300-430 · Question #175
An engineer is concerned that a wireless attack is causing client connectivity issues. Which Cisco Prime Infrastructure report does the engineer run to determine if the user was in an area afflicted b
The correct answer is D. Adaptive wIPS Top 10 APs. The Adaptive wIPS Top 10 APs report in Cisco Prime Infrastructure identifies the access points that have experienced the greatest number of wireless intrusion attack events, enabling engineers to correlate client issues with attack-heavy locations.
Question
An engineer is concerned that a wireless attack is causing client connectivity issues. Which Cisco Prime Infrastructure report does the engineer run to determine if the user was in an area afflicted by a large number of attacks?
Options
- ANetFlow v7
- BNew Rogue APs
- CAVC Troubleshooting
- DAdaptive wIPS Top 10 APs
How the community answered
(57 responses)- A2% (1)
- B5% (3)
- C4% (2)
- D89% (51)
Why each option
The Adaptive wIPS Top 10 APs report in Cisco Prime Infrastructure identifies the access points that have experienced the greatest number of wireless intrusion attack events, enabling engineers to correlate client issues with attack-heavy locations.
NetFlow v7 is a traffic flow telemetry protocol used to analyze bandwidth consumption and application flows, and it does not capture or report wireless intrusion attack events.
The New Rogue APs report tracks unauthorized access points detected on the network, which is a discovery and rogue management function rather than a report of active attacks against clients.
AVC (Application Visibility and Control) Troubleshooting reports are used to diagnose application performance and traffic classification issues, not to identify geographic areas impacted by wireless security attacks.
The Adaptive wIPS Top 10 APs report aggregates wireless intrusion prevention system event data per access point to rank which APs have been most heavily targeted by attacks. An engineer can use this report to determine whether the AP serving a troubled client was in an area with a high attack count, directly linking client connectivity degradation to wIPS-detected threats in that physical location.
Concept tested: Cisco Prime Infrastructure Adaptive wIPS attack location reporting
Source: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/wips.html
Topics
Community Discussion
No community discussion yet for this question.