nerdexam
Cisco

300-430 · Question #347

An engineer is attempting to implement a local MAC authorization list for the APs that are registered to your Cisco Catalyst 9800 Series Wireless Controller. The list of AP MAC addresses has been adde

The correct answer is D. Configuration > Security > AAA > AAA Advanced > AP Policy. On a Cisco Catalyst 9800 WLC, even after adding AP MAC addresses to the local list, AP Authorization must be explicitly enabled under Security > AAA > AAA Advanced > AP Policy. This ensures that AP join requests are checked against the MAC authorization list before being allowed

Device Hardening

Question

An engineer is attempting to implement a local MAC authorization list for the APs that are registered to your Cisco Catalyst 9800 Series Wireless Controller. The list of AP MAC addresses has been added, but the controller is not enforcing AP MAC authentication. Where is AP Authorization against MACs enabled?

Options

  • AConfiguration > Security > AAA > Authentication > AAA Method List
  • BConfiguration > Tags & Profiles > AP Join > default-ap-profile
  • CConfiguration > Wireless > AP Global Config
  • DConfiguration > Security > AAA > AAA Advanced > AP Policy

How the community answered

(51 responses)
  • A
    4% (2)
  • B
    2% (1)
  • C
    8% (4)
  • D
    86% (44)

Explanation

On a Cisco Catalyst 9800 WLC, even after adding AP MAC addresses to the local list, AP Authorization must be explicitly enabled under Security > AAA > AAA Advanced > AP Policy. This ensures that AP join requests are checked against the MAC authorization list before being allowed to register with the controller.

Topics

#AP MAC authorization#Catalyst 9800#AAA Advanced#AP Policy

Community Discussion

No community discussion yet for this question.

Full 300-430 Practice