Sample Questions and Answers
What wireless condition does the metric “channel utilization” measure?
Number of APs per channel
B. Total client throughput
C. Percentage of airtime in use
D. Roaming attempts per second
Answer: C
Explanation: Channel utilization indicates how much airtime is being consumed on a given channel.
Which authentication failure message indicates a PSK mismatch?
EAP-Timeout
B. MIC failure
C. WPA-Key Mismatch
D. Radius Reject
Answer: C
Explanation: This log message indicates the client entered an incorrect PSK (Pre-Shared Key).
A wireless user gets disconnected every 30 minutes. What’s a likely cause?
Short DHCP lease time
B. Radio reset
C. DFS channel scan
D. Beacon filtering
Answer: A
Explanation: If the DHCP lease is too short and the client doesn’t renew, it will lose its IP address.
What is the function of the WLC feature “PMF” (Protected Management Frames)?
Encrypts user data
B. Authenticates clients
C. Secures management frames against spoofing
D. Prioritizes video traffic
Answer: C
Explanation: PMF ensures the integrity and authenticity of management frames like deauthentication or disassociation.
What does the presence of many “Probe Requests” from a client indicate?
The client is sleeping
B. The client is scanning for better APs
C. The client has been excluded
D. The AP is in monitor mode
Answer: B
Explanation: Probe requests indicate the client is actively scanning for SSIDs, possibly seeking better signal or connectivity.
What does the CLI command debug dhcp message enable help you trace?
Controller firmware issues
B. Client traffic routes
C. IP address assignment process
D. RF interference
Answer: C
Explanation: This command allows you to see the details of the DHCP request and offer process in real time.
Which log entry signals a successful client IP assignment?
DHCP_REQD
B. DHCP_TIMEOUT
C. DHCP_ACK
D. AP_JOINED
Answer: C
Explanation: DHCP_ACK confirms that a DHCP server has successfully assigned an IP to the client.
What is one cause of low throughput despite a strong signal?
Beacon interval too long
B. High retransmission rate
C. Incorrect SSID name
D. Client blacklisting
Answer: B
Explanation: Retransmissions waste airtime, reducing throughput even when signal is strong.
What issue does the WLC alert “11k Neighbor List not available” refer to?
DFS channel mismatch
B. Lack of mobility anchors
C. Incomplete roaming optimization
D. RADIUS authentication error
Answer: C
Explanation: Without the 11k neighbor list, the client lacks guidance for optimal roaming targets.
What is the likely cause of a WLC message stating “AP rejected due to license limit”?
Incompatible firmware
B. DNS misconfiguration
C. WLC reached AP count limit
D. VLAN misconfiguration
Answer: C
Explanation: If the WLC has reached its licensed AP limit, new APs will be rejected.
A VoIP client on Wi-Fi is experiencing latency. Which metric should you check first?
RSSI
B. Beacon interval
C. Jitter and packet loss
D. SNR
Answer: C
Explanation: Jitter and packet loss directly affect VoIP quality, causing delay and distortion.
What does the “client exclusion policy” on the WLC do?
Prevents clients from roaming
B. Blocks clients after multiple failures
C. Assigns static IPs
D. Disables DFS channels
Answer: B
Explanation: The exclusion policy can block clients temporarily after authentication failures.
What is a symptom of a VLAN mismatch on a trunk port to an AP?
CAPWAP tunnel flapping
B. Duplicate IP assignment
C. No SSIDs broadcast
D. IP conflict error
Answer: A
Explanation: VLAN mismatch can disrupt communication, causing CAPWAP tunnels to flap or drop.
What does enabling “Application Visibility and Control” on the WLC do?
Increases client throughput
B. Filters multicast traffic
C. Identifies and classifies application traffic
D. Assigns IPs faster
Answer: C
Explanation: AVC allows the WLC to recognize applications and enforce policies like rate-limiting or prioritization.
What’s the typical result of excessive co-channel interference?
Higher RSSI
B. Improved voice quality
C. Increased retries and slower speeds
D. Lower noise floor
Answer: C
Explanation: CCI results in devices deferring transmissions, increasing delays and retries.
What does the log “Client Deauthenticated Reason: 3” mean?
Session timeout
B. Client device rebooted
C. Deauthenticated due to inactivity
D. AP firmware mismatch
Answer: C
Explanation: Reason code 3 indicates the client deauthenticated due to inactivity.
In which mode does the AP scan channels but not serve clients?
Local mode
B. Sniffer mode
C. Bridge mode
D. Monitor mode
Answer: D
Explanation: In Monitor mode, APs scan channels for RF analysis and rogue detection, not for client access.
Why is a fast reassociation time critical for wireless VoIP clients?
To avoid DNS lookups
B. To minimize call drop during roaming
C. To reduce multicast jitter
D. To prevent beacon flooding
Answer: B
Explanation: If reassociation is slow, the client might drop active voice calls while roaming.
What tool on Cisco WLC helps visualize client location on a floor map?
RF Profile
B. Mobility Anchor
C. CMX (Connected Mobile Experience)
D. CleanAir
Answer: C
Explanation: Cisco CMX tracks client location using triangulation and shows it on maps.
What happens when an AP is in “rogue detection mode”?
Captures user credentials
B. Acts as a honeypot
C. Scans for unauthorized APs
D. Disables RF interface
Answer: C
Explanation: Rogue detection mode allows APs to passively or actively look for unauthorized APs.
What could cause repeated WLC logs saying “client moved to exclusion list”?
PSK mismatch
B. AP reboot
C. RF interference
D. VLAN pooling
Answer: A
Explanation: Too many failed authentication attempts (e.g., wrong PSK) will result in client exclusion.
Which Cisco feature helps isolate clients in a guest network from each other?
VLAN tagging
B. RF grouping
C. Peer-to-peer blocking
D. WMM prioritization
Answer: C
Explanation: Peer-to-peer blocking prevents wireless clients from communicating directly, which is ideal for guest networks.
What is the function of a Cisco Mobility Anchor?
Acts as the root bridge in STP
B. Handles guest traffic termination
C. Manages AP firmware updates
D. Assigns dynamic VLANs to clients
Answer: B
Explanation: A mobility anchor is often used to tunnel guest traffic to a centralized WLC for secure management and policy enforcement.
A client fails to roam between APs. What’s the most likely cause?
SSID mismatch
B. DHCP server offline
C. Inconsistent WLAN configurations across APs
D. Lack of DNS resolution
Answer: C
Explanation: Roaming requires consistent SSID, security, and VLAN configuration across APs and controllers.
What command shows client state on the WLC CLI?
show wlan summary
B. show client summary
C. show mobility anchor
D. show ap config general
Answer: B
Explanation: This command provides client-specific details such as state, signal strength, and authentication status.
What causes a “DHCP_REQD” status on a client in the WLC?
DNS resolution failure
B. Incomplete 802.1X process
C. Client hasn’t received an IP address
D. Mismatched VLAN tags
Answer: C
Explanation: The client is authenticated but hasn’t received an IP, indicating a DHCP issue.
What WLC feature helps mitigate multicast flooding on the WLAN?
VLAN pooling
B. IGMP snooping
C. Rogue containment
D. DTIM beaconing
Answer: B
Explanation: IGMP snooping filters unnecessary multicast traffic, conserving bandwidth.
Which IEEE standard is primarily responsible for client roaming optimization?
802.11g
B. 802.11ac
C. 802.11k
D. 802.3af
Answer: C
Explanation: 802.11k provides neighbor reports to help clients select the best AP to roam to.
What issue is indicated by WLC logs showing “AP is not joining: DTLS handshake failed”?
Wrong IP assignment
B. Certificate mismatch or invalid DTLS config
C. DNS resolution error
D. RF interference
Answer: B
Explanation: A failed DTLS handshake typically points to certificate or encryption issues.
Which tool provides real-time RF heatmaps and spectrum analysis?
CleanAir
B. Mobility Express
C. Prime Infrastructure
D. NetFlow
Answer: A
Explanation: Cisco CleanAir detects and classifies RF interference sources, producing real-time RF analysis.
A client is authenticated but not getting a DHCP address. Which two are likely causes? (Choose two)
Wrong SSID
B. DHCP server not reachable
C. VLAN misconfiguration
D. Duplicate IP address
Answer: B, C
Explanation: Both VLAN issues and DHCP server problems can block the client from obtaining an IP.
Which log message would most likely be seen during client roaming?
DOT11-4-ROAMING_EVENT
B. CAPWAP-3-DTLS_ERROR
C. AP-BOOT-RELOAD
D. AP-REJOIN-DISABLED
Answer: A
Explanation: This message indicates the client has roamed from one AP to another.
What protocol enables WLC to dynamically assign VLANs based on user identity?
CAPWAP
B. RADIUS
C. SNMP
D. NTP
Answer: B
Explanation: RADIUS can send VLAN attributes to the WLC to assign VLANs per user or group.
Which configuration change can help reduce multicast overhead on wireless networks?
Enable client exclusion
B. Set DTIM to 3
C. Convert multicast to unicast
D. Lower beacon interval
Answer: C
Explanation: Converting multicast to unicast optimizes delivery by ensuring reliable transmission.
A WLC reports “AP in rogue detector mode.” What does this imply?
The AP is in local mode
B. The AP is scanning the airwaves for threats
C. The AP is disabled
D. The AP is unreachable
Answer: B
Explanation: Rogue detector mode is used to monitor the environment for unauthorized APs and clients.
Why would an AP fail to discover the WLC?
WLC is in mobility anchor mode
B. WLC has DHCP disabled
C. AP cannot resolve WLC’s hostname
D. WLC is using static routing
Answer: C
Explanation: APs may rely on DNS or DHCP Option 43 to discover the controller. Failure to resolve the hostname prevents discovery.
What happens when an AP is set to “sniffer mode”?
Provides client access
B. Operates in FlexConnect mode
C. Captures wireless packets and sends to a collector
D. Joins as a rogue AP
Answer: C
Explanation: In sniffer mode, the AP acts as a packet capture sensor, helpful in analysis and troubleshooting.
What tool on a Cisco WLC can help detect client SNR issues?
AP Join statistics
B. Client detail statistics
C. NetFlow
D. CDP neighbor details
Answer: B
Explanation: Client statistics provide SNR (Signal-to-Noise Ratio), which is crucial for identifying signal quality problems.
Which condition often leads to an AP reboot loop?
Certificate expiry
B. Incorrect image file
C. DFS channel enforcement
D. Rogue containment enabled
Answer: B
Explanation: A corrupt or incompatible firmware image can cause the AP to reboot continuously.
What feature allows a WLC to group APs for location-specific RF tuning?
AP Groups
B. RF Profiles
C. VLAN Pools
D. Mobility Anchors
Answer: B
Explanation: RF Profiles allow you to customize RF parameters based on deployment area, such as lobby vs. auditorium.
What is the likely impact of setting a very low DTIM interval?
Improved roaming
B. Reduced latency for multicast/broadcast
C. Increased battery life for clients
D. Higher SNR
Answer: B
Explanation: Lower DTIM means clients are alerted more frequently, reducing latency but increasing battery use.
A wireless printer disconnects after idle time. Likely reason?
802.11r is enabled
B. Power saving misconfiguration
C. IP conflict
D. Overlapping SSIDs
Answer: B
Explanation: Power save mode can interfere with idle, non-interactive devices like printers.
Why might a client have an “Exclusion Policy Reason: IP Theft” status?
Duplicate MAC address
B. DHCP spoofing detected
C. Assigned a static IP already in use
D. Attempted to brute-force password
Answer: C
Explanation: If a client uses a static IP that’s already in use, the WLC may mark it as IP theft and exclude it.
What WLC log entry indicates a client attempting to reconnect after exclusion?
Client Assoc
B. Client Retry
C. Exclusion Timeout
D. Re-auth Pending
Answer: C
Explanation: After the exclusion period ends, WLC allows the client to reconnect and logs an exclusion timeout event.
What issue can arise from enabling “Client Band Select”?
Slower client reassociation
B. Clients forced to 2.4 GHz
C. Delay in initial association
D. Clients get assigned static IPs
Answer: C
Explanation: Band Select introduces a delay to encourage clients to associate with 5 GHz, which can slow initial connections.
What WLC command shows real-time authentication errors?
debug dot1x events
B. show interface summary
C. debug aaa all
D. debug client mac <mac>
Answer: D
Explanation: This command provides detailed real-time debugging specific to one client’s MAC address.
Which action is taken by the WLC during rogue containment?
Encrypts client traffic
B. Broadcasts deauth frames to rogue clients
C. Hides rogue AP SSID
D. Assigns guest VLAN
Answer: B
Explanation: Rogue containment involves sending deauthentication frames to disconnect clients from unauthorized APs.
A user reports poor Wi-Fi in a meeting room. First step?
Replace the AP
B. Reboot the WLC
C. Perform a site survey
D. Disable 5 GHz band
Answer: C
Explanation: A site survey reveals RF conditions, interference, or coverage holes.
What log would you expect during a fast BSS transition using 802.11r?
FT Reassociation Request
B. Client Deauth
C. DHCP Decline
D. PMK Mismatch
Answer: A
Explanation: Fast BSS transitions involve a reassociation request under the FT (Fast Transition) protocol.
What causes the WLC to send a “client delete” message?
Client changed its MAC
B. AP changed channels
C. Inactivity timeout expired
D. RF profile update
Answer: C
Explanation: If a client is idle beyond the configured timeout, WLC deletes the client entry.
A client is in the “Run” state but has no internet. Which issue is least likely?
IP conflict
B. DNS failure
C. DHCP server down
D. SSID not broadcast
Answer: D
Explanation: If the client is already associated and authenticated, SSID broadcast is not a factor.
What metric helps assess wireless signal quality?
TX Power
B. Beacon interval
C. SNR
D. RSSI
Answer: C
Explanation: SNR (Signal-to-Noise Ratio) is a key metric in determining the quality of a wireless signal.
Reviews
There are no reviews yet.