus do not interfere with wireless signals. Microwave ovens do, conventional dont. Radars on the other hand do emit signals.

    Answer should be A,D imo. Can someone confirm? Thanks

  2. Wireless
    April 26th, 2020

    Sorry: answer is A,C.

  3. GRE47
    May 4th, 2020

    @Wireless
    from the Meraki documentation : https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/Common_Sources_of_Wireless_Interference
    Radars and Fluorescent lights are mentioned (which are led lights if I’m not mistaken) and from Juniper documentation rogue APs cause interference.

    So which 2 answers are correct???

  4. Tac Enginner From Wireless(Cisco)
    May 13th, 2020

    The answer is A and C

  5. Alice in Wonderland
    May 30th, 2020

    Meraki documentation says: “fluorescent lights” not LED lights. They’re different. Fluorescent lights have thermionic emission that occurs in the lamp portion. This occurs as an arc passes through the mercury vapor present in the lamp. One side effect of this is the production of radio waves up to a few megahertz in frequency. Fluorescent bulbs contain inert gas within the glass casing while LEDs are a solid state technology.

  6. jlai
    May 31st, 2020

    @Digitaltut as per aussie you already confirmed this that the below is the answer. please check the answers its very confusing now. and please update it.

    Which two descriptions of FlexConnect mode for Cisco APs are true? (Choose two)
    A. APs that operate in FlexConnect mode cannot detect rogue APs
    B. FlexConnect mode is used when the APs are set up in a mesh environment and used to bridge between each other
    C. FlexConnect mode is a feature that is designed to allow specified CAPWAP-enabled APs to exclude themselves from managing data traffic between clients and infrastructure
    D. When connected to the controller, FlexConnect APs can tunnel traffic back to the controller
    E. FlexConnect mode is a wireless solution for branch office and remote office deployments

    Answer BE
    https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html
    For FlexConnect access points, the interface mapping at the controller for WLANs that is configured for FlexConnect local switching is inherited
    at the access point as the default VLAN tagging. This mapping can be changed per SSID and per FlexConnect access point. Non-FlexConnect access points tunnel
    all traffic back to the controller, and VLAN tagging is determined by each WLAN’s interface mapping.

  7. Someone
    May 31st, 2020

    Jlai B can’t be a right answer, for mesh environments, access points use bridge mode

    Answers are D and E

    D. When connected to the controller, FlexConnect APs can tunnel traffic back to the controller

    This is true, even having the access point in flex connect, if in the wlan you don’t have the local switching configured, they will send the data traffic back to the controller.

  8. chris7890
    June 3rd, 2020

    Q4

    Refer to the exhibit.

    The WLC administrator sees that the controller to which a roaming client associates has Mobility Role Anchor configured under Clients > Detail.

    Which type of roaming is supported?

    Is the right answer Layer 3 intercontroller or Layer 2 intercontroller? And why is that right?

  9. Rocket
    June 6th, 2020

    You are configuring a controller that runs Cisco IOS XE by using the CLI. Which three configuration
    options are used for 802.11w Protected Management Frames? (Choose three.)
    A. mandatory
    B. association-comeback
    C. SA teardown protection
    D. saquery-retry-time
    E. enable
    F. comeback-time

  10. Rocket
    June 6th, 2020

    Refer to the exhibit. An engineer is designing a guest portal on Cisco ISE using the default configuration.
    During the testing phase, the engineer receives a warning when displaying the guest portal.(YOUR CONNECTION IS NOT PRIVATE WARNING ) Which issue is
    occurring?
    A. The server that is providing the portal has an expired certificate
    B. The server that is providing the portal has a self-signed certificate
    C. The connection is using an unsupported protocol
    D. The connection is using an unsupported browser

  11. Rocket
    June 6th, 2020

    Refer to the exhibit. Which level message does the WLC send to the syslog server?
    A. syslog level errors and less severity messages
    B. syslog level errors messages
    C. all syslog levels messages
    D. syslog level errors and greater severity messages

    SYSLOG LEVEL : ERRORS

  12. Rocket
    June 6th, 2020

    Refer to the exhibit.
    A wireless client is connecting to FlexAP1 which is currently working standalone mode. The AAA
    authentication process is returning the following AVPs:
    Tunnel-Private-Group-Id(81): 15
    Tunnel-Medium-Type(65): IEEE-802(6)
    Tunnel-Type(64): VLAN(13)
    Which three behaviors will the client experience? (Choose three.)
    A. While the AP is in standalone mode, the client will be placed in VLAN 15.
    B. While the AP is in standalone mode, the client will be placed in VLAN 10.
    C. When the AP transitions to connected mode, the client will be de-authenticated.
    D. While the AP is in standalone mode, the client will be placed in VLAN 13.
    E. When the AP is in connected mode, the client will be placed in VLAN 13.
    F. When the AP transitions to connected mode, the client will remain associated.
    G. When the AP is in connected mode, the client will be placed in VLAN 15.
    H. When the AP is in connected mode, the client will be placed in VLAN 10.

  13. chris7890
    June 7th, 2020

    @Rocket What kind of questions are these? Are the questions valid?

  14. Rocket
    June 8th, 2020

    @CHRIS 7890 yes , they are new . But i got only 10 new questions beside the legacy question already attached here. But the questions are only a bonus. I`m studying from January , read the book , did the official labs , saw INE videos , whatced ITproTV videos , read some Design guides for SD-wan and SD-ACCESS. And i have deployed WLC`s in my network so i hope that i will manage to pass.

  15. chris7890
    June 8th, 2020

    @Rocket What does bonus mean, bonus which you have posted for you or bonus to ask which are available in the certificate

  16. Rocket
    June 8th, 2020

    Bonus means that the knowledge after you study is yours and the certification is their’s.

  17. anonymus
    June 8th, 2020

    @Rocket so you can say there are no valid 350-401 questions? But for our study it nice to have?

  18. Rocket
    June 8th, 2020

    Something like that. I have my exam in the near future. I will how it goes.

  19. tri
    June 19th, 2020

    Rocket
    was anwer D. syslog level errors and greater severity messages ?

  20. tri
    June 20th, 2020

    Chapter: 802.11w Protected Management Frames

    CLI Configuration for Protected Management Frames

    security pmf [ association-comeback
    association-comeback-time-in-seconds | mandatory | optional |
    saquery saquery-time-interval-milliseconds ]

    Rocket

    was answer A,B D ?

  21. hja031
    June 20th, 2020

    Rocket regarding :
    A wireless client is connecting to FlexAP1 which is currently working standalone mode. The AAA
    authentication process is returning the following AVPs:
    Tunnel-Private-Group-Id(81): 15
    Tunnel-Medium-Type(65): IEEE-802(6)
    Tunnel-Type(64): VLAN(13)
    Which three behaviors will the client experience? (Choose three.)
    A. While the AP is in standalone mode, the client will be placed in VLAN 15.
    B. While the AP is in standalone mode, the client will be placed in VLAN 10.
    C. When the AP transitions to connected mode, the client will be de-authenticated.
    D. While the AP is in standalone mode, the client will be placed in VLAN 13.
    E. When the AP is in connected mode, the client will be placed in VLAN 13.
    F. When the AP transitions to connected mode, the client will remain associated.
    G. When the AP is in connected mode, the client will be placed in VLAN 15.
    H. When the AP is in connected mode, the client will be placed in VLAN 10.

    the answer is ADE

  22. DMX
    June 25th, 2020

    Which two pieces of information are necessary to compute SNR? (Choose two)
    A. EIRP
    B. noise floor
    C. antenna gain
    D. RSSI
    E. transmit power

    Answer: B D

    Answer should be B,E. What do you think?

  23. Pogy
    June 25th, 2020

    @DMX the Answer is RSSI and noise floor.
    to calculate SNR , the Signal and noise power values should be required not the transmitting power. Transmitting power and antenna gain do affect it but it seems here that Cisco looks for the Answer of : B , D

  24. GZ
    July 5th, 2020

    Refer to the exhibit. Which level message does the WLC send to the syslog server?
    A. syslog level errors and less severity messages
    B. syslog level errors messages
    C. all syslog levels messages
    D. syslog level errors and greater severity messages

    SYSLOG LEVEL : ERRORS

    Answer A:

    Explanations:
    If you set a syslog level, only those messages whose severity is equal to or less than that level are sent to the syslog servers. For example, if you set the syslog level to Errors (severity level 3), only those messages whose severity is between 0 and 3 are sent to the syslog servers.
    https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_0110100.html

  1. No trackbacks yet.