CCNA Wireless 200-355 Official Cert Guide (2016)
Appendix A. Answers to the “Do I Know This Already?” Quizzes
Chapter 1
1. C. The IEEE 802.11 standard focuses on wireless LAN definitions, methods, and operation. It is made up of many pieces, as described in Chapter 2, “RF Standards.” Sometimes you might see IEEE 802.11x, which refers to the many subparts of 802.11. Be aware of the subtle difference between that and 802.1x, which defines port-based network access control.
2. B, E. Wireless LANs use the 2.4-GHz and 5-GHz bands. Be careful to notice the difference between megahertz (MHz) and gigahertz (GHz). Also remember that 5.5 Mbps and 11 Mbps are some of the common data rates used in wireless LANs, but those are not involved when you need to identify the frequency band.
3. A. When the two power levels are the same, the result is 0 dB. As long as you remember the first handy Law of Zero, you will find exam questions like this easy. If not, you will need to remember that dB = 10log10 (100 mW / 100 mW) = 10log10 (1) = 0 dB.
4. C. At first glance, 17 mW and 34 mW might seem like odd numbers to work with. Notice that if you double 17, you get 34. The second handy dB fact says that doubling a power level will increase the dB value by 3.
5. D. Start with transmitter A’s level of 1 mW and try to figure out some simple operations that can be used to get to transmitter B’s level of 100 mW. Remember the handy Laws of 3s and 10s, which use multiplication by 2 and 10. In this case, 1 mW × 10 = 10 mW × 10 = 100 mW. Each multiplication by 10 adds 10 dB, so the end result is 10 + 10 = 20 dB. Notice that transmitter B is being compared to A (the reference level), which is 1 mW. You could also state the end result in dB-milliwatt (dBm).
6. C. This question involves a reduction in the power level, so the dB value must be negative. Try to find a simple way to start with 100 and get to 40 by multiplying or dividing by 2 or 10. In this case, 100 / 10 = 10; 10 × 2 = 20; 20 × 2 = 40. Dividing by 10 reduced the dB value by 10 dB; then multiplying by 2 increased the total by +3 dB; multiplying again by 2 increased the total by +3 more dB. In other words, dB = –10 + 3 + 3 = –4 dB.
7. B. Remember that the EIRP involves radiated power, and that is calculated using only the transmitter components. The EIRP is the sum of the transmitter power level (+20 dBm), the cable loss (–2 dB), and the antenna gain (+5 dBi). Therefore, the EIRP is +23 dBm.
8. D. A high SNR is best, where the received signal strength is more elevated above the noise floor. A 30-dBm SNR separates the signal from the noise more than a 10-dBm SNR does. Likewise, a higher RSSI value means that the signal strength alone is higher. The RSSI scale ranges from 0 (highest) to –100 (lowest).
9. C. DSSS supports 1-, 2-, 5.5-, and 11-Mbps data rates through different combinations of coding and modulation schemes. FHSS is locked to 1 or 2 Mbps. With the exception of 6 and 9 Mbps, only OFDM supports the highest data rates of all the modulation types.
10. C, B, A, D. The correct order is C, B, A, D or DBPSK (2 possible phase changes), DQPSK (4 possible phase changes), 16-QAM (16 possible phase/amplitude changes), 64-QAM (64 possible phase/amplitude changes).
11. B, C. Both 16-QAM and 64-QAM alter the amplitude and phase of a signal.
12. C. OFDM uses 48 subcarriers in a single 20-MHz-wide channel, allowing it to transmit data bits in parallel. DSSS uses a single 22-MHz channel with only one main carrier signal.
Chapter 2
1. C. The ITU-R allocated the ISM bands for global use.
2. B. The U-NII-1 band is the first of four 5-GHz bands set aside for wireless LAN use.
3. D. The EIRP is always limited to +36 dBm in the 2.4-GHz band, except in the case of point-to-point links.
4. D. The IEEE 802.11 standard is the official specification for wireless LAN operation.
5. C. Only channels 1, 6, and 11 are non-overlapping. The 2.4-GHz channels are spaced 5 MHz apart, whereas the DSSS channel width is 22 MHz.
6. D. The first U-NII-1 channel is labeled channel 36.
7. C, D, E, G. IEEE 802.11a is strictly for 5 GHz, 802.11n includes both 2.4- and 5-GHz bands, and 802.11ac is limited to 5 GHz. The IEEE 802.11-2012 standard has all of these amendments rolled up into one document. IEEE 802.11g and 802.11b deal with the 2.4-GHz band.
8. C, D. Both 802.11g and 802.11a define OFDM use, even though the two standards use different bands.
9. A. The maximum theoretical data rate of 802.11b is 11 Mbps, 802.11a is 54 Mbps, and 802.11n is 600 Mbps.
10. B. The device has two transmitters and three receivers. The number of spatial streams supported would be added after the 2×3 designation.
11. C. 802.11n is limited to aggregating two 20-MHz channels for a total width of 40 MHz.
12. A, E. Devices using 802.11n or 802.11ac can use multiple radio chains and multiple spatial streams.
13. B. The 802.11ac amendment supports 256-QAM in both Wave 1 and Wave 2.
14. D. 802.11ac supports a maximum of eight spatial streams, although only three are supported in Wave 1 and four in Wave 2.
15. D. Only the Wi-Fi Alliance tests and certifies wireless products according to industry standards.
Chapter 3
1. C. Because both transmitters are using the same channel, the interference is described as co-channel.
2. E. Cisco recommends a separation of at least 19 dB, so +20 dB is the only correct answer.
3. B. The two channels being used are adjacent, so their signals overlap by some degree. The resulting interference is called adjacent channel interference.
4. D. In the 2.4-GHz band, channels 1, 6, and 11 are the only ones that are spaced far enough apart (five channel numbers) that they do not overlap.
5. A. Energy traveling in an electromagnetic wave spreads in three dimensions, weakening the signal strength over a distance.
6. B. The 802.11b and g devices operate at 2.4 GHz, which is less affected by free space loss than the 802.11a device, at 5 GHz.
7. D. By switching to a less-complex modulation scheme, more of the data stream can be repeated to overcome worsening RF conditions. This can be done automatically through DRS.
8. B. As a signal is reflected, a new copy travels in a different direction. Each copy of the signal takes a different path to reach the receiver; thus, the name multipath.
9. D. As a signal passes through a wall, the building material absorbs some of the RF energy, reducing the signal strength by some amount.
10. B. The first Fresnel zone is an elliptical area along the length of a signal path that should be kept free of obstructions. When an object extends into a significant portion of the Fresnel zone, the signal can be diffracted and distorted.
Chapter 4
1. B, D. The E and H plane plots are used to show a side view and a top-down view, respectively, with the antenna in the center of the plots.
2. B. The H plane is also known as the azimuth plane because measurements are taken at every azimuth angle around the base of the antenna.
3. D. The beamwidth is the angle measured between the two points on a radiation pattern plot that are 3 dB below the maximum.
4. D. The orientation of the electrical and magnetic components of the electromagnetic wave with respect to the horizon is known as the polarization.
5. B. Cisco antennas are designed to use vertical polarization. Because the dipole antenna is mounted correctly (pointing straight up or down), the wave will be vertically polarized.
6. B. A parabolic dish antenna has the greatest gain because it focuses the RF energy into a tight beam.
7. A, E. An omnidirectional antenna is usually used to cover a large area. Therefore, it has a large beamwidth. Because it covers a large area, its gain is usually low.
8. C. Integrated antennas are omnidirectional.
9. B. Orienting a dipole so that its cylinder points toward a receiver will probably cause the received signal to become weaker. That is because the donut-shaped radiation pattern extends outward in all directions away from the length of the antenna. By pointing the antenna at the receiver, the strongest part of the signal has been rotated away from the receiver. The radiation pattern is weakest along the length of the antenna.
10. C. Lightning arrestors cannot protect against direct lightning strikes on an antenna.
Chapter 5
1. A, B. WPANs and WLANs can both use the unlicensed 2.4-GHz ISM band.
2. B. WLANs require half-duplex operation because all stations must contend for use of a channel to transmit frames.
3. C. An AP offers a basic service set (BSS).
4. B. The AP at the heart of a BSS or cell identifies itself (and the BSS) with a basic service set identifier (BSSID). It also uses an SSID to identify the wireless network, but that is not unique to the AP or BSS. Finally, the radio MAC address is used as the basis for the BSSID value, but the value can be altered to form the BSSID for each SSID that the AP supports.
5. D. In a BSS, the 802.11 standard requires all traffic to pass through an AP. The only exception is the 802.11z amendment, which permits an AP to coordinate direct client-to-client traffic without passing through the AP.
6. A. True: “The DS connects two BSSs to form an ESS”—The distribution system connects two basic service sets (APs) to form an extended service set.
B. False: “The BSA of a BSS looks like a MAC address”—The basic service area of a BSS is its coverage area or cell, which has nothing to do with a MAC address.
C. False: “The SSID of a STA must be unique within the ESS”—The service set identifier can be common across one or many BSSs in an ESS.
D. True: “The BSSID is unique for each SSID in a BSS”—An AP in a BSS uses its radio MAC address as the basis for its BSSIDs, but each SSID has a unique BSSID value.
7. E. Roaming implies that the building has some wireless APs that are interconnected. Therefore, the client must first associate with a BSS. The BSS must connect to a switched infrastructure through a DS. The DS must extend to at least one more AP through an ESS. Finally, the same SSID has to be defined on every AP in the ESS.
8. D. An independent basic service set is also called an ad hoc network.
9. B. A workgroup bridge acts as a wireless client, but bridges traffic to and from a wired device connected to it.
10. B. In a mesh network, each mesh AP builds a standalone BSS. The APs relay client traffic to each other over wireless backhaul links, rather than wired Ethernet. A wireless LAN controller is necessary.
Chapter 6
1. D. An 802.11 frame can contain up to four different address fields.
2. B. Frames are marked as going to the distribution system (DS) or from the DS.
3. D. The Address1 field always contains the RA.
4. A. 802.11 devices can participate in the distributed coordination function (DCF).
5. C. A wireless client uses the network allocation vector (NAV) to predict the number of timeslots required for the channel to become free so that a frame can be transmitted.
6. D. Frames are separated by the distributed interframe space (DIFS).
7. B. A probe request frame is sent to ask any listening APs to identify themselves.
8. B. A wireless device must send an ACK frame, one of the 802.11 control frames, back to the source of each unicast frame that is received.
9. A, B. A client can join a basic service set (BSS) as long as it has at least one mandatory rate in common with the AP and supports all of the AP’s mandatory rates.
10. A. In a passive scan, a client simply listens to any beacons that are transmitted by nearby APs. In contrast, probes are sent by the client to discover APs in an active scan.
11. D. A client must first be authenticated to the BSS before it can request to be associated.
12. C. As long as the client can move from one BSS to another without losing a signal or getting disassociated or deauthenticated, it can probe for a new AP and send a reassociation frame to reassociate itself with the existing SSID.
Chapter 7
1. B, C, D. The transmit power directly affects the range of the AP’s signal. The supported modulation and coding schemes can affect the range because the simpler schemes can tolerate a lower SNR and a weaker signal, implying a greater range. The more complex schemes offer better data rates, but need a better signal quality within a shorter range. The supported data rates also affect the range because they directly affect the modulation and coding schemes that are used.
2. B, D. If you have already tested the AP’s signal and determined that it reaches every location in the lobby area, the problem is not that the AP’s transmit power is insufficient. Instead, the problem is occurring because the small client devices must be using a transmit power that is lower than that of the AP. In other words, the client’s signals are not strong enough to reach the AP, so the two have asymmetric power levels. One solution is to increase the client’s transmit power level (if possible) to be identical to the AP’s. Another solution is to lower the data rate on the AP so that its signal will be usable at the client’s location. A lower data rate uses less complex modulation and coding schemes, which stay intelligible at farther distances.
3. D. The 1-Mbps data rate is already disabled, which limits the cell size to some extent. You can reduce it further by disabling the 2-Mbps data rate.
4. C. If the problem is occurring some distance away from the replacement AP, the replacement AP must be working correctly within its immediate area. If the replacement had a 1-dBm transmit power, it could not be causing any interference at a great distance away. The problem is likely occurring because the lowest data rates have been enabled on the AP. The lower rates effectively extend the replacement AP’s cell size into the cells of other APs farther away. If the channels are identical, the replacement could be causing co-channel interference in other cells, degrading client performance and roaming.
5. C. Roaming is entirely up to the client. The client runs a roaming algorithm that compares current conditions to a threshold. When the signal quality or other factors drop below the threshold, the client tries to roam.
6. D. Whereas an association request is used to join a BSS, a reassociation request is used to move from one BSS to another within the same ESS.
7. B. Roaming algorithms are not standardized at all. Instead, each manufacturer might have its own interpretation of an algorithm. Wireless clients can scan a set of available channels when they anticipate roaming, to look for a new AP. Cisco APs and controllers can also prime a Cisco-compatible client (CCX Versions 3 and later) with a list of viable APs ahead of time, so that the client can save time without having to scan channels.
8. B. To promote clean roaming, neighboring APs should use different, non-overlapping channels. In addition, APs should be located such that their coverage overlaps each other by some amount, usually 15 percent to 20 percent.
9. C. Adjacent APs should always use different, non-overlapping channels.
10. A, C. The fourth-floor APs will not interfere with the main office AP on channel 6. However, the other third-floor APs and the second-floor AP all use channel 6. Those signals could penetrate the floor and interfere with the main office AP, causing roaming issues.
11. A. If the building is under construction, the walls have probably not been built yet. Therefore, it doesn’t make sense to try a passive or active site survey because there are no APs to measure and no final building materials to affect the RF signals. Instead, a predictive survey is used to calculate AP locations and RF coverage over a virtual area before APs have been deployed.
12. C. Only the active site survey can use the survey device to associate to the APs as a normal client would.
13. B. A passive site survey would provide all of the information needed. Because the passive survey tool listens to all APs that are in range of a location, you would learn of legitimate and rogue APs as well as the RF conditions.
14. C. AP-on-a-stick refers to a test AP that is mounted on a pole, ladder, tripod, or other stick-like object, at a height at which the AP would be permanently mounted. At that height, realistic measurements can be taken of the AP’s cell size in the actual location where it will be used.
15. A. In an active site survey, the survey device associates with only one AP at a time—just as any normal wireless client does.
Chapter 8
1. A. An autonomous AP can operate independently, without the need for a centralized wireless LAN controller.
2. A. Client-to-client traffic typically passes through an autonomous AP, although clients can use Direct Link Setup (DLS) to communicate directly after coordinating with the AP.
3. B. The Cisco Meraki APs are autonomous APs that are managed through a centralized platform in the Meraki cloud.
4. B. A lightweight AP (LAP) transports client traffic through a tunnel back to a wireless LAN controller. Therefore, client-to-client traffic typically passes through the AP, through the controller, and back through the AP. If DLS is used, two wireless clients can communicate directly without passing through the AP and controller, but only after the communication has been coordinated with the AP.
5. C. On a lightweight AP, the MAC function is divided between the AP hardware and the wireless LAN controller (WLC). Therefore, the architecture is known as split-MAC.
6. B. An LAP builds a CAPWAP (Control and Provisioning of Wireless Access Points protocol) tunnel with a WLC.
7. A. Only the CAPWAP control tunnel is secured by default. Client data passes over the CAPWAP data tunnel, but is optionally encrypted. DHCP requests are client data and are not encrypted by default. Finally, 802.11 beacons are sent over the air from an LAP, so they are not encrypted or transported by CAPWAP.
8. A. A trunk link carrying three virtual LANs (VLANs) is not needed at all. A lightweight AP in local mode needs only an access link with a single VLAN; everything else is carried over the CAPWAP tunnel to a WLC. The WLC will need to be connected to three VLANs so that it can work with the LAP to bind them to the three service set identifiers (SSIDs).
9. D. Because the network is built with a WLC and LAPs, CAPWAP tunnels are required. One CAPWAP tunnel connects each LAP to the WLC, for a total of 32 tunnels. CAPWAP encapsulates wireless traffic inside an additional IP header, so the tunnel packets are routable across a Layer 3 network. That means the LAPs and WLC can reside on any IP subnet as long as the subnets are reachable. There are no restrictions for the LAPs and WLC to live on the same Layer 2 VLAN or Layer 3 IP subnet.
10. D. In a converged design, an access layer switch also functions as a WLC so that all user access (wired and wireless) converges in a single layer. Catalyst 3650, 3850, and 4500 offer converged wireless capability.
11. C. A converged wireless design is based on staging a controller in some or all of the access layer switches. Therefore, the number of controllers is usually higher than in the centralized model, which has a small number of larger-capacity controllers. The autonomous and cloud-based models do not use controllers at all.
12. B. FlexConnect is normally used in remote branch sites because it offers local switching so that branch users can access local resources if the WAN link or CAPWAP tunnel is down.
13. A, B. You can have multiple WLCs in a Cisco wireless network, so you could add a second 5520 or replace the existing one with a more robust model. You should not try to expand the coverage of each AP, rather than expand the capacity of the WLC.
14. B, D. The 1850 AP offers 802.11ac Wave 2 right out of the box. You could also leverage the 3700 model because it supports 802.11ac Wave 1 now and will support Wave 2 with the addition of a future expansion module.
15. B. The maximum number of APs is limited by the switch stack as a whole, not by individual member switches in the stack. Therefore, a maximum of 50 lightweight APs can be joined to the stack.
Chapter 9
1. C. A trunk link is needed to carry multiple service set identifier (SSIDs) to multiple virtual LANs (VLANs).
2. C. An autonomous AP is a standalone AP; it offers a basic service set (BSS) and connects to a distribution system (DS), all without the need for a centralized controller.
3. A, C. An autonomous AP has a console port for configuration and management and an Ethernet port to connect to the wired network. Service ports and dynamic interfaces are used on wireless LAN controllers instead.
4. D. The answer is all of the above because the sticker lists the MAC address that is used as the base address for both radios as well as the Ethernet port.
5. A, B. An autonomous AP tries to use Dynamic Host Configuration Protocol (DHCP) by default, but you can configure a static address if necessary.
6. A, B, C. You can use all of the methods except the AP management GUI to find the AP’s IP address. Without the IP address, you would not be able to open a browser to the management GUI.
7. B, C. The radios are disabled and no SSIDs are configured. This prevents the AP from becoming active until you have properly configured it.
8. B, E. Each AP radio can host its own unique set of SSIDs. Also, the AP must assign an IP address to its BVI1 interface for management traffic.
9. B, C. A TFTP or FTP server is necessary, along with an appropriate lightweight code image. An autonomous code image is not needed because the AP is already running one.
10. C. You should use the archive download-sw command, which also specifies the TFTP server address and filename.
11. D. Cisco Meraki APs are cloud-based, so you must do all management and configuration through the cloud network management interface.
12. C. The AP will connect with the Cisco Meraki cloud network to register itself. At that point, you must browse to the cloud network and claim the AP so that it can be associated with your Meraki Dashboard and account.
Chapter 10
1. B. Controller ports are physical connections to the switched network infrastructure.
2. C. The service port is used for out-of-band management.
3. A. The distribution system ports are usually configured as unconditional 802.1Q trunks.
4. C. Controllers use a link aggregation group (LAG) to bundle the ports together.
5. D. CAPWAP tunnels always terminate on the AP-manager interface. All the APs discover the controller by that interface and its IP address. The management interface can terminate CAPWAP tunnels if no AP-manager interface exists.
6. C. The virtual interface is used to relay DHCP requests from wireless clients.
7. D. A dynamic interface makes a logical connection between a WLAN and a VLAN, all internal to the controller.
8. A. The controller will begin its initial setup to build a bootstrap configuration.
9. A, D. You can either connect to the controller console port or use a web browser to run through the initial setup procedure. The console will use CLI only, while the service port is used for a web interface. A Cisco 2504 Wireless Controller does not have a service port, so a web browser is used from an Ethernet port instead.
10. D. Because the access switch hosts both a switch and a Wireless Controller Module (WCM) function, you should connect to it using the switch management address.
11. B, C. The Apply button made the change active, but didn’t save it across the reboot. You would need to click the Save Configuration button to save the change permanently.
12. A. To save a copy of the controller’s configuration, you can upload the configuration file to a remotely connected TFTP, FTP, or SFTP server
13. B. A WLC can store a primary and a backup code image. One file can be run until the controller is rebooted.
14. A, D. TFTP and FTP are the only two methods supported.
15. A. File transfers are always named from the viewpoint of the controller, as if the controller is a client getting a file from a remote server. In this case, the code image file should be downloaded to the controller.
16. D. Lightweight APs will compare their own code image releases to that of the controller they intend to join. If the controller has a different release, the APs will download the matching release from the controller automatically.
Chapter 11
1. B. An AP will discover all possible WLCs before attempting to build a CAPWAP tunnel or join a controller.
2. C. After an AP boots, it compares its own software image to that of the controller it has joined. If the images differ, the AP downloads a new image from the controller.
3. F. An AP can learn controller addresses from all of the listed methods.
4. C. An AP will try the three primed addresses (primary, secondary, and tertiary) first before any other method.
5. C. If an AP cannot find a viable controller, it reboots and tries the discovery process all over again.
6. B. The AP priority determines which APs can join a controller when the controller fills with APs.
7. D. If the primary controller responds to an AP’s discovery methods, the AP will always try to join it first, ahead of any other controller. Configuring an AP with a primary controller is the most specific method because it points the AP to a predetermined controller. Other methods are possible, but they can yield ambiguous results that could send an AP to one of several possible controllers.
8. D. APs use CAPWAP keepalive messages that are sent to the controller every 30 seconds.
9. D. The AP Fallback feature allows APs to fall back or revert to a primary controller at any time.
10. C. N+N redundancy is being used because there are two active controllers and no standby or backup controllers.
Chapter 12
1. B. The client must associate with a basic service set (BSS) offered by an AP.
2. A. The client device is in complete control over the roaming decision, based on its own roaming algorithm. It uses active scanning and probing to discover other candidate APs that it might roam to.
3. C. Because a single controller is involved, the roam occurs in an intracontroller fashion. Even though the client thinks it is associating with APs, the associations actually occur at the controller, thanks to the split-MAC architecture.
4. C. Intracontroller roaming is the most efficient because the reassociation and client authentication occur within a single controller.
5. C. Cisco Centralized Key Management (CCKM) is used to cache key information between a client and an AP. The cached information is then used as a quick check when a client roams to a different AP.
6. C. Intercontroller roaming supports Layer 3 roaming when a client moves from one controller to another and when the client’s IP subnet changes between controllers.
7. D. In a Layer 2 roam, the client’s IP subnet does not change as it moves between controllers. Therefore, there is no need to tunnel the client data between the controllers; instead, the client simply gets handed off to the new controller.
8. B. A client can always choose to renew or obtain an IP address, but it does not have to. The client can continue to use its same IP address during either Layer 2 or Layer 3 roams.
9. D. The anchor controller, where the client starts, maintains the client’s state and builds a tunnel to the foreign controller, where the client has now roamed.
10. C. Controllers A and B are listed in each other’s mobility list, so they are known to each other. However, they are configured with different mobility group names. Clients may roam between the two controllers, but CCKM and key caching information will not be exchanged.
11. B. A Mobility Agent (MA) terminates the CAPWAP tunnels from APs that are joined to the controller.
12. A. Each MA must be joined to an Mobility Controller (MC) so that mobility events can be coordinated and managed.
13. A. The Point of Presence (PoP) anchors the client to a wired subnet so that the client’s IP address can stay consistent across AP roams.
14. E. The controllers can be designated as a single Switch Peer Group (SPG) to make localized roaming more efficient. Because converged controllers are contained in specific Cisco switch models, SPG derives its name from the LAN switch platforms. Keep in mind that the controllers in an SPG must also be joined to an MC.
15. B. Each converged controller must operate as a Mobility Agent (MA) because it terminates CAPWAP tunnels connecting the lightweight APs.
Chapter 13
1. C. A data rate marked as mandatory by an AP must be supported by any client that intends to associate with the AP.
2. B. You can configure one or more data rates as mandatory. In fact, the 1-, 2-, 5.5-, and 11-Mbps data rates in the 2.4-GHz band are set as mandatory by default.
3. B. Broadcast management frames are sent at the lowest mandatory data rate. Unicast management frames can be sent at any optimal supported or mandatory data rate.
4. B. 802.11n and 802.11ac support is enabled by default. Only 20-MHz channels will be used until 40-MHz or wider channels are enabled.
5. C. RRM monitors and adjusts all APs in a single RF group. The RF group may contain one or more controllers.
6. C. By default, all APs joined to a controller belong to one common RF group. The group can be extended to any other controller that has APs within range by configuring that controller with the same RF group name. To build an RF group, APs send neighbor messages so that they can be discovered. If one controller’s APs hear neighbor messages sent from another controller’s APs, and the RF group names match, the RF group is extended to include both controllers.
7. D. The transmit power control (TPC) algorithm adjusts the power level used by each AP in an RF group.
8. C. The goal of dynamic channel allocation (DCA) is to maintain an efficient channel layout and avoid interference and noise. Therefore, DCA might choose to move the AP to a different channel.
9. A. TPC and DCA are RRM algorithms that run on a per-RF group basis. Therefore, the RF group leader runs the algorithms.
10. D. A failed radio will probably cause a hole or weakness in the RF coverage around the AP. Coverage hole detection mitigation (CHDM) can detect the failure based on the weak signal clients in that area are experiencing. The algorithm can also boost the transmit power level in neighboring APs to help heal the coverage hole or other coverage gaps that are detected.
Chapter 14
1. D. A secure wireless connection between a client and an access point (AP) should have all of the listed security components.
2. C. The message integrity check (MIC) is used to protect data against tampering.
3. D. Wireless Equivalent Privacy (WEP) is a wireless encryption method that has been found to be vulnerable and is not recommended for use.
4. A. Open authentication is used so that the client can associate with the AP and can then authenticate through 802.1x and Extensible Authentication Protocol (EAP).
5. C. A controller becomes an authenticator in the 802.1x process.
6. B. Protected EAP (PEAP) uses a server certificate, but clients authenticate using more traditional means without a certificate.
7. D. EAP Transport Layer Security (EAP-TLS) requires digital certificates on both the AS and the supplicants.
8. C. Counter/CBC-MAC Protocol (CCMP) is currently the most secure data encryption and integrity method for wireless data.
9. B. Wi-Fi Protected Access Version 2 (WPA2) requires CCMP, whereas WPA does not.
10. A, C. Pre-shared keys (PSKs) can be used in WPA personal and WPA2 personal modes. Enterprise mode requires 802.1x authentication.
11. B, D. Management Frame Protection (MFP) requires a secure connection between an AP and a CCXv5 client. Therefore, WPA2 and Cisco Compatible Extensions Version 5 (CCXv5) are needed.
12. B. WPA2 personal requires a pre-shared key (PSK). The same key must be configured on the WLAN, which gets propagated to all APs that are joined to the controller, in addition to every client that might associate with the WLAN.
13. B, C. Only WEP and Temporal Key Integrity Protocol (TKIP) have been deprecated.
Chapter 15
1. C, D. A wireless LAN (WLAN) binds a service set identifier (SSID) to a controller interface, so that the controller can link the wired and wireless networks. Although the WLAN ultimately reaches a wired virtual LAN (VLAN), it does so only through a controller interface. It is the interface that is configured with a VLAN number.
2. C. You can configure a maximum of 512 WLANs on a controller. However, a maximum of only 16 of them can be configured on an access point (AP).
3. B. Each AP supports a maximum of 16 WLANs. Even so, you should always try to limit the number of WLANs to five or fewer.
4. B. The BSS for each WLAN must be advertised, requiring airtime for beacons. A growing number of WLANs results in a growing number of beacons needed, which results in a diminishing amount of airtime left available for data frames.
5. A, C. The SSID and controller interface are the only parameters from the list that are necessary. The VLAN number is not necessary because it is supplied when a controller interface is configured.
6. B. The WLAN ID is used internally as an index into the list of WLANs on a controller. Therefore, it is not made visible to any clients.
Chapter 16
1. B. A guest WLAN is normally used to provide limited network access to guest clients, while keeping them isolated from the rest of the network.
2. C. By itself, the controller cannot route packets between WLANs; any connectivity must be provided by an external router or firewall.
3. D. A guest WLAN is no different from a data or regular WLAN. The only differences are the type of user authentication and the external means to keep the guest virtual LAN (VLAN) isolated from the other networks.
4. D. A guest WLAN on one controller is completely separate from the guest WLAN defined on another controller. The guest WLANs can be bound to a common VLAN so that they share a common IP subnet, but the WLANs are not merged or joined by default.
5. C. Guest WLANs can be merged toward a common controller if each of the controllers identifies the same controller as a mobility anchor.
6. B. A wireless guest network works like a Layer 3 roaming scenario in reverse—the client associates with a foreign controller. The foreign controller then tunnels the guest traffic to a guest mobility anchor controller.
7. B. You can configure more than one mobility anchor for a guest WLAN. Guest clients will be load balanced across the anchor controllers.
Chapter 17
1. B. Windows 7 uses a process called the WLAN AutoConfig Service to scan for a usable wireless network.
2. C. The machine will transmit probe requests containing a null or empty service set identifier (SSID) name. This is done so that it will learn about all APs and SSIDs that are within range.
3. B. Cisco Compatibility Extensions (CCX) certifies compatibility with a set of Cisco innovations and features.
4. C. CCX has five versions.
5. B. Even though the device has no CCX certification at all, it will most likely work fine on the network. CCX measures compatibility with Cisco features, not with the 802.11 standard.
6. D. CCXv1 is the oldest version and has few compatible features. One of the features is the initial 802.11 standard.
7. C. WPA2 with 802.1x was introduced in CCXv3 and so is supported in it and later versions.
8. B. CCX Lite includes the Foundation, Voice, Location, and Management modules.
9. B. The Foundation module is mandatory because it contains the core set of compatible features.
Chapter 18
1. C. Prime Infrastructure serves as the centralized management platform and can integrate with Cisco Identity Services Engine (ISE) and Cisco Mobility Services Engine (MSE) for additional services.
2. C. Cisco Mobility Services Engine (MSE) is used to provide location-based tracking to Cisco Prime Infrastructure.
3. A, B, C. Prime Infrastructure can be used to plan, manage, and troubleshoot wireless networks. It can also be used to perform predictive or planning surveys, but not active site surveys.
4. C. The downward-pointing orange triangle represents major alarms that have been received from wireless controllers.
5. B. Unacknowledged alarms are automatically acknowledged after 15 days.
6. D. The Alarm Browser, found in the alarm bar across the bottom of the PI screen, displays a list of individual alarms and details. Alarm Summary is a bit different, as it displays a concise breakdown of alarm sources and types.
7. B. The PI Dashboard is made up of a collection of dashlets that you can customize.
8. A. To access the maps, you should select Maps > Wireless Maps > Site Maps from the main PI screen.
9. A. PI maps are organized according to campus, building, then floor.
Chapter 19
1. D. DECT 6.0 refers to U.S. devices.
2. B. Bluetooth forms a personal-area network (PAN) and has a short range.
3. B. Bluetooth operates in the 2.4-GHz band and can affect 802.11b/g/n devices.
4. A, C. ZigBee is used for building automation and for energy management.
5. C. ZigBee belongs to the IEEE 802.15.4 family of standards.
6. D. The IEEE 802.16 standard defines WiMAX.
7. C. MetaGeek Chanalyzer is a spectrum analyzer that can collect spectrum data from its own USB receiver or connect to a Cisco AP to collect data remotely.
8. A. A spectrum analyzer is used to look for wireless interference across a spectrum of frequencies.
9. D. CleanAir adds spectrum analysis capabilities to a Cisco lightweight AP.
10. A. CleanAir analyzes non-802.11 signals to detect and classify devices that interfere with 802.11 AP cells.
11. B. By default, Cisco CleanAir is disabled on a controller.
12. D. Because CleanAir has assigned a severity value of 4, the interference is likely not severe. The severity scale runs from 0 (not severe) to 100 (very severe).
13. B. A unique cluster ID is assigned to each uniquely identified interferer. The cluster ID is also known as a pseudo-MAC address. Non-802.11 devices do not use regular MAC addresses, so a virtual MAC address is created and used as a label.
Chapter 20
1. C. By entering the client’s MAC address, the controller can display information about it straightaway. The other answers might also lead to useful information, but only after you spend more time sifting through the data.
2. C. The RUN state is the final policy manager state, indicating that the client is a fully functional member of the basic service set (BSS).
3. D. From the controller’s perspective, a client must go through a sequence of state changes before it can be fully associated and joined to the network. Only when a client is in the RUN state is it fully operational.
4. B. The client must have failed to authenticate with the 802.1x method that is configured on the WLAN. Perhaps a RADIUS server is down, the client is sending an incorrect username or password, or the client’s digital certificate is invalid.
5. B. Because the client supports only Cisco Compatible Extensions Version 1 (CCXv1), the controller uses ping tests with Internet Control Message Protocol (ICMP) packets. The controller can record received signal strength indicator (RSSI) measurements of the client’s signal, but the lack of robust CCX support prevents the client from relaying its own RSSI measurements of the AP’s signal.
6. C, D. The client must support CCXv4 or CCXv5 before it can accept the CCX link test frames and return information about its own radio to the controller.
7. C. You should leverage Prime Infrastructure and its central location in the wireless network. Assuming that every controller is configured to send Simple Network Management Protocol (SNMP) traps to PI, you should be able to find useful information about the client with just a single search through the PI database.
8. B. Go to Monitor > Clients, from which you can filter the results based on a client’s MAC address, AP name, and so on.
9. D. Answer D is correct because it provides VLAN 11 to the AP over an access mode link. Answer A is incorrect because the access VLAN number is left to the default (VLAN 1). Answer B is incorrect, even though a lightweight AP (LAP) can use a trunk link, as long as the trunk is configured with the AP’s VLAN number as the 802.1Q native VLAN. The configuration allows VLAN 11 over the trunk, but will use the default native VLAN 1 because it does not define a specific native VLAN number. Answer C is incorrect because the switch interface is left in the shutdown state.
10. C. MetaGeek inSSIDer Office is a Wi-Fi scanner tool that can map service set identifiers (SSIDs) to channels for quick analysis. Other tools such as OmniPeek can achieve the same result, but they are packet analyzers and not strictly Wi-Fi scanners.
11. C. ESS Pro is an example of an RF mapping tool, used to measure 802.11 signals over a map of an area.