Which common type of attack does a data center next-generation firewall protect against?
In a wireless network environment, which measurement compares the received signal to the background noise?
Refer to the exhibit. A network engineer must log in to the router via the console, but the RADIUS servers are not reachable. Which credentials allow console access?
In a Cisco Mobility Express wireless deployment, which AP takes over if the primary AP fails?
Drag and drop the code snippets from the bottom onto the blanks in the code to construct a request that configures a deny rule on an access list?

Why does the vBond orchestrator have a public IP?
Why does the vBond orchestrator have a public IP?
In which forms can Cisco Catalyst SD-WAN routers be deployed at the perimeter of a site to provide SD-WAN services?
An engineer must configure a new WLAN that supports 802.11r and requires users to enter a passphrase. What must be configured to support this requirement?
Which technology collects location information through data packets received by the APs instead of using mobile device probes?
What does the LAP send when multiple WLCs respond to the CISCO_CAPWAP-CONTROLLER.localdomain hostname during the CAPWAP discovery and join process?
An engineer must configure a new 6 Ghz only SSID on a cisco catalyst 9800 series WLC, with these requirements:
Provide 802.11ax data rates for supported devices
All users authenticate using a certificate
Which wireless layer 2 security mode meets the requirements?
Drag and drop the solutions that comprise Cisco Cyber Threat Defense from the left onto the objectives they accomplish on the right.

Drag and drop the automation characteristics from the left onto the appropriate tools on the right. Not all options are used.


Refer to the exhibit. The IP SLA is configured in a router. An engineer must configure an EEM applet to shut down the interface and bring it back up when there is a problem with the IP SLA. Which configuration should the engineer use?
Drag and drop the Cisco Catalyst Center (formerly DNA Center) southbound API characteristics from the left to the right. Not all options are used.

DRAG DROP. An engineer creates the configuration below. Drag and drop the authentication methods from the left into the order of priority on the right. Not all options are used.
R1#show run | include aaa
aaa new-model
aaa authentication login default group ACE group AAA_RADIUS local-case
aaa session-id common

In a fabric-enabled wireless network, which device is responsible for maintaining the endpoint ID database?
Drag and drop the snippets onto the blanks within the code to create an EEM script that adds an entry to a locally stored text file with a timestamp when a configuration change is made. Not all options are used.

The login method is configured on the VTY lines of a router with these parameters:
The first method for authentication is TACACS+
If TACACS is unavailable, login is allowed without any provided credentials
Which configuration accomplishes this task?
Refer to the exhibit.

Which configuration enables password checking on the console line, using only a password?
With IGMPv2, which multicast group address does the IGMP querier use to send query messages to all hosts on the LAN?
A corporate policy mandates that a certificate-based authentication system must be implemented on the wireless infrastructure. All corporate clients will contain a certificate that will be used in conjunction with ISE and user credentials to perform authentication before the clients are allowed to connect to the corporate Wi-Fi. Which authentication key option must be selected to ensure that this authentication can take place?
In a high-density AP environment, which feature can be used to reduce the RF cell size and not demodulate radio packets above a given threshold?
A wireless administrator must create a new web authentication corporate SSID that will be using ISE as the external RADIUS server. The guest VLAN must be specified after the authentication completes. Which action must be performed to allow the ISE server to specify the guest VLAN?
What are two best practices when designing a campus Layer 3 infrastructure? (Choose two.)

Refer to the exhibit. An engineer deployed a wireless QoS setting for a new building within a campus. All network devices support 802.1p priority tags. What can be determined from the WLC settings?
What is a characteristic of the overlay network in the Cisco SD-Access architecture?
Which two operational modes enable an AP to scan one or more wireless channels for rogue access points and at the same time provide wireless services to clients? (Choose two.)
Which location tracking method is used when locating client devices using Cisco hyperlocation?

Refer to the exhibit. A customer reports that many wireless clients cannot reliably receive multicast audio. Which action resolves this issue?
Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?

Refer to the exhibit. A customer asks an engineer to create a new secure WLAN to support only WPA3. Users must connect using a passphrase. Which encryption and key management configuration is required?
What is the recommended minimum SNR for data applications on wireless networks?
Drag and drop the characteristics from the left into the orchestration tools that they describe on the right.
Which type of tunnel is required between two WLCs to enable intercontroller roaming?
Which feature is needed to maintain the IP address of a client when an inter-controller Layer 3 roam is performed between two WLCs that are using different mobility groups?

Refer to the exhibit. R2 is configured as an NTP master sourcing NTP packets from its locally connected interface of 10.1.1.1. Which additional configuration is needed to complete the configuration?
Which A record type should be configured for access points to resolve the IP address of a wireless LAN controller using DNS?
Drag and drop the DHCP messages that are exchanged between a client and an AP into the order they are exchanged on the right.

Which AP mode allows administrators to generate pcap files to use for troubleshooting?
An engineer measures the Wi-Fi coverage at a customer site. The RSSI values are recorded as follows:
•LocationA -72dBm
• Location B:-75 dBm
• Location C; -65 dBm
• Location D -80 dBm
Which two statements does the engineer use to explain these values to the customer? (Choose two.)
When deploying a Cisco Unified Wireless solution what is a design justification for using a distributed WLC deployment model?
In a LISP topology, which component does the ITR send a resolution request to when it does not know the path to a specific EID?
In Cisco CatalystCenter(formerly DNA Center) Inventory, the Software Version of a networkdevice displays a status of OUTDATED. What does It me?
An engineer must construct an access list for a Cisco Catalyst 9800 Series WLC that will redirect wireless guest users to a splash page that is hosted on a Cisco ISE server. The Cisco ISE servers are hosted at 10.9.11.141 and 10.1.11.141. Which access list meets the requirements?
What does a next-generation firewall that is deployed at the data center protect against?
An engineer must create a new SSID on a Cisco 9800 wireless LAN controller. The client has asked to use a pre-shared key for authentication. Which profile must the engineer edit to achieve this requirement?
Drag and drop the Cisco Catalyst Center (formerly DNA Center) northbound API characteristics from the left to the right. Not all options are used.

Which three methods does Cisco Catalyst Center (formerly DNA Center) use to discover devices? (Choose three.)