12.4_CAPWAP Operation

Question 1

__is an IEEE standard protocol that enables a WLC to manage multiple APs and WLAN

Answer 1

CAPWAP

Question 2

__: also responsible for the encapsulation and forwarding of WLAN client traffic between an AP and a WLC.

Answer 2

CAPWAP

Question 3

CAPWAP is based on LWAPP but adds additional security with ____ (DTLS)

Answer 3

Datagram Transport Layer Security

Question 4

CAPWAP establishes___ on User Datagram Protocol (UDP) ports. CAPWAP can operate either over IPv4 or IPv6, as shown in the figure, but uses IPv4 by default.

Answer 4

tunnels

Question 5

IPv4 and IPv6 both use UDP ports __ and __.

Answer 5

5246
5247

Question 6

Port ___is for CAPWAP control messages used by the WLC to manage the AP

Answer 6

5246

Question 7

Port ___ is used by CAPWAP to encapsulate data packets traveling to and from wireless clients.

Answer 7

5247

Question 8

However, CAPWAP tunnels use different IP protocols in the packet header. IPv4 uses IP protocol___and IPv6 uses IP protocol ___.

Answer 8

17
136

Question 9

A key component of CAPWAP is the concept of a ___.

Answer 9

split media access control (MAC)

Question 10

The CAPWAP split MAC concept does all of the functions normally performed by individual APs and distributes them between two functional components:

Answer 10

AP MAC Functions
WLC MAC Functions

Question 11

Which function?
(AP MAC or WLC MAC)
Beacons and probe responses

Answer 11

AP MAC

Question 12

Which function?
(AP MAC or WLC MAC)
Packet acknowledgements and retransmissions

Answer 12

AP MAC

Question 13

Which function?
(AP MAC or WLC MAC)
Frame queueing and packet prioritization

Answer 13

AP MAC

Question 14

Which function?
(AP MAC or WLC MAC)
MAC layer data encryption and decryption

Answer 14

AP MAC

Question 15

Which function?
(AP MAC or WLC MAC)
Authentication

Answer 15

WLC MAC

Question 16

Which function?
(AP MAC or WLC MAC)
Association and re-association of roaming clients

Answer 16

WLC MAC

Question 17

Which function?
(AP MAC or WLC MAC)
Frame translation to other protocols

Answer 17

WLC MAC

Question 18

Which function?
(AP MAC or WLC MAC)
Termination of 802.11 traffic on a wired interface

Answer 18

WLC MAC

Question 19

___ is a protocol which provides security between the AP and the WLC. It allows them to communicate using encryption and prevents eavesdropping or tampering.

Answer 19

DTLS

Question 20

TRUE OR FALSE
DTLS is enabled by default to secure the CAPWAP control channel but is disabled by default for the data channel

Answer 20

All CAPWAP management and control traffic exchanged between an AP and WLC is encrypted and secured by default to provide control plane privacy and prevent Man-In-the-Middle (MITM) attacks.

Question 21

MITM attacks

Answer 21

Man-In-The-Middle

Question 22

TRUE OR FALSE
Data encryption does not require a DTLS license to be installed on the WLC prior to being enabled on an AP

Answer 22

False
Data encryption requires a DTLS license to be installed on the WLC prior to being enabled on an AP

Question 23

___ is a wireless solution for branch office and remote office deployments. It lets you configure and control access points in a branch office from the corporate office through a WAN link, without deploying a controller in each office.

Answer 23

FlexConnect

Question 24

There are two modes of operation for the FlexConnect AP.
___: The WLC is reachable. In this mode the FlexConnect AP has CAPWAP connectivity with its WLC and can send traffic through the CAPWAP tunnel, as shown in the figure. The WLC performs all its CAPWAP functions.

Answer 24

Connected mode

Question 25

There are two modes of operation for the FlexConnect AP.
__: The WLC is unreachable. The FlexConnect has lost or failed to establish CAPWAP connectivity with its WLC. In this mode, a FlexConnect AP can assume some of the WLC functions such as switching client data traffic locally and performing client authentication locally.

Answer 25

Standalone mode