Refer to the exhibit. After a recent internal security audit, the network administrator decided to block all P2P-capable devices from the selected SSID. Which configuration setting must the administrator apply?
A.
Set the Wi-Fi Direct Client Policy to Not-Allow.
To block all P2P-capable devices from the selected SSID, the network administrator should set the P2P Block Action to "Drop".
P2P (Peer-to-Peer) traffic is often used by file sharing applications and other unauthorized software, which can pose a security risk to the network. By setting the P2P Block Action to "Drop", the network administrator can prevent P2P traffic from being transmitted over the selected SSID.
The other configuration settings listed are not directly related to blocking P2P traffic. Wi-Fi Direct Client Policy, for example, is used to control Wi-Fi Direct clients, while MFP (Management Frame Protection) Client Protection helps prevent forged management frames. A Layer 2 ACL (Access Control List) can be used to control access to network resources based on MAC addresses, IP addresses, and other criteria, but it is not specifically designed to block P2P traffic.
.
A. Wi-Fi Direct Client Policy
Wi-Fi Direct is a technology that allowed endpoint devices form WLAN association with each other directly. You can imagine one is an AP and the other one is a client. The most common use case is a mobile phone connecting to a printer, without an infrastructure network (hope you still remember this term). This technology can be a security risk. For example, if a Wi-Fi Direct capable printer is connected to the corporate network, and an attacker connects to the printer using Wi-Fi Direct (may have weaker security), then the printer can be used as a backdoor to the corporate network. That's why the administrator in the question wants to block it.
D. P2P Block Action
This feature decides how a WLC handles traffic between two endpoints under the same SSID. If you have two laptops connected to the same SSID, this feature lets you decide whether to isolate them from each other. In this case, the two endpoints communicate with each other through normal WiFi. They each form association with the AP, having nothing to do with Wi-Fi Direct technology.
.
The tricky thing is, Cisco has used the term "P2P" when asking the question. It has word-to-word matching with option D, but it's actually talking about A. The reason is obvious - any Wi-Fi client device is capable of doing the so-called P2P defined in option D; it's just normal network communication between two devices on the same LAN. So, here, the term "P2P" is actually an acronym of "Wi-Fi Direct" created by the nasty Cisco. They are good at playing rephrasing games. We have seen this too much their questions, haven't we?
The question is actually asking: Which option can block Wi-Fi Direct capable devices from forming association with the SSID. And the answer is A.
By the way, option D can drop traffic between endpoints under the same SSID, but it does NOT block the endpoints from the SSID. Endpoints are still able to connect to the SSID and talk to the outside network.
Shame on you, Cisco. You make money disgracefully by playing language traps to fail your examinees who have to pay you certification fee again. A certification exam is supposed to be testing real networking knowledge and skills, but your CCNA is testing mechanical memorisation of textbook words and language game skills.
.
It´s D
The P2P Block Action should configured to "Drop" on the WLC or AP.
This setting instructs the WLC or AP to drop any traffic associated with P2P communication, effectively preventing P2P-capable devices from accessing the network through that SSID.
P2P block action only stops p2p traffic, not client association onto the WLAN.
Wi-Fi Direct Client Policy actually prevents the device from connecting to the WLAN.
If the question read: "...block all P2P traffic on the selected SSID." then D would be correct
But by definition, D is only relevant if P2P devices are actually on the WLAN.
Not sure about the full extent of Wi-Fi Direct capabilities but CISCO seems to want you to answer D
https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/configuration-guide/b_cg75/b_cg75_chapter_01001011.pdf
The correct answer is A. Set the Wi-Fi Direct Client Policy to Not-Allow.
If you read the question properly, they are asking how you can block all P2P-capable devices from the selected SSID. What they are saying is to prevent the devices from connecting to the SSID. In the responses below, It appears you are talking about blocking the peers from communicating via P2P.
see this link or read the shorter snippet further below.
https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/wireless/controller/7-5/configuration-guide/b_cg75/b_cg75_chapter_01000000.html.xml#:~:text=Click%20the%20Advanced%20tab.&text=From%20the%20Wi%2DFi%20Direct,to%20associate%20with%20the%20WLAN
This section is not available anymore. Please use the main Exam Page.200-301 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Ciscoman021
Highly Voted 2 years, 1 month agosquagmire
Highly Voted 1 year, 2 months agoUsmanMHFZ
8 months, 4 weeks agoJoshua25
Most Recent 6 months, 1 week agoJoshua25
6 months, 1 week agoJoshua25
6 months, 1 week agoJoshua25
6 months, 1 week ago[Removed]
1 year, 1 month agospazzix
1 year, 8 months agomda2h
1 year, 9 months agopikos1
1 year, 11 months agostudying_1
1 year, 11 months ago[Removed]
1 year, 10 months ago[Removed]
1 year, 10 months agoLekkiDee
1 year, 11 months agoCiscoman021
2 years, 1 month agoAaronRow
2 years, 1 month ago