ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-430 All Questions

View all questions & answers for the 300-430 exam
Go to Exam

Exam 300-430 topic 1 question 117 discussion

Actual exam question from Cisco's 300-430
Question #: 117
Topic #: 1
[All 300-430 Questions]

After receiving an alert about a rogue AP, a network engineer logs into Cisco Prime Infrastructure and looks at the floor map where the AP that detected the rogue is located. The map is synchronized with a mobility services engine that determines that the rogue device is actually inside the campus. The engineer determines that the rogue is a security threat and decides to stop if from broadcasting inside the enterprise wireless network. What is the fastest way to disable the rogue?

  • A. Go to the location where the rogue device is indicated to be and disable the power.
  • B. Create an SSID similar to the rogue to disable clients from connecting to it.
  • C. Update the status of the rogue in Cisco Prime Infrastructure to contained.
  • D. Classify the rogue as malicious in Cisco Prime Infrastructure.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by NoWiresIncluded at May 31, 2023, 10:31 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rrahim
1 week ago
Selected Answer: C
Containment in Cisco Prime Infrastructure: Cisco Prime Infrastructure provides a feature to contain rogue APs. When a rogue AP is marked as "contained," the system uses nearby authorized access points (APs) to send deauthentication frames to clients connected to the rogue AP, effectively preventing it from operating within the enterprise wireless network. This method is automated and does not require physical intervention or manual configuration of SSIDs.
upvoted 1 times
rrahim
1 week ago
Why the Other Options Are Incorrect: A. Go to the location where the rogue device is indicated to be and disable the power: While physically disabling the rogue AP is effective, it is not the fastest method. It requires locating the device and manually powering it off, which can be time-consuming. B. Create an SSID similar to the rogue to disable clients from connecting to it: Creating a similar SSID is not a reliable or efficient method to disable a rogue AP. It does not stop the rogue AP from broadcasting and may cause confusion for legitimate clients. D. Classify the rogue as malicious in Cisco Prime Infrastructure: Classifying the rogue as malicious helps identify it as a threat, but it does not automatically stop the rogue AP from broadcasting. Containment is the action that disables the rogue AP.
upvoted 1 times
...
...
MaxMusti
6 months, 4 weeks ago
Guys i strugglet there too you can jamm a AP over Contained on the Prime. (Info will get pushed to the WLC) After this he isnt working anymore and you can search him and power off Search for Jamming cool feature but be careful
upvoted 1 times
...
Supersede
12 months ago
Selected Answer: A
A - seems the only way to DISABLE the rogue AP. Other options doesn't satisfy the requirement.
upvoted 1 times
...
peer1024
1 year, 4 months ago
Selected Answer: A
"to stop if from broadcasting" - this ist not containment. containment means to send disassociation frames to clients. No power...no broadcasting !
upvoted 3 times
...
NoWiresIncluded
1 year, 8 months ago
Selected Answer: C
C is correct, fastest solution is to contain the AP, setting it to Malicious does not mean that it will be contained.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago