• 4.9/5.0
  • 102 Questions
  • Updated on: 8-Jul-2026
  • Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0
  • 21025 Prepared

Free Cisco 350-101 Practice Questions 2026 | Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0


Client Connectivity Configuration

A network administrator at a marketing company is deploying a Cisco Catalyst 9800 Series Wireless Controller running Cisco IOS XE 17.x. The corporate WLAN named XYZ-Guest supports visitor devices. To address intermittent connectivity issues due to client association limits and short session timeouts, the network administrator must optimize the WLAN to allow more client connections and extend session timeouts for the devices. The administrator must set the maximum number of clients for the XYZ-Guest WLAN to 50 and must set a session timeout to prevent frequent device disconnections. Which two commands must be configured on the controller? (Choose two.)

A. wlan XYZ-Guest 1 XYZ-Guest client max-association 50

B. wireless profile policy XYZ-Guest-Pol client session timeout 2800

C. wlan XYZ-Guest 1 XYZ-Guest client session timeout 2800

D. wireless profile policy XYZ-Guest-Pol session timeout 2800

E. wlan XYZ-Guest 1 XYZ-Guest client association limit 50

C.   wlan XYZ-Guest 1 XYZ-Guest client session timeout 2800
E.   wlan XYZ-Guest 1 XYZ-Guest client association limit 50



A network administrator is working on a Cisco Catalyst 9800 WLC running Cisco IOS XE Software to enable user access for staff smartphones using WPA2-Enterprise with RADIUS. The administrator verifies the external authentication configuration and plans to test network connectivity. Which configuration command must be added to the box in the code to configure the WLC to support authentication with an external server?

A. security wpa enable

B. security dot1x authentication-list rad-group

C. security dot1x method-list rad-group

D. security wpa wpa2 akm dot1x

D.   security wpa wpa2 akm dot1x

A retail store is setting up guest Wi-Fi on a Cisco 9800 WLC. The IT team has these requirements: When a guests associates, they are prompted for web authentication.
After login, traffic is restricted to internet-only access.
Guest WLAN must be available throughout all sales floors.
Guest WLAN must not impact the existing corporate WLAN.
Guest SSID must not require a password.
Which set of configurations must the IT team deploy to meet the requirements?

A. WPA2-Enterprise authentication on the guest WLAN and use dynamic VLAN assignment

B. Local web authentication on the guest SSID and apply ACLs to allow all traffic except FTP and SSH from the guest WLAN.

C. Central web authentication on the guest WLAN and apply an ACL that denies traffic between devices that use the internal subnets.

D. MAC filtering on the guest WLAN and enable client exclusion for segregation.

C.   Central web authentication on the guest WLAN and apply an ACL that denies traffic between devices that use the internal subnets.

Which feature enables fast secure roaming in a wireless network?

A. DCA

B. 802.11r

C. 802.11ax

D. MIMO

B.   802.11r



Refer to the exhibit. A network engineer must create a PSK WLAN that will be anchored to the DMZ. After this WLAN is created, users cannot connect to it. Based on the output from the RA trace, which action must the engineer take to resolve the issue?

A. Disable fast transition 802.11r on the WLAN.

B. Configure matching passwords on the client and the WLAN.

C. Remove the anchor WLC from the mobility group.

D. Configure matching WLANs on the foreign and the anchor.

B.   Configure matching passwords on the client and the WLAN.

Exhibit:

Refer to the exhibit. An enterprise is deploying Cisco Catalyst 9800 WLCs and is using Catalyst Center as the management platform to oversee wireless access policies. To meet the organization's compliance requirements, all wireless endpoints must be evaluated with security posture validation before gaining access. Which set of CLI commands must be added to the box in the code to complete the configuration?

A. aaa-overridenac-policy

B. wireless profile policy my-policyaaa-override

C. aaa-overridenac

D. wireless profile policyaaa-override

C.   aaa-overridenac



Refer to the exhibit. An engineer must configure a wireless guest WLAN, which requires clients to use VLAN 10 for a deployment at site A. Based on the configuration commands shown, which additional configuration meets the requirements?

A. wlan guest-ssid 4 guest-ssidaccess vlan 10no shutdown

B. wlan guest-ssid 4 guest-ssidvlan 10no shutdown

C. wlan policy profile guest-policyaccess vlan 10no shutdown

D. wireless profile policy guest-policyvlan 10no shutdown

A.   wlan guest-ssid 4 guest-ssidaccess vlan 10no shutdown

A network engineer must isolate all guest users connected to the WLAN on a Cisco 9800 WLC so they cannot communicate with each other but can access the internet. The WLAN must meet these requirements:
•SSID named VisitorAccess assigned to VLAN 30
•guests prohibited from sharing files with other guests
•must be scalable to multiple access points in the building
Which action must the network engineer take to meet the requirements?

A. Enable P2P blocking in the policy profile and map the WLAN to a dedicated guest VLAN.

B. Set up local authentication and map the WLAN to a dedicated guest VLAN.

C. Set up a FlexConnect group and use local switching for the guest WLAN internet access.

D. Enable multicast mode and associate a RADIUS server with the guest WLAN.

A.   Enable P2P blocking in the policy profile and map the WLAN to a dedicated guest VLAN.



Refer to the exhibit. An engineer configured a static IP address on a LWAPP, but it is not reachable for management. The engineer configured the wrong gateway and must now change the default gateway to 172.16.100.1. Which CLI command must the engineer use?

A. capwap ap ip default-gateway 172.16.100.1

B. capwap ap controller ip address 172.16.100.1

C. capwap ap ip 172.16.100.104 255.255.255.192 172.16.100.1

D. capwap ap ip 172.16.100.104 255.255.255.0 172.16.100.1

D.   capwap ap ip 172.16.100.104 255.255.255.0 172.16.100.1

Exhibit:

Refer to the exhibit. An onsite engineer is working to connect devices to the wireless network in a corporate environment. The network requirements dictate that WPA2-Enterprise security must be used with certificatebased mutual authentication to align with enterprise policy, which requires client and server certificates for secure access. After the initial wireless settings are applied on a Windows-based workstation, the engineer must select the appropriate authentication method in the client network properties to complete a successful enterprise Wi-Fi connection. Which option in the "Choose a network authentication method" dropdown meets this requirement?

A. MSCHAPv2

B. TEAP

C. EAP-TLS

D. PEAP

C.   EAP-TLS

Page 4 out of 11 Pages