[Full Version] 400-351 New Questions For Passing The 400-351 Certification Exam (171-190)
2017 January Cisco Official New Released 400-351 Dumps in Lead2pass.com!
100% Free Download! 100% Pass Guaranteed!
The 400-351 braindumps are the latest, authenticated by expert and covering each and every aspect of 400-351 exam. Comparing with others, our exam questions are rich in variety. We offer PDF dumps and 400-351 VCE dumps. Welcome to choose.
Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/400-351.html
QUESTION 171
Drag and Drop Question
Drag and drop the OpenStack function from the left onto the corresponding OpenStack project on the right.
Left:
Compute
Network
Dashboard
Object storage
Block storage
Right:
Swift
Nova
Horizon
Cinder
Neutron
Answer:
Compute (Nova)
Networking (Neutron/Quantum)
Identity Management (Keystone)
Object Storage (Swift)
Block Storage (Cinder)
Image Service (Glance)
Dashboard (Horizon)
QUESTION 172
A user is presented with the underlying hardware and software needed to develop and offer applications via the Internet from a cloud service provider.
Which cloud model is this user consuming?
A. Software as a Service
B. Platform as a Service
C. Application as a Service
D. Infrastructure as a Service
Answer: B
QUESTION 173
Refer to the exhibit. Which three statements about this extract of the configuration of an
autonomous AP are true? (Choose three)
A. This configuration is of a non-root bridge access point.
B. The RADIUS server IP address I misconfigured. It points to the AP itself. Which creates a loop for the RADIUS packets.
C. This configuration allows bridging of VLANs 3 and 4.
D. The SSID is not visible for clients proting the wireless medium.
E. The administrator cannot access the AP via the web GUI using a secure connection.
F. The native VLAN must be VLAN 1 to match the native VLAN configured on the switch to which the AP is connecting.
Answer: ACD
QUESTION 174
Which option is a feature of a Cisco Autonormous AP that prevents over-the-air direct P2P communication, which forces all traffic to hit the first-hop router where security policy is enforced?
A. Wi-Fi Direct Client Policy
B. P2P Secure Packet
C. Public Secure Packet Forwarding
D. P2P Blocking Action
Answer: C
QUESTION 175
Which statement about 802.11h is true?
A. DFS feature works irrespective of whether the channel setting on WLC is set to auto or manual.
B. 802.11h is not a mandatory standard under FCC regulations.
C. The FCC does not require 802.11h to be supported in the 5 GHz band.
D. When the radio detects a radar, it can use the channel for only 20 minutes at a time.
Answer: A
QUESTION 176
In a converged access deployment, which two statements about mobility agents are true? (Choose two.)
A. It maintains a client database of locally served clients.
B. It manages mobility-related configuration.
C. It handles RF functions.
D. It is the first level in the converged access hierarchy.
E. It is a mandatory element in the converged access design.
Answer: AE
QUESTION 177
Heartbeats are used to maintain the high-availability status of an application. Which factor is most important?
A. Bandwidth
B. Latency
C. Routing
D. Round-trip time
Answer: D
QUESTION 178
When a FlexConnect AP is in the “local authentication,local switching” state, it handles client authentication and switches client data packets locally. This state is valid in standalone mode and connected mode. Which three statements about a FlexConnect AP are true? (Choose three).
A. In connected mode, the AP provides minimal information about the locally authenticated client to the controller. This information is not available on the controller policy type. Access VLAN. VLAN name. supported rates. Encryption ciphter.
B. In connected mode, the access point provides minimal information about the locally authenticated client to the controller. However, this information is available to the controller
policy type., access VLAN, VLAN name, supported rates, encryption cipher.
C. Local authentication is useful where you cannot maintain a remote office setup of a minimum bandwidth of 128 kbps with the round-trip latency no greater than 100 ms and the maximum transmission unit no smaller than 576 bytes.
D. Local authentication is useful where you cannot maintain a remote office setup of a minimum bandwidth of 128 kbps with the round-trip latency no greater than 150 ms and the maximum transmission unit no higher than 500 bytes.
E. Local authentication in connected mode does not require any WLAN configuration.
F. Local authentication can be enabled only on the WLAN of a FlexConnect AP that is in local switching mode.
Answer: ACF
QUESTION 179
On a Cisco 5760 WLC, which of the below is not part of the initial setup script?
A. Wireless management interface
B. Host name
C. HTTP server login account
D. SNMP Network Management
E. NTP server
F. Enable password
G. Default routing protocol
Answer: G
QUESTION 180
You are setting up a Cisco access point in repeater mode with a non-Cisco access point as the parent and you use this interface configuration on your Cisco access point.
You are getting the following error message. Which reason for this issue is true?
A. “dot11 extension aironet” is missing under the interface Dot11Radio 0 interface
B. When repeater mode is used, unicast-flooding must be enabled to allow Aironet IE communications.
C. The parent AP MAC address has not been defined.
D. Repeater mode only works between Cisco access points.
Answer: A
QUESTION 181
A Cisco Unified 7925G Wireless IP Phone is operating on the 5 GHz band and transmitting at a power level of 40 mW. Which configuration must be done on the controller to avoid one-way audio?
A. In DCA, enable UNII-1 channels only.
B. Set the maximum power level assignment to 26 dBm.
C. In DCA, enable UNII-II channels only.
D. Set the maximum power level assignment to 16 dBm.
Answer: D
QUESTION 182
Refer to the exhibit. Which option describes what this sequence of commands achieves on a Cisco Autonomous AP?
A. This example show how to permit SNMP access to all objects with read-only permission to only those three specific IP addresses using the community string public. The access point also sends config traps to the hosts 192.180.1.111 and 192.180.1.33 using SNMPv1 and to the host
192.180.1.27 using SNMPv2C. The community string public is not send with the traps because this is the default community value.
B. This example show how to permit SNMP access to all objects with read-only permission to only those three specific IP addresses using the community string public. The access point also sends config traps to the hosts 192.180.1.111 and 192.180.1.33 using SNMPv1 and to the host 192.180.1.27 using SNMPv2C. The community string public is send with the traps.
C. This example show how to permit any SNMP manager to access all objects with read-only permission using the community string public. The access point also sends config traps to the hosts 192.180.1.111 and 192.180.1.33 using SNMPv1 and to the host 192.180.1.27 using SNMPv2C. The community string public is not send with tre traps because this is the default community value.
D. This example show how to permit any SNMP manager to access all objects with read-only permission using the community string public. The access point also sends config traps to the hosts 192.180.1.111 and 192.180.1.33 using SNMPv1 and to the host 192.180.1.27 using SNMPv2C. The community string public is send with the traps.
Answer: D
QUESTION 183
Your customer is having wireless VoIP problems. When the Cisco 7925 phones roam from AP1 to AP2, the voice drops out and comes back. The phones are set up for PEAP/WPA2-AES with CCKM to an external RADIUS server. The APs and WLAN are setup up in FlexConnect mode. Which statement explains the issue?
A. The APs have not been added to the FlexConnect group.
B. PEAP with WPA2-AES is not supported with Cisco Centralized Key Management, use EAP-FAST.
C. PEAP with WPA2-AES is not supported with Cisco Centralized key Management, use LEAP.
D. The APs have been added to the FlexConnect Group.
Answer: A
QUESTION 184
You have received a new Cisco 5760 Controller and have gone through the initial startup wizard. You are now trying to add APs to the controller, but these are not joining. Which three checks
should you do next? (Choose three.)
A. Check that the radios are not in a shutdown state.
B. Check the country code of the controller. The APs do not join the controller if the country code does not match.
C. Check that the correct time is set on the controller.
D. Check that option 53 has been set in the DHCP scope
E. Check that the controller has enough AP licenses.
F. Check that the controller has been configured with the correct hostname. Otherwise, DNS resolution fails.
Answer: BCE
QUESTION 185
Refer to the exhibit. A network administrator is installing a new converged access Cisco WLC. The uplink connection is to be a Gigabit port channel. Which characteristic is true?
A. The port channel mode is set to active and sends PDUs at 30 sec intervals.
B. The port channel mode is set to active and sends PDUs at 1 sec intervals.
C. The port channel uses a Cisco proprietary protocol.
D. The port-channel member interfaces must be set to trunk mode.
E. The port channel is currently down.
Answer: A
QUESTION 186
Which option in the Cisco Identity Services Engine checks that the user authentication comes from a domain computer?
A. It is not possible to validate the computer domain membership through ISE.
B. Group Policy Objects
C. Machine Access Restriction
D. Active Directory Attributes.
E. An identity source sequence can be used to perform this check.
Answer: D
QUESTION 187
Refer to the exhibit. Which statement about the rogue access point screenshot is true?
A. AP-2 sends de-authentication packets oon air using BSSID 74:a2:e6:71:51:c3 as part of
containment process.
B. This rogue AP is working on channel 1 and is manually contained using all detecting access points.
C. SSID on this rogue AP is WMM enabled and this rogue AP is contained by single closest detecting access point at a given time.
D. This rogue AP is contained by AP-1 and AP-2 in round-robin fashion during off-channel scan period.
Answer: C
QUESTION 188
Refer to the exhibit. Which statement about this CPU ACL is correct?
A. This CPU ACL is used as a redirection aCL to redirect all traffic except Telnet to 172.21.153.37.
B. A user on the 10.64.0.0/24 network can use Telnet to access the WLC IP address on
172.21.153.37.
C. A user on the 10.64.0.0/24 network cannot use Telnet to access the WLC IP address on
172.21.153.37.
D. A user on the 10.64.0.0/24 network cannot use SSH to access the WLC IP address on
172.21.153.37.
E. A user on the 10.64.0.0/24 network cannot use HTTPS to access the WLC IP address on
Answer: C
QUESTION 189
Which two IEEE protocols combined provide a wireless client with optimized Fast Secure Network Assisted Roaming? (Choose two)
A. 802.11w
B. 802.11h
C. 802.11z
D. 802.11e
E. 802.11k
F. 802.11r
Answer: EF
QUESTION 190
Drag and Drop Question
Consider the association process of a wireless client to an SSID.
Drag and drop the client actions from the left into the correct order of operation on the right.
Left:
802.11 probe request
802.11 association request
EAPol key message 2
802.11 authentication request
EAP identity response
Right:
Step1
Step2
Step3
Stpe4
Step5
Answer:
Cisco 400-351 is often called the hardest of all Cisco exams. Lead2pass helps you kill the Cisco 400-351 exam challenge and achieve the perfect passing score with its latest practice test, packed into the revolutionary interactive VCE. This is the best way to prepare and pass the 400-351 exam.
400-351 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDWGllc2pTVTM0TDg
2017 Cisco 400-351 exam dumps (All 231 Q&As) from Lead2pass:
http://www.lead2pass.com/400-351.html [100% Exam Pass Guaranteed]