CCNA Wireless 200-355 Exam Updates - CCNA Wireless 200-355 Official Cert Guide (2016)

CCNA Wireless 200-355 Official Cert Guide (2016)

Appendix C. CCNA Wireless 200-355 Exam Updates

Over time, reader feedback allows Cisco Press to gauge which topics give our readers the most problems when taking the exams. To assist readers with those topics, the authors create new materials clarifying and expanding upon those troublesome exam topics. As mentioned in the Introduction, the additional content about the exam is contained in a PDF document on this book’s companion website, at

This appendix is intended to provide you with updated information if Cisco makes minor modifications to the exam upon which this book is based. When Cisco releases an entirely new exam, the changes are usually too extensive to provide in a simple update appendix. In those cases, you might need to consult the new edition of the book for the updated content.

This appendix attempts to fill the void that occurs with any print book. In particular, this appendix does the following:

Image Mentions technical items that might not have been mentioned elsewhere in the book

Image Covers new topics if Cisco adds new content to the exam over time

Image Provides a way to get up-to-the-minute current information about content for the exam

Always Get the Latest at the Companion Website

You are reading the version of this appendix that was available when your book was printed. However, given that the main purpose of this appendix is to be a living, changing document, it is important that you look for the latest version online at the book’s companion website. To do so:

Step 1. Browse to

Step 2. Select the Appendix option under the More Information box.

Step 3. Download the latest “Appendix C” document.


The downloaded document has a version number. Comparing the version of the print Appendix C (Version 1.0) with the latest online version of this appendix, you should do the following:

Image Same version—Ignore the PDF that you downloaded from the companion website.

Image Website has a later version—Ignore this Appendix C in your book and read only the latest version that you downloaded from the companion website.

Technical Content

The current version of this appendix does not contain any additional technical coverage.

Key Terms Glossary

802.11w An 802.11 amendment that focuses on protecting management frames.

802.1x An IEEE standard that defines port-based access control for wired and wireless networks.


absorption The effect of an RF signal meeting a material that absorbs or attenuates the signal strength by some amount.

access point (AP) A device that provides wireless service for clients within its coverage area or cell.

active scanning A method used by wireless clients to actively scan for available APs by sending probe request frames.

active site survey A method used to measure wireless LAN coverage and performance by analyzing the survey device itself as it interacts with the APs as it is moved throughout an area.

ad hoc network See independent basic service set (IBSS).

air-quality index (AQI) A scale from 0 to 100 that indicates how usable an 802.11 channel is, based on the number and intensity of interfering sources.

amplifier An active device that adds gain to an RF signal.

amplitude The height from the top peak to the bottom peak of a signal’s waveform; also known as the peak-to-peak amplitude.

anchor controller The original controller a client was associated with before a Layer 3 intercontroller roam occurs. An anchor controller can also be used for tunneling clients on a guest WLAN or with a static anchor. Traffic is tunneled from the client’s current controller (the foreign controller) back to the anchor.

AP-manager interface A logical link that can be configured to terminate CAPWAP tunnels from lightweight APs.

AP-on-a-stick A site survey method used to measure the coverage area of a single AP that is mounted on a pole, ladder, or “stick.” The survey is usually formed before APs are deployed in an area.

association The process by which a wireless device becomes a functioning member of a BSS.

asymmetric power problem The scenario where the AP and a client use differing transmit power levels such that the messages sent by device 1 are received and understood by device 2, but the replies from device 2 are too weak to be understood by device 1.

attenuator A passive device that introduces additional loss to an RF signal.

authentication server (AS) An 802.1x entity that authenticates users or clients based on their credentials, as matched against a user database. In a wireless network, a RADIUS server is an AS.

authenticator An 802.1x entity that exists as a network device that provides access to the network. In a wireless network, a WLC acts as an authenticator.

autonomous AP A wireless AP operating in a standalone mode, such that it can provide a fully functional BSS and connect to the DS.


backoff timer The random amount of time a wireless client must wait before attempting to transmit a frame.

band A contiguous range of frequencies.

bandwidth The range of frequencies used by a single channel or a single RF signal.

Barker 11 code An 11-bit sequence of encoded bits that represents a single data bit.

basic service set (BSS) Wireless service provided by an AP to one or more associated clients.

basic service set identifier (BSSID) A unique MAC address that is used to identify the AP that is providing a BSS.

beamwidth A measure of the angle of a radiation pattern in both the E and H planes, where the signal strength is 3 dB below the maximum value.

block acknowledgment A feature used in 802.11n that permits a burst of data frames to be followed by a single acknowledgment message, improving throughput.

BSS basic rate A data rate that is required to be supported between an AP and a wireless client.

BSSID method An active site survey method where the survey client is locked to a specific BSSID so that the cell of a single AP can be measured.


CAPWAP Discovery Request A message sent by a lightweight AP to discover one or more wireless LAN controllers. Any controllers that receive the request should return a CAPWAP Discovery Response message to the AP.

CAPWAP Join Request A message sent by a lightweight AP to a specific WLC indicating the AP’s desire to join or associate with the controller. If the AP is accepted, the WLC returns a CAPWAP Join Response message.

carrier signal The basic, steady RF signal that is used to carry other useful information.

CCX Lite A CCX certification program that is organized in modules, according to specific applications for wireless devices.

cell The area of wireless coverage provided by an AP; also known as the basic service area.

central web authentication (CWA) A method of wireless user authentication that uses a web authentication page and a user database that are both located centrally on a RADIUS server, rather than locally on the wireless controller.

certificate authority (CA) A trusted entity that generates and signs digital certificates.

channel An arbitrary index that points to a specific frequency within a band.

channel aggregation An 802.11n feature that allows two 20-MHz OFDM channels to be aggregated or bonded into a single 40-MHz channel.

channel reuse The pattern of APs and their channels, arranged such that neighboring APs never use the same channels.

chip A bit produced by a coder.

Cisco CleanAir Wireless technology used to detect, classify, report, and react to non-802.11 interference.

Cisco Compatibility Extensions (CCX) A wireless device certification that verifies compatibility with a set of Cisco-developed features. CCX is defined in five versions.

clear channel assessment (CCA) The process a wireless devices uses to determine whether a channel is clear and available to use.

cloud-based AP A Cisco Meraki autonomous AP that is managed from the Meraki cloud network.

cluster ID A unique identifier that a WLC assigns to a non-802.11 device found to be interfering with an AP. See also pseudo-MAC address.

co-channel interference RF signal interference caused by two or more transmitters using the same frequency or channel.

coder A function that converts data bits into multiple encoded bits before transmission, to provide resilience against noise and interference.

collision avoidance The technique used by 802.11 devices to proactively avoid collisions on a channel.

Complementary Code Keying (CCK) An encoding method that takes either 4 or 8 data bits at a time to create a 6-bit or 8-bit symbol, respectively. The symbols are fed into DQPSK to modulate the carrier signal.

contention window The range of values that a wireless station can use to compute a random backoff timer duration.

controller interface A logical connection that a wireless controller uses internally.

controller port A physical connection to an external switched network.

Counter/CBC-MAC Protocol (CCMP) A wireless security scheme based on 802.11i that uses AES counter mode for encryption and CBC-MAC for data integrity.

coverage hole An area that is left without good RF coverage. A coverage hole can be caused by a radio failure or a weak signal in an area.


dBd The gain of an antenna, measured in dB, as compared to a simple dipole antenna.

dBi The gain of an antenna, measured in dB, as compared to an isotropic reference antenna.

dBm The power level of a signal measured in dB, as compared to a reference signal power of 1 milliwatt.

DCA See dynamic channel allocation (DCA).

decibel (dB) A logarithmic function that compares one absolute measurement to another.

delivery traffic indication message (DTIM) A beacon sent at regular intervals that indicates whether buffered broadcast and multicast frames will be sent for clients that have been in a power save mode.

demodulation The receiver’s process of interpreting changes in the carrier signal to recover the original information being sent.

differential binary phase shift keying (DBPSK) A modulation method that takes 1 bit of encoded data and changes the phase of the carrier signal in one of two ways.

differential quadrature phase shift keying (DQPSK) A modulation method that takes 2 bits of encoded data and changes the phase of the carrier signal in one of four ways.

diffraction The effect of an RF signal approaching an opaque object, causing the electromagnetic waves to bend around the object.

dipole An omnidirectional antenna composed of two wire segments.

direct sequence spread spectrum (DSSS) A wireless LAN method where a transmitter uses a single fixed, wide channel to send data.

directional antenna A type of antenna that propagates an RF signal in a narrow range of directions.

distributed coordination function (DCF) The method used by each wireless device to coordinate the use of a wireless channel.

distribution system (DS) The wired Ethernet that connects to an AP and transports traffic between a wired and wireless network.

distribution system port A physical interface that connects a wireless controller to a switched network and carries both AP and management traffic.

duty cycle A measure of the percentage of time a device transmits on a given frequency.

dynamic channel allocation (DCA) An RRM algorithm that monitors APs in an RF group and adjusts their channel assignment based on poor RF conditions.

dynamic interface An internal logical link that connects a VLAN to a WLAN. Traffic passing through a dynamic interface also passes through a VLAN on a distribution system port.

dynamic rate shifting A mechanism used by an 802.11 device to change the Modulation Coding Scheme (MCS) according to dynamic RF signal conditions.


EAP Flexible Authentication by Secure Tunneling (EAP-FAST) A Cisco authentication method that is based on EAP and uses a PAC as a credential for outer authentication and a TLS tunnel for inner authentication.

EAP-TLS An authentication method that uses digital certificates on both the server and the supplicant for mutual authentication. A TLS tunnel is used during client authentication and key exchanges.

effective isotropic radiated power (EIRP) The resulting signal power level, measured in dBm, of the combination of a transmitter, cable, and an antenna, as measured at the antenna.

enterprise mode 802.1x EAP-based authentication requirement for WPA or WPA2.

E plane The “elevation” plane passing through an antenna that shows a side view of the radiation pattern.

Event-Driven RRM (ED-RRM) Using Cisco CleanAir to trigger the RRM DCA process automatically, as interference is detected.

extended service set (ESS) Multiple APs that are connected by a common switched infrastructure.

Extensible Authentication Protocol (EAP) A standardized authentication framework that is used by a variety of authentication methods.


foreign controller The current controller a client is associated with after a Layer 3 intercontroller roam occurs. Traffic is tunneled from the foreign controller back to an anchor controller so that the client retains connectivity to its original VLAN and subnet.

free-space path loss The degradation of an RF signal’s strength as it travels through free space.

frequency The number of times a signal makes one complete up and down cycle in 1 second.

frequency hopping spread spectrum (FHSS) A wireless LAN method where a transmitter “hops” between frequencies all across a band.

Fresnel zone The elliptical shaped space between a transmitter and receiver that must be kept clear of objects, else the RF signal will be degraded.


gain A measure of how effectively an antenna can focus RF energy in a certain direction.

guard interval (GI) The amount of time required between OFDM symbols to prevent intersymbol interference. In 802.11n, the guard interval can be reduced from 800 ns to 400 ns.

guest WLAN A wireless LAN that is specially created to support guest clients.

hertz (Hz) A unit of frequency equaling one cycle per second.

high throughput (HT) The techniques defined in 802.11n and used to scale performance to a maximum of 600 Mbps.

H plane The “azimuth” plane passing through an antenna that shows a top-down view of the radiation pattern.


in phase The condition when the cycles of two identical signals are in sync with each other.

independent basic service set (IBSS) An impromptu wireless network formed between two or more devices without an AP or a BSS; also known as an ad hoc network.

infrastructure mode The operating mode of an AP that is providing a BSS for wireless clients.

integrated antenna A very small omnidirectional antenna that is set inside a device’s outer case.

intercontroller roaming Client roaming that occurs between two APs that are joined to two different controllers.

interference Signals coming from 802.11 devices other than expected or known APs.

interframe space The amount of time the 802.11 standard defines to separate adjacent frames on a channel.

intersymbol interference (ISI) Data corruption caused by OFDM symbols arriving too close together at a receiver, usually caused by signals that take different paths from transmitter to receiver.

intracontroller roaming Client roaming that occurs between two APs joined to the same controller.

isotropic antenna An ideal, theoretical antenna that radiates RF equally in every direction.


Layer 2 roam An intercontroller roam where the WLANs of the two controllers are configured for the same Layer 2 VLAN ID; also known as a local-to-local roam.

Layer 3 roam An intercontroller roam where the WLANs of the two controllers are configured for different VLAN IDs; also known as a local-to-foreign roam. To support the roaming client, a tunnel is built between the controllers so that client data can pass between the client’s current controller and its original controller.

lightning arrestor A device used to protect a transmitter or receiver from large transient voltages that might be induced by lightning around an antenna.

Lightweight EAP (LEAP) A legacy Cisco proprietary wireless security method.

link aggregation group (LAG) A grouping or bundling of multiple physical links into a single logical link.

link budget The cumulative sum of gains and losses measured in dB over the complete RF signal path; a transmitter’s power level must overcome the link budget so that the signal can reach a receiver effectively.

local web authentication (LWA) A method of wireless user authentication that occurs locally on a WLC through the use of local user accounts and a web portal.


management frame protection (MFP) A method developed by Cisco to protect wireless clients and APs from attacks involving spoofed management frames.

management interface A logical link that is used for normal management traffic. If an AP-manager interface is not configured, the management interface also terminates CAPWAP tunnels from APs.

mandatory data rate An 802.11 data rate that must be supported by a client before it can associate with an AP.

maximal-ratio combining (MRC) An 802.11n technique that takes multiple copies of a signal, received over multiple antennas, and combines them to reconstruct the original signal.

mesh network A network of APs used to cover a large area without the need for wired Ethernet cabling; client traffic is bridged from AP to AP over a backhaul network.

message integrity check (MIC) A cryptographic value computed from the contents of a data frame and used to detect tampering.

Mobility Agent (MA) A wireless LAN controller function that terminates CAPWAP tunnels from APs, as well as maintains a client database and enforces security and QoS policies.

mobility anchor A wireless LAN controller that acts as the anchor or home base for remote wireless clients that are joined to a different controller.

Mobility Controller (MC) A wireless LAN controller function that manages one or more MAs, handles RRM, performs WIPS, and manages guest access.

mobility domain A logical grouping of all mobility groups within an enterprise.

mobility group A logical grouping of one or more MCs between which efficient roaming is expected.

mobility subdomain A logical grouping of one MC along with the MAs relying on the MC for roaming efficiency.

modulation The transmitter’s process of altering the carrier signal according to some other information source.

monopole A very short omnidirectional antenna composed of a single wire segment set over a metal ground plane.

multipath Reflected copies of an RF signal arrive at a receiver after taking different paths through free space.


N+1 redundancy High availability offered by N number of active controllers plus one idle standby controller.

N+N redundancy High availability offered by N number of active controllers. The AP load is distributed across the active controllers, so no additional backup controller is used.

N+N+1 redundancy High availability offered by N number of active controllers plus one idle standby controller.

narrowband RF signals that use a very narrow range of frequencies.

neighboring channel interference RF signal interference caused by two or more transmitters using channels that are different, but do not completely overlap.

network allocation vector (NAV) An internal timer maintained by each wireless device that measures the number of timeslots before a transmission may be attempted.

noise Signals or RF energy that do not come from 802.11 sources.

noise floor The average power level of noise measured at a specific frequency.

Null Data Packet (NDP) The explicit method for transmit beamforming specified by the 802.11ac amendment.


omnidirectional antenna A type of antenna that propagates an RF signal in a broad range of directions in order to cover a large area.

open authentication An 802.11 authentication method that requires clients to associate with an AP without providing any credentials at all.

open system authentication A simple method used to verify that a wireless device uses 802.11 before it is permitted to join a BSS.

orthogonal frequency-division multiplexing (OFDM) A data transmission method that sends data bits in parallel over multiple frequencies within a single 20-MHz-wide channel. Each frequency represents a single subcarrier.

out of phase The condition when the cycles of one signal are shifted in time in relation to another signal.


parabolic dish antenna A highly directional antenna that uses a passive dish shaped like a parabola to focus an RF signal into a tight beam.

passive scanning A method used to scan for available APs by listening to their beacon frames.

passive site survey A method to measure wireless LAN coverage by analyzing information that is overheard by listening to existing APs as you move throughout an area.

patch antenna A directional antenna that has a planar surface and is usually mounted on a wall or column.

personal mode Pre-shared key authentication as applied to WPA or WPA2.

phase A measure of shift in time relative to the start of a cycle; ranges between 0 and 360 degrees.

physical carrier sense To determine whether a channel is available, a device simply listens to any signals that might be present.

piconet A very small network cell used to connect multiple devices. Common examples are personal-area networks using technologies such as Bluetooth or Bluetooth Low Energy.

point-to-point bridge An AP configured to bridge a wired network to a companion bridge at the far end of a line-of-sight path.

Point of Attachment(PoA) The controller that anchors a client’s IP address for Layer 3 roaming.

Point of Presence (PoP) The controller where a client is currently associated.

polar plot A round graph that is divided into 360 degrees around an antenna and into concentric circles that represent decreasing dB values. The antenna is always placed at the center of the plot.

polarization The orientation (horizontal, vertical, circular, and so on) of a propagating wave with respect to the ground.

post-deployment site survey A site survey (active or passive) performed after APs have been deployed, in order to validate and verify RF coverage in an area.

predictive survey A method used to predict or calculate RF coverage and an AP layout without collecting any data from live APs.

pre-deployment site survey A predictive or calculated site survey performed before APs are deployed, in order to size and design the wireless coverage for an area.

primed controller address The name or IP address of a controller that is configured in advance on an AP.

protected access credential (PAC) Special-purpose data that is used as an authentication credential in EAP-FAST.

Protected EAP (PEAP) An authentication method that uses a certificate on the AS for outer authentication and a TLS tunnel for inner authentication. Clients can provide their credentials through either MS-CHAPv2 or GTC.

Protected Management Frames (PMF) A service provided by 802.11w that protects a set of 802.11 Robust Management frames and Robust Action frames.

protection mechanism A method of supporting backward compatibility between an advanced and a legacy wireless standard, such as 802.11g and 802.11b, respectively. For example, each 802.11g OFDM transmission is flagged with RTS/CTS messages sent in the lower-rate DSSS format.

pseudo-MAC address A virtual MAC address that a controller assigns to each uniquely identified non-802.11 interferer so that it can be reported and displayed. See also cluster ID.

Public Key Infrastructure (PKI) An enterprise-wide system that generates and revokes digital certificates for client authentication.

quadrature amplitude modulation (QAM) A modulation method that combines QPSK phase shifting with multiple amplitude levels to produce a greater number of unique changes to the carrier signal. The number preceding the QAM name designates how many carrier signal changes are possible.


radiation pattern A plot that shows the relative signal strength in dBm at every angle around an antenna.

radio frequency (RF) The portion of the frequency spectrum between 3 kHz and 300 GHz.

RADIUS server An authentication server used with 802.1x to authenticate wireless clients.

reassociation The process by which a wireless client changes its association from one BSS to another as it moves.

received signal strength indicator (RSSI) The measure of signal strength (in dBm) as seen by the receiver. RSSI is normally negative (0 to –100) because the received signal is always a degraded form of the original signal that was sent.

reflection The effect of an RF signal meeting a dense, reflective material, such that it is sent in a different direction.

refraction The effect of an RF signal meeting the boundary between two different materials, causing its trajectory to change slightly.

repeater A device that repeats or retransmits signals it receives, effectively expanding the wireless coverage area.

RF group A logical grouping of wireless LAN controllers that operates as a single RF domain. RRM algorithms run on a per-RF group basis.

RF group leader A controller that is elected to handle all of the RRM algorithms for the entire RF group.

roaming The process a wireless client uses to move from one AP to another as it changes location.

rogue AP A wireless AP that operates outside local administrative control.

RRM Radio Resource Management; a set of algorithms that is used to maintain a stable and optimum wireless network even in a changing RF environment.


scattering The effect of an RF signal meeting a rough or uneven surface, causing it to be reflected or scattered in many different directions.

sensitivity level The RSSI threshold (in dBm) that divides unintelligible RF signals from useful ones.

service port A physical nontrunking interface that connects a wireless controller to a switched network and carries only out-of-band management traffic.

service set identifier (SSID) A text string that is used to identify a wireless network.

shared key authentication A method used to authenticate a wireless device with a BSS by using a shared WEP key.

signal-to-noise ratio (SNR) A measure of received signal quality, calculated as the difference between the signal’s RSSI and the noise floor. A higher SNR is preferred.

spatial multiplexing Distributing streams of data across multiple radio chains with spatial diversity.

spatial stream An independent stream of data that is sent over a radio chain through free space. One spatial stream is separate from others due to the unique path it travels through space.

spectrum analyzer A device that sweeps through a range of frequencies and displays signals that it receives. The signal data can be processed and displayed in a variety of ways to assist in the analysis.

spread spectrum RF signals that spread the information being sent over a wide range of frequencies.

SSID method An active site survey method where the survey client associates to a specific SSID on any AP.

stateful switchover (SSO) High availability offered by controllers configured as a failover pair. One controller is active and supports the AP and client load, while the other controller is a hot standby. Stateful information about APs and clients in the RUN state is synchronized between the active and standby units for an efficient failover.

station (STA) An 802.11 client device that is associated with a BSS.

supplicant An 802.1x entity that exists as software on a client device and serves to request network access.

supported data rate An 802.11 data rate that can be supported by a client when it associates with an AP.

Switch Peer Group (SPG) A logical grouping of MAs between which frequent and efficient roaming is expected.

symbol A complete group of encoded chips that represents a data bit.


Temporal Key Integrity Protocol (TKIP) A wireless security scheme developed before 802.11i that provides a MIC for data integrity, a dynamic method for per-frame WEP encryption keys, and a 48-bit initialization vector. The MIC also includes a time stamp and the sender’s MAC address.

TPC Transmit power control; an RRM algorithm that adjusts the transmit power level of APs to minimize cell overlap and interference.

traffic indication map (TIM) A list of the association IDs of wireless clients who are in a power save mode but have frames buffered. The TIM is included in beacon frames sent by an AP.

transmit beamforming (TxBF) An 802.11n method to transmit a signal over multiple antennas, each having the signal phase carefully crafted, so that the multiple copies are all in phase at a targeted receiver.


unscheduled automatic power save deliver (U-APSD) The method defined in 802.11e and WMM that allows a wireless client to enter power save mode and then have buffered frames delivered whenever the client is ready to receive them.

virtual carrier sense The method by which a wireless device calculates that a channel is available, based on frame duration information that is used to set the NAV.

virtual interface A logical link used to support wireless clients with things like DHCP relay and web authentication.


wavelength The physical distance that a wave travels over one complete cycle.

Wi-Fi Protected Access (WPA) A Wi-Fi Alliance standard that requires pre-shared key or 802.1x authentication, TKIP, and dynamic encryption key management; based on portions of 802.11i before its ratification.

Wireless Control Module (WCM) A wireless controller function that is built into an access layer switch, forming the basis of a converged wireless network.

Wired Equivalent Privacy (WEP) An 802.11 authentication and encryption method that requires clients and APs to use a common WEP key.

wireless intrusion protection system (wIPS) A system that monitors wireless activity to detect malicious behavior according to a set of signatures or patterns.

Wireless Multimedia (WMM) A Wi-Fi Alliance interoperability certification that covers quality of service (QoS) and enhanced power save delivery methods.

workgroup bridge (WGB) An AP that is configured to bridge between a wired device and a wireless network. The WGB acts as a wireless client.

WPA Version 2 (WPA2) A Wi-Fi Alliance standard that requires pre-shared key or 802.1x authentication, TKIP or CCMP, and dynamic encryption key management; based on the complete 802.11i standard after its ratification.

Yagi antenna A directional antenna made up of several parallel wire segments that tend to amplify an RF signal to each other.