Home > Wireless Questions

Wireless Questions

January 30th, 2021 Go to comments

Quick Wireless Summary
Cisco Access Points (APs) can operate in one of two modes: autonomous or lightweight
+ Autonomous: self-sufficient and standalone. Used for small wireless networks.
+ Lightweight: A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function. LAP and WLC communicate with each other via a logical pair of CAPWAP tunnels.

Control and Provisioning for Wireless Access Point (CAPWAP) is an IETF standard for control messaging for setup, authentication and operations between APs and WLCs. CAPWAP is similar to LWAPP except the following differences:

+ CAPWAP uses Datagram Transport Layer Security (DTLS) for authentication and encryption to protect traffic between APs and controllers. LWAPP uses AES.
+ CAPWAP has a dynamic maximum transmission unit (MTU) discovery mechanism.
+ CAPWAP runs on UDP ports 5246 (control messages) and 5247 (data messages)

An LAP operates in one of six different modes:
+ Local mode (default mode): measures noise floor and interference, and scans for intrusion detection (IDS) events every 180 seconds on unused channels
+ FlexConnect, formerly known as Hybrid Remote Edge AP (H-REAP), mode: allows data traffic to be switched locally and not go back to the controller. The FlexConnect AP can perform standalone client authentication and switch VLAN traffic locally even when it’s disconnected to the WLC (Local Switched). FlexConnect AP can also tunnel (via CAPWAP) both user wireless data and control traffic to a centralized WLC (Central Switched).
+ Monitor mode: does not handle data traffic between clients and the infrastructure. It acts like a sensor for location-based services (LBS), rogue AP detection, and IDS
+ Rogue detector mode: monitor for rogue APs. It does not handle data at all.
+ Sniffer mode: run as a sniffer and captures and forwards all the packets on a particular channel to a remote machine where you can use protocol analysis tool (Wireshark, Airopeek, etc) to review the packets and diagnose issues. Strictly used for troubleshooting purposes.
+ Bridge mode: bridge together the WLAN and the wired infrastructure together.
+ Sensor mode: this is a special mode which is not listed in the books but you need to know. In this mode, the device can actually function much like a WLAN client would associating and identifying client connectivity issues within the network in real time without requiring an IT or technician to be on site.

Mobility Express is the ability to use an access point (AP) as a controller instead of a real WLAN controller. But this solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC. A Mobility Express WLC can support up to 100 APs.

The 2.4 GHz band is subdivided into multiple channels each allotted 22 MHz bandwidth and separated from the next channel by 5 MHz.
-> A best practice for 802.11b/g/n WLANs requiring multiple APs is to use non-overlapping channels such as 1, 6, and 11.

wireless_2_4_GHz_band.png

Antenna

An antenna is a device to transmit and/or receive electromagnetic waves. Electromagnetic waves are often referred to as radio waves. Most antennas are resonant devices, which operate efficiently over a relatively narrow frequency band. An antenna must be tuned (matched) to the same frequency band as the radio system to which it is connected otherwise reception and/or transmission will be impaired.

Types of external antennas:
+ Omnidirectional: Provide 360-degree coverage. Ideal in houses and office areas. This type of antenna is used when coverage in all directions from the antenna is required.

ominidirectionl_antenna_direction.jpg

Omnidirectional Antenna Radiation Pattern

+ Directional: Focus the radio signal in a specific direction. Typically, these antennas have one main lobe and several minor lobes. Examples are the Yagi and parabolic dish

Yagi_radiation_pattern.jpgYagi Antenna Radiation Pattern

+ Multiple Input Multiple Output (MIMO) – Uses multiple antennas (up to eight) to increase bandwidth

Wireless Terminologies

Decibels

Decibels (dB) are the accepted method of describing a gain or loss relationship in a communication system. If a level is stated in decibels, then it is comparing a current signal level to a previous level or preset standard level. The beauty of dB is they may be added and subtracted. A decibel relationship (for power) is calculated using the following formula:

dB_formula.jpg

“A” might be the power applied to the connector on an antenna, the input terminal of an amplifier or one end of a transmission line. “B” might be the power arriving at the opposite end of the transmission line, the amplifier output or the peak power in the main lobe of radiated energy from an antenna. If “A” is larger than “B”, the result will be a positive number or gain. If “A” is smaller than “B”, the result will be a negative number or loss.

You will notice that the “B” is capitalized in dB. This is because it refers to the last name of Alexander Graham Bell.

Note:

+ dBi is a measure of the increase in signal (gain) by your antenna compared to the hypothetical isotropic antenna (which uniformly distributes energy in all directions) -> It is a ratio. The greater the dBi value, the higher the gain and the more acute the angle of coverage.

+To divide one number by another, simply subtract their equivalent decibel values. For example, to find 100 divided by 10:

100÷10 = log100 – log10= 20dB – 10dB = 10dB = 10

+ dBm is a measure of signal power. It is the the power ratio in decibel (dB) of the measured power referenced to one milliwatt (mW). The “m” stands for “milliwatt”.

Example:

At 1700 MHz, 1/4 of the power applied to one end of a coax cable arrives at the other end. What is the cable loss in dB?

Solution:

dB_example.jpg

=> Loss = 10 * (- 0.602) = – 6.02 dB

From the formula above we can calculate at 3 dB the power is reduced by half. Loss =  10 * log (1/2) = -3 dB; this is an important number to remember.

Beamwidth

The angle, in degrees, between the two half-power points (-3 dB) of an antenna beam, where more than 90% of the energy is radiated.

beamwidth.jpg

A radiation pattern defines the variation of the power radiated by an antenna as a function of the direction away from the antenna.

Polarization describes the way the electric field of the radio wave is oriented.

Antenna gain is the ability of the antenna to radiate more or less in any direction compared to a theoretical antenna.

OFDM

OFDM was proposed in the late 1960s, and in 1970, US patent was issued. OFDM encodes a single transmission into
multiple sub-carriers. All the slow subchannel are then multiplexed into one fast combined channel.

The trouble with traditional FDM is that the guard bands waste bandwidth and thus reduce capacity. OFDM selects channels that overlap but do not interfere with each other.

FDM_OFDM.gif

OFDM works because the frequencies of the subcarriers are selected so that at each subcarrier frequency, all other subcarriers do not contribute to overall waveform.

In this example, three subcarriers are overlapped but do not interfere with each other. Notice that only the peaks of each subcarrier carry data. At the peak of each of the subcarriers, the other two subcarriers have zero amplitude.

OFDM.jpg

Basic Service Set (BSS)

A group of stations that share an access point are said to be part of one BSS.

Extended Service Set (ESS)

Some WLANs are large enough to require multiple access points. A group of access points connected to the same WLAN are known as an ESS. Within an ESS, a client can associate with any one of many access points that use the same Extended service set identifier (ESSID). That allows users to roam about an office without losing wireless connection.

Roaming

Roaming is the movement of a client from one AP to another while still transmitting. Roaming can be done across different mobility groups, but must remain inside the same mobility domain. The wireless client makes decisions on whether to change APs or remain connected to the current AP. There are 2 types of roaming:

A client roaming from AP1 to AP2. These two APs are in the same mobility group and mobility domain

Roaming_Same_Mobile_Group.jpg

Roaming in the same Mobility Group

A client roaming from AP1 to AP2. These two APs are in different mobility groups but in the same mobility domain

Roaming_Different_Mobile_Group.jpg

Roaming in different Mobility Groups (but still in the same Mobility Domain)

Wireless Parameters

Noise

There is radio frequency (RF) everywhere, from human activity, earth heat, space… The amount of unwanted RF is called noise.

Effective Isotropic Radiated Power (EIRP)

EIRP tells you what is the actual transmit power of the antenna. EIRP is a very important parameter because it is regulated by governmental agencies in most countries. In those cases, a system cannot radiate signals higher than a maximum allowable EIRP. To find the EIRP of a system, simply add the transmitter power level to the antenna gain and subtract the cable loss.

EIRP_wireless.jpg

EIRP = Tx Power – Tx Cable + Tx Antenna

Suppose a transmitter is configured for a power level of 10 dBm. A cable with 5-dB loss connects the transmitter to an antenna with an 8-dBi gain. The resulting EIRP of the system is EIRP = 10 dBm – 5 dB + 8 dBi = 13 dBm.

You might notice that the EIRP is made up of decibel-milliwatt (dBm), dB relative to an isotropic antenna (dBi), and decibel (dB) values. Even though the units appear to be different, you can safely combine them because they are all in the dB “domain”.

Receive Signal Strength Indicator (RSSI)

RSSI is a measurement of how well your device can hear a signal from an access point or router (useful signal). It’s a value that is useful for determining if you have enough signal to get a good wireless connection.

Signal-to-noise ratio (SNR or S/N)

SNR is the ratio of received signal power (at wireless client) to the noise power, and its unit of expression is typically decibels (dB). If your signal power and noise power are already in decibel form, then you can subtract the noise power from the signal power: SNR = S – N. This is because when you subtract logarithms, it is the equivalent of dividing normal numbers. Also, the difference in the numbers equals the SNR.For example, if the noise floor is -80 dBm and the wireless client is receiving a signal of -65 dBm SNR = -65 – (-80) = 15.

RSSI_SNR.jpg

Or we can find SNR from RSSI with this formula: SNR = RSSI – N, with N is the noise power.

A practical example to calculate SNR

Here is an example to tie together this information to come up with a very simple RF plan calculator for a single AP and a single client.
+ Access Point Power = 20 dBm
+ 50 foot antenna cable = – 3.35 dB Loss
+ External Access Point Antenna = + 5.5 dBi gain
+ Signal attenuation due to glass wall with metal frame = -6 dB
+ RSSI at WLAN Client = -75 dBm at 100ft from the AP
+ Noise level detected by WLAN Client = -85 dBm at 100ft from the AP

Based on the above, we can calculate the following information:
+ EIRP of the AP at source = 20 – 3.35 + 5.5 = 22.15 dBm
+ Transmit power as signal passes through glass wall = 22.15 – 6 = 16.15 dBm
+ SNR at Client = -75 + -85 = 10 dBm (difference between Signal and Noise)

Wifi 6 (802.11ax)

Wifi 6 is an IEEE standard for wireless local-area networks (WLANs) and the successor of 802.11ac. Wi-Fi 6 brings several crucial wireless enhancements for IT administrators when compared to Wi-Fi 5. The first significant change is using 2.4 GHz. Wi-Fi 5 was limited to only using 5 GHz. While 5 GHz is a ‘cleaner’ band of RF, it doesn’t penetrate walls and 2.4 GHz and requires more battery life. For Wi-Fi driven IoT devices, 2.4 GHz will likely continue to be the band of choice for the foreseeable future.

Another critical difference between the two standards is the use of Orthogonal Frequency Division Multiple Access (OFDMA) and MU-MIMO. Wi-Fi 5 was limited to downlink only on MU-MIMO, where Wi-Fi 6 includes downlink and uplink. OFDMA, as referenced above, is also only available in Wi-Fi 6.

Question 1

Explanation

The Lightweight AP (LAP) can discover controllers through your domain name server (DNS). For the access point (AP) to do so, you must configure your DNS to return controller IP addresses in response to CISCO-LWAPP-CONTROLLER.localdomain, where localdomain is the AP domain name. When an AP receives an IP address and DNS information from a DHCP server, it contacts the DNS to resolve CISCO-CAPWAP-CONTROLLER.localdomain. When the DNS sends a list of controller IP addresses, the AP sends discovery requests to the controllers.

The AP will attempt to resolve the DNS name CISCO-CAPWAP-CONTROLLER.localdomain. When the AP is able to resolve this name to one or more IP addresses, the AP sends a unicast CAPWAP Discovery Message to the resolved IP address(es). Each WLC that receives the CAPWAP Discovery Request Message replies with a unicast CAPWAP Discovery Response to the AP.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/107606-dns-wlc-config.html

Question 2

Explanation

Signal to Noise Ratio (SNR) is defined as the ratio of the transmitted power from the AP to the ambient (noise floor) energy present. To calculate the SNR value, we add the Signal Value to the Noise Value to get the SNR ratio. A positive value of the SNR ratio is always better.

Here is an example to tie together this information to come up with a very simple RF plan calculator for a single AP and a single client.
+ Access Point Power = 20 dBm
+ 50 foot antenna cable = – 3.35 dB Loss
+ Signal attenuation due to glass wall with metal frame = -6 dB
+ External Access Point Antenna = + 5.5 dBi gain
+ RSSI at WLAN Client = -75 dBm at 100ft from the AP
+ Noise level detected by WLAN Client = -85 dBm at 100ft from the AP

Based on the above, we can calculate the following information.
+ EIRP of the AP at source = 20 – 3.35 + 5.5 = 22.15 dBm
+ Transmit power as signal passes through glass wall = 22.15 – 6 = 16.15 dBm
+ SNR at Client = -75 + -85 = 10 dBm (difference between Signal and Noise)

Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/CMX/CMX_RFFund.html

Receive Signal Strength Indicator (RSSI) is a measurement of how well your device can hear a signal from an access point or router. It’s a value that is useful for determining if you have enough signal to get a good wireless connection.

EIRP tells you what’s the actual transmit power of the antenna in milliwatts.

dBm is an abbreviation for “decibels relative to one milliwatt,” where one milliwatt (1 mW) equals 1/1000 of a watt. It follows the same scale as dB. Therefore 0 dBm = 1 mW, 30 dBm = 1 W, and -20 dBm = 0.01 mW

Question 3

Explanation

The EAP-FAST protocol is a publicly accessible IEEE 802.1X EAP type that Cisco developed to support customers that cannot enforce a strong password policy and want to deploy an 802.1X EAP type that does not require digital certificates.

EAP-FAST is also designed for simplicity of deployment since it does not require a certificate on the wireless LAN client or on the RADIUS infrastructure yet incorporates a built-in provisioning mechanism.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-fixed/72788-CSSC-Deployment-Guide.html

Question 4

Explanation

If the clients roam between APs registered to different controllers and the client WLAN on the two controllers is on different subnet, then it is called inter-controller L3 roam.

In this situation as well controllers exchange mobility messages. Client database entry change is completely different that to L2 roam(instead of move, it will copy). In this situation the original controller marks the client entry as “Anchor” where as new controller marks the client entry as “Foreign“.The two controllers now referred to as “Anchor controller” & “Foreign Controller” respectively. Client will keep the original IP address & that is the real advantage.

Note: Inter-Controller (normally layer 2) roaming occurs when a client roam between two APs registered to two different controllers, where each controller has an interface in the client subnet.

Question 5

Question 6

Explanation

According to the Meraki webpage, radar and rogue AP are two sources of Wireless Interference.

Interference between different WLANs occurs when the access points within range of each other are set to the same RF channel.

Note: Microwave ovens (not conventional oven) emit damaging interfering signals at up to 25 feet or so from an operating oven. Some microwave ovens emit radio signals that occupy only a third of the 2.4-GHz band, whereas others occupy the entire band.

Reference: https://www.ciscopress.com/articles/article.asp?p=2351131&seqNum=2

So answer D is not a correct answer.

Question 7

Explanation

This paragraph was taken from the link https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html#c5:

“The next step is to configure the WLC for the Internal web authentication. Internal web authentication is the default web authentication type on WLCs.”

In step 4 of the link above, we will configure Security as described in this question. Therefore we can deduce this configuration is for Internal web authentication.

webauth_security_WLC.jpg

Question 8

Explanation

FlexConnect is a wireless solution for branch office and remote office deployments. It enables customers to configure and control access points in a branch or remote office from the corporate office through a wide area network (WAN) link without deploying a controller in each office.

The FlexConnect access points can switch client data traffic locally and perform client authentication locally when their connection to the controller is lost. When they are connected to the controller, they can also send traffic back to the controller. In the connected mode, the FlexConnect access point can also perform local authentication.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html

Question 9

Explanation

Deploying WPA2-Enterprise requires a RADIUS server, which handles the task of authenticating network users access. The actual authentication process is based on the 802.1X policy and comes in several different systems labelled EAP. Because each device is authenticated before it connects, a personal, encrypted tunnel is effectively created between the device and the network.

Reference: https://www.securew2.com/solutions/wpa2-enterprise-and-802-1x-simplified/

Question 10

Explanation

802.11r Fast Transition (FT) Roaming is an amendment to the 802.11 IEEE standards. It is a new concept for roaming. The initial handshake with the new AP occurs before client roams to the target AP. Therefor it is called Fast Transition. 802.11r provides two methods of roaming:

+ Over-the-air: With this type of roaming, the client communicates directly with the target AP using IEEE 802.11 authentication with the Fast Transition (FT) authentication algorithm.
+ Over-the-DS (distribution system): With this type of roaming, the client communicates with the target AP through the current AP. The communication between the client and the target AP is carried in FT action frames between the client and the current AP and is then sent through the controller.

But both of these methods do not deal with legacy clients.

The 802.11k allows 11k capable clients to request a neighbor report containing information about known neighbor APs that are candidates for roaming.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/80211r-ft/b-80211r-dg.html

IEEE 802.11v is an amendment to the IEEE 802.11 standard which describes numerous enhancements to wireless network management. One such enhancement is Network assisted Power Savings which helps clients to improve the battery life by enabling them to sleep longer. Another enhancement is Network assisted Roaming which enables the WLAN to send requests to associated clients, advising the clients as to better APs to associate to. This is useful for both load balancing and in directing poorly connected clients.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/802-11v.pdf

Cisco 802.11r supports three modes:
+ Pure mode: only allows 802.11r client to connect
+ Mixed mode: allows both clients that do and do not support FT to connect
+ Adaptive mode: does not advertise the FT AKM at all, but will use FT when supported clients connect

Therefore “Adaptive mode” is the best answer here.

Question 11

Explanation

Link aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller’s distribution system ports into a single 802.3ad port channel.

Restriction for Link aggregation:

+ LAG requires the EtherChannel to be configured for ‘mode on’ on both the controller and the Catalyst switch.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/configuration-guide/b_cg75/b_cg75_chapter_0100010.html

Question 12

Question 13

Explanation

Mobility Express is the ability to use an access point (AP) as a controller instead of a real WLAN controller. But this solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC. A Mobility Express WLC can support up to 100 APs. Mobility Express WLC also uses CAPWAP to communicate to other APs.

Note: Local mode is the most common mode that an AP operates in. This is also the default mode. In local mode, the LAP maintains a CAPWAP (or LWAPP) tunnel to its associated controller.

Question 14

Explanation

A Cisco lightweight wireless AP needs to be paired with a WLC to function.

An AP must be very diligent to discover any controllers that it can join—all without any preconfiguration on your part. To accomplish this feat, several methods of discovery are used. The goal of discovery is just to build a list of live candidate controllers that are available, using the following methods:
+ Prior knowledge of WLCs
+ DHCP and DNS information to suggest some controllers (DHCP Option 43)
+ Broadcast on the local subnet to solicit controllers

Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

If you do not tell the LAP where the controller is via DHCP option 43, DNS resolution of “Cisco-capwap-controller.local_domain”, or statically configure it, the LAP does not know where in the network to find the management interface of the controller.

In addition to these methods, the LAP does automatically look on the local subnet for controllers with a 255.255.255.255 local broadcast.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html

Question 15

Explanation

A patch antenna, in its simplest form, is just a single rectangular (or circular) conductive plate that is spaced above a ground plane. Patch antennas are attractive due to their low profile and ease of fabrication.

The azimuth and elevation plane patterns are derived by simply slicing through the 3D radiation pattern. In this case, the azimuth plane pattern is obtained by slicing through the x-z plane, and the elevation plane pattern is formed by slicing through the y-z plane. Note that there is one main lobe that is radiated out from the front of the antenna. There are three back lobes in the elevation plane (in this case), the strongest of which happens to be 180 degrees behind the peak of the main lobe, establishing the front-to-back ratio at about 14 dB. That is, the gain of the antenna 180 degrees behind the peak is 14 dB lower than the peak gain.

patch_atenna.jpg

Again, it doesn’t matter if these patterns are shown pointing up, down, to the left or to the right. That is usually an artifact of the measurement system. A patch antenna radiates its energy out from the front of the antenna. That will establish the true direction of the patterns.

Reference: https://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas-accessories/prod_white_paper0900aecd806a1a3e.html

Comments
  1. wireless
    April 26th, 2020

    Question 6

    What are two common sources of interference for WI-FI networks? (Choose two)
    A. radar
    B. LED lights
    C. rogue AP
    D. conventional oven
    E. fire alarm

    Answer: C D

    Conventional ovens don’t emit signals and thus do not interfere with wireless signals. Microwave ovens do, conventional dont. Radars on the other hand do emit signals.

    Answer should be A,D imo. Can someone confirm? Thanks

  2. Wireless
    April 26th, 2020

    Sorry: answer is A,C.

  3. GRE47
    May 4th, 2020

    @Wireless
    from the Meraki documentation : https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/Common_Sources_of_Wireless_Interference
    Radars and Fluorescent lights are mentioned (which are led lights if I’m not mistaken) and from Juniper documentation rogue APs cause interference.

    So which 2 answers are correct???

  4. Tac Enginner From Wireless(Cisco)
    May 13th, 2020

    The answer is A and C

  5. Alice in Wonderland
    May 30th, 2020

    Meraki documentation says: “fluorescent lights” not LED lights. They’re different. Fluorescent lights have thermionic emission that occurs in the lamp portion. This occurs as an arc passes through the mercury vapor present in the lamp. One side effect of this is the production of radio waves up to a few megahertz in frequency. Fluorescent bulbs contain inert gas within the glass casing while LEDs are a solid state technology.

  6. jlai
    May 31st, 2020

    @Digitaltut as per aussie you already confirmed this that the below is the answer. please check the answers its very confusing now. and please update it.

    Which two descriptions of FlexConnect mode for Cisco APs are true? (Choose two)
    A. APs that operate in FlexConnect mode cannot detect rogue APs
    B. FlexConnect mode is used when the APs are set up in a mesh environment and used to bridge between each other
    C. FlexConnect mode is a feature that is designed to allow specified CAPWAP-enabled APs to exclude themselves from managing data traffic between clients and infrastructure
    D. When connected to the controller, FlexConnect APs can tunnel traffic back to the controller
    E. FlexConnect mode is a wireless solution for branch office and remote office deployments

    Answer BE
    https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html
    For FlexConnect access points, the interface mapping at the controller for WLANs that is configured for FlexConnect local switching is inherited
    at the access point as the default VLAN tagging. This mapping can be changed per SSID and per FlexConnect access point. Non-FlexConnect access points tunnel
    all traffic back to the controller, and VLAN tagging is determined by each WLAN’s interface mapping.

  7. Someone
    May 31st, 2020

    Jlai B can’t be a right answer, for mesh environments, access points use bridge mode

    Answers are D and E

    D. When connected to the controller, FlexConnect APs can tunnel traffic back to the controller

    This is true, even having the access point in flex connect, if in the wlan you don’t have the local switching configured, they will send the data traffic back to the controller.

  8. chris7890
    June 3rd, 2020

    Q4

    Refer to the exhibit.

    The WLC administrator sees that the controller to which a roaming client associates has Mobility Role Anchor configured under Clients > Detail.

    Which type of roaming is supported?

    Is the right answer Layer 3 intercontroller or Layer 2 intercontroller? And why is that right?

  9. Rocket
    June 6th, 2020

    You are configuring a controller that runs Cisco IOS XE by using the CLI. Which three configuration
    options are used for 802.11w Protected Management Frames? (Choose three.)
    A. mandatory
    B. association-comeback
    C. SA teardown protection
    D. saquery-retry-time
    E. enable
    F. comeback-time

  10. Rocket
    June 6th, 2020

    Refer to the exhibit. An engineer is designing a guest portal on Cisco ISE using the default configuration.
    During the testing phase, the engineer receives a warning when displaying the guest portal.(YOUR CONNECTION IS NOT PRIVATE WARNING ) Which issue is
    occurring?
    A. The server that is providing the portal has an expired certificate
    B. The server that is providing the portal has a self-signed certificate
    C. The connection is using an unsupported protocol
    D. The connection is using an unsupported browser

  11. Rocket
    June 6th, 2020

    Refer to the exhibit. Which level message does the WLC send to the syslog server?
    A. syslog level errors and less severity messages
    B. syslog level errors messages
    C. all syslog levels messages
    D. syslog level errors and greater severity messages

    SYSLOG LEVEL : ERRORS

  12. Rocket
    June 6th, 2020

    Refer to the exhibit.
    A wireless client is connecting to FlexAP1 which is currently working standalone mode. The AAA
    authentication process is returning the following AVPs:
    Tunnel-Private-Group-Id(81): 15
    Tunnel-Medium-Type(65): IEEE-802(6)
    Tunnel-Type(64): VLAN(13)
    Which three behaviors will the client experience? (Choose three.)
    A. While the AP is in standalone mode, the client will be placed in VLAN 15.
    B. While the AP is in standalone mode, the client will be placed in VLAN 10.
    C. When the AP transitions to connected mode, the client will be de-authenticated.
    D. While the AP is in standalone mode, the client will be placed in VLAN 13.
    E. When the AP is in connected mode, the client will be placed in VLAN 13.
    F. When the AP transitions to connected mode, the client will remain associated.
    G. When the AP is in connected mode, the client will be placed in VLAN 15.
    H. When the AP is in connected mode, the client will be placed in VLAN 10.

  13. chris7890
    June 7th, 2020

    @Rocket What kind of questions are these? Are the questions valid?

  14. Rocket
    June 8th, 2020

    @CHRIS 7890 yes , they are new . But i got only 10 new questions beside the legacy question already attached here. But the questions are only a bonus. I`m studying from January , read the book , did the official labs , saw INE videos , whatced ITproTV videos , read some Design guides for SD-wan and SD-ACCESS. And i have deployed WLC`s in my network so i hope that i will manage to pass.

  15. chris7890
    June 8th, 2020

    @Rocket What does bonus mean, bonus which you have posted for you or bonus to ask which are available in the certificate

  16. Rocket
    June 8th, 2020

    Bonus means that the knowledge after you study is yours and the certification is their’s.

  17. anonymus
    June 8th, 2020

    @Rocket so you can say there are no valid 350-401 questions? But for our study it nice to have?

  18. Rocket
    June 8th, 2020

    Something like that. I have my exam in the near future. I will how it goes.

  19. tri
    June 19th, 2020

    Rocket
    was anwer D. syslog level errors and greater severity messages ?

  20. tri
    June 20th, 2020

    Chapter: 802.11w Protected Management Frames

    CLI Configuration for Protected Management Frames

    security pmf [ association-comeback
    association-comeback-time-in-seconds | mandatory | optional |
    saquery saquery-time-interval-milliseconds ]

    Rocket

    was answer A,B D ?

  21. hja031
    June 20th, 2020

    Rocket regarding :
    A wireless client is connecting to FlexAP1 which is currently working standalone mode. The AAA
    authentication process is returning the following AVPs:
    Tunnel-Private-Group-Id(81): 15
    Tunnel-Medium-Type(65): IEEE-802(6)
    Tunnel-Type(64): VLAN(13)
    Which three behaviors will the client experience? (Choose three.)
    A. While the AP is in standalone mode, the client will be placed in VLAN 15.
    B. While the AP is in standalone mode, the client will be placed in VLAN 10.
    C. When the AP transitions to connected mode, the client will be de-authenticated.
    D. While the AP is in standalone mode, the client will be placed in VLAN 13.
    E. When the AP is in connected mode, the client will be placed in VLAN 13.
    F. When the AP transitions to connected mode, the client will remain associated.
    G. When the AP is in connected mode, the client will be placed in VLAN 15.
    H. When the AP is in connected mode, the client will be placed in VLAN 10.

    the answer is ADE

  22. DMX
    June 25th, 2020

    Which two pieces of information are necessary to compute SNR? (Choose two)
    A. EIRP
    B. noise floor
    C. antenna gain
    D. RSSI
    E. transmit power

    Answer: B D

    Answer should be B,E. What do you think?

  23. Pogy
    June 25th, 2020

    @DMX the Answer is RSSI and noise floor.
    to calculate SNR , the Signal and noise power values should be required not the transmitting power. Transmitting power and antenna gain do affect it but it seems here that Cisco looks for the Answer of : B , D

  24. GZ
    July 5th, 2020

    Refer to the exhibit. Which level message does the WLC send to the syslog server?
    A. syslog level errors and less severity messages
    B. syslog level errors messages
    C. all syslog levels messages
    D. syslog level errors and greater severity messages

    SYSLOG LEVEL : ERRORS

    Answer A:

    Explanations:
    If you set a syslog level, only those messages whose severity is equal to or less than that level are sent to the syslog servers. For example, if you set the syslog level to Errors (severity level 3), only those messages whose severity is between 0 and 3 are sent to the syslog servers.
    https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_0110100.html

  25. Voyager
    October 17th, 2020

    1) Tunnel-Private-Group-Id(81): 15 -> this is the Vlan you got from radius
    https://tools.ietf.org/html/rfc2868
    Type 81 for Tunnel-Private-Group-ID

    2)Tunnel-Medium-Type(65): IEEE-802(6) -> this is nothing except telling it’s 802.1Q
    https://www.iana.org/assignments/radius-types/radius-types.xhtml#radius-types-15
    6 802 (includes all 802 media plus Ethernet “canonical format”) [RFC2868]

    3) Tunnel-Type(64): VLAN(13) -> this is nothing except telling it’s a vlan
    https://www.iana.org/assignments/radius-types/radius-types.xhtml#radius-types-14
    Values for RADIUS Attribute 64, Tunnel-Type
    13 Virtual LANs (VLAN) [RFC3580]

    So we have only 1 vlan, the 15
    SO, A & G minimum
    + in local mode, when transitioning, it should remain connected.

    Final answer : AFG

  26. Red October
    December 28th, 2020

    @Rocket @hja031 @Voyager

    Answer is BCG

    Please see below:

    Traffic flow on WLANs configured for Local Switching when Flex APs are in Connected Mode:

    ■If the VLAN is returned as one of the AAA attributes and that VLAN is not present in the Flex AP database, traffic will switch centrally and the client will be assigned this VLAN/Interface returned from the AAA server provided that the VLAN exists on the WLC.

    ■If the VLAN is returned as one of the AAA attributes and that VLAN is not present in the Flex AP database, traffic will switch centrally. If that VLAN is also not present on the WLC, the client will be assigned a VLAN/Interface mapped to a WLAN on the WLC.

    ■If the VLAN is returned as one of the AAA attributes and that VLAN is present in the FlexConnect AP database, traffic will switch locally.

    ■If the VLAN is not returned from the AAA server, the client will be assigned a WLAN mapped VLAN on that FlexConnect AP and traffic will switch locally.

    Traffic flow on WLANs configured for Local Switching when Flex APs are in Standalone Mode:

    ■If the VLAN returned by an AAA server is not present in the Flex AP database, the client will be put to default VLAN (that is, a WLAN mapped VLAN on Flex AP). When the AP connects back, this client will be de-authenticated and will switch traffic centrally.

    ■If the VLAN returned by an AAA server is present in the Flex AP database, the client will be put into a returned VLAN and traffic will switch locally.

    ■If the VLAN is not returned from an AAA server, the client will be assigned a WLAN mapped VLAN on that FlexConnect AP and traffic will switch locally.

  27. Jo
    January 18th, 2021

    What is used to measure the total output energy of a Wi-Fi device?
    A. dBi
    B. EIRP
    C. mW
    D. dBm

  28. Kronika
    February 23rd, 2021

    Hi @Jo, the answer is C

  29. Marwan.S
    February 23rd, 2021

    After a redundant route processor failure occurs on a Layer 3 device, which mechanism allows for packets to be forwarded from a neighboring router based on the most recent tables?
    A. RPVST+
    B. RP failover
    C. BFD
    D. NSF

    Answer: D

  30. Marwan.S
    February 23rd, 2021

    Which unit measures the power of a radio signal with reference to 1 milliwatt?
    A. dBw
    B. dBi
    C. mW
    D. dBm

    Answer: D
    Explanation
    dBm is an abbreviation for “decibels relative to one milliwatt,” where one milliwatt (1 mW) equals 1/1000 of a watt. It follows the same scale as dB. Therefore 0 dBm = 1 mW, 30 dBm = 1 W, and -20 dBm = 0.01 mW

  31. Marwan.S
    February 23rd, 2021

    What is a characteristic of MACsec?
    A. 802.1AE provides encryption and authentication services
    B. 802.1AE is built between the host and switch using the MKA protocol, which negotiates encryption keys based on the master session key from a successful 802.1X session
    C. 802.1AE is built between the host and switch using the MKA protocol using keys generated via the Diffie-Hellman algorithm (anonymous encryption mode)
    D. 802.1AE is negotiated using Cisco AnyConnect NAM and the SAP protocol

    Answer: A
    Explanation
    MACsec, defined in 802.1AE, provides MAC-layer encryption over wired networks by using out-of-band methods for encryption keying. The MACsec Key Agreement (MKA) Protocol provides the required session keys and manages the required encryption keys. MKA and MACsec are implemented after successful authentication using the 802.1x Extensible Authentication Protocol (EAP-TLS) or Pre Shared Key (PSK) framework.
    Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-9/configuration_guide/sec/b_169_sec_9300_cg/macsec_encryption.html
    -> MACsec only provides encryption, not authentication -> Answer A is not correct.
    Successful IEEE 802.1X authentication is the first step in establishing a MACsec session. IEEE 802.1X provides primary key material to the supplicant and switch that will subsequently be used by MACsec -> Answer B is correct.
    If an MKA cryptographic algorithm is not configured, a default cryptographic algorithm of AES-CMAC-128 (Cipher-based Message Authentication Code with 128-bit Advanced Encryption Standard) is used -> Answer C is not correct.
    Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/macsec/configuration/xe-16/macsec-xe-16-book/wan-macsec-mka-support-enhance.html
    802.1AE is negotiated using MKA Protocol so answer D is not correct

  32. Martin
    June 19th, 2021

    Help with this question please:

    Which 2 methods are used to reduce the AP coverage area? (choose 2)

    A. Reduce the transmit power
    B. Increase minimum mandatory data rate
    C. Reduce channel width from 40 Mhz to 20 Mhz
    D. Enable Fastlane
    E. Disable 2.4 Ghz and use only 5Ghz

    Answers: A B

    Are the answers correct? I could swear “E” was a correct answer.

  33. Anonymous
    July 10th, 2021

    @digitaltut what is the updated answer to this question? I answered A and D but it showed A to be wrong.

    An engineer measures the Wi-Fi coverage at a customer site. The RSSI values are recorded as follows:

    Location A: -72 dBm
    Location B: -75 dBm
    Location C: -85 dBm
    Location D: -80 dBm
    Which two statements does the engineer use to explain these values to the customer? (Choose two)

    A. The signal strength at location B is 10 dB better than location
    B. Location D has the strongest RF signal strength
    C. The RF signal strength at location B is 50% weaker than location
    D. The RF signal strength at location C is 10 times stronger than location
    E. The signal strength at location C is too weak to support web surfing

  1. No trackbacks yet.