Skip to Content

Cisco 200-301: How to Configure WPA2 Encryption on Cisco WLC GUI?

By: Author Alex Lim

Posted on

Categories Exam

Learn the correct steps to set up WPA2 encryption with AES and a preshared key on a Cisco Wireless LAN Controller GUI. Master WLAN security configuration for your Cisco 200-301 exam.

Table of Contents

Question

Refer to the exhibit. An engineer is using the Cisco WLC GUI to configure a WLAN for WPA2 encryption with AES and preshared key Cisc0123456. After the engineer selects the WPA + WPA2 option from the Layer 2 Security drop-down list, which two tasks must they perform to complete the process? (Choose two.)

A. Select CCKM from the Auth Key Mgmt drop-down list, set the PSK Format to Hex, and enter the key
B. Select PSK from the Auth Key Mgmt drop-down list, set the PSK Format to ASCII, and enter the key.
C. Select ASCII from the PSK Format drop-down list, enter the key, and leave the Auth Key Mgmt setting blank
D. Select the WPA2 Policy and AES check boxes.
E. Select the WPA2 Policy, AES, and TKIP check boxes

Answer

B. Select PSK from the Auth Key Mgmt drop-down list, set the PSK Format to ASCII, and enter the key.
D. Select the WPA2 Policy and AES check boxes.

Explanation

1. WPA2 Policy and AES:
The engineer must select the WPA2 Policy checkbox to enable WPA2 encryption. Additionally, they need to select the AES checkbox, as AES is the encryption method specified in the question.

2. Auth Key Management and PSK Format:
For a pre-shared key (PSK) configuration, the engineer needs to select “PSK” from the Auth Key Mgmt drop-down list. Since the given key “Cisc0123456” is in plain text, the PSK Format should be set to ASCII.

3. Entering the Key:
After setting the PSK Format to ASCII, the engineer can enter the pre-shared key “Cisc0123456” in the provided field.

Important notes:

  • TKIP is not required for WPA2 with AES, so option E is incorrect.
  • CCKM (Cisco Centralized Key Management) is used for fast secure roaming and is not applicable for basic PSK setup, ruling out option A.
  • Leaving the Auth Key Mgmt blank (option C) is incorrect, as it needs to be set to PSK for this configuration.

This configuration ensures that the WLAN is set up with WPA2 encryption using AES and the specified pre-shared key, meeting the requirements outlined in the question.

Cisco 200-301 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Cisco 200-301 exam and earn Cisco 200-301 certification.