Filters
Question type
Study Flashcards

In which two ways can users and endpoints be classified for TrustSec? (Choose two.)


A) VLAN
B) dynamic
C) QoS
D) SGACL
E) SXP

F) A) and D)
G) None of the above

Correct Answer

verifed

verified

Which Cisco ISE service allows an engineer to check the compliance of endpoints before connecting to the network?


A) qualys
B) posture
C) personas
D) nexpose

E) C) and D)
F) B) and D)

Correct Answer

verifed

verified

Which profiling probe collects the user-agent string?


A) DHCP
B) HTTP
C) NMAP
D) AD

E) B) and C)
F) A) and C)

Correct Answer

verifed

verified

If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?


A) Client Provisioning
B) BYOD
C) Guest
D) Block list

E) A) and C)
F) A) and B)

Correct Answer

verifed

verified

Which personas can a Cisco ISE node assume?


A) policy service, gatekeeping, and monitoring
B) administration, monitoring, and gatekeeping
C) administration, policy service, and monitoring
D) administration, policy service, gatekeeping

E) A) and C)
F) A) and D)

Correct Answer

verifed

verified

What are two requirements of generating a single certificate in Cisco ISE by using a certificate provisioning portal, without generating a certificate signing request? (Choose two.)


A) Enter the IP address of the device.
B) Enter the common name.
C) Choose the hashing method.
D) Locate the CSV file for the device MAC.
E) Select the certificate template.

F) C) and D)
G) A) and D)

Correct Answer

verifed

verified

Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two.)


A) TCP 80
B) TCP 8905
C) TCP 8443
D) TCP 8906
E) TCP 443

F) None of the above
G) C) and D)

Correct Answer

verifed

verified

If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?


A) Client Provisioning
B) BYOD
C) Guest
D) Blacklist

E) B) and C)
F) All of the above

Correct Answer

verifed

verified

What allows an endpoint to obtain a digital certificate from Cisco ISE during a BYOD flow?


A) Application Visibility and Control
B) Supplicant Provisioning Wizard
C) My Devices Portal
D) Network Access Control

E) A) and B)
F) A) and C)

Correct Answer

verifed

verified

An engineer is configuring web authentication using non-standard ports and needs the switch to redirect traffic to the correct port. Which command should be used to accomplish this task?


A) permit tcp any any eq <port number>
B) ip http port <port number>
C) aaa group server radius
D) aaa group server radius proxy

E) A) and B)
F) B) and D)

Correct Answer

verifed

verified

An engineer is configuring a guest password policy and needs to ensure that the password complexity requirements are set to mitigate brute force attacks. Which two requirements should be included in this policy? (Choose two.)


A) active username limit
B) password expiration period
C) access code control
D) username expiration date
E) minimum password length

F) All of the above
G) A) and D)

Correct Answer

verifed

verified

What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two.)


A) Client Provisioning portal
B) remediation actions
C) updates
D) access policy
E) conditions

F) A) and E)
G) B) and D)

Correct Answer

verifed

verified

Which are two characteristics of TACACS+? (Choose two.)


A) It separates authorization and authentication functions.
B) It combines authorization and authentication functions.
C) It uses UDP port 49.
D) It encrypts the password only.
E) It uses TCP port 49.

F) A) and E)
G) None of the above

Correct Answer

verifed

verified

During BYOD flow, where does a Microsoft Windows PC download the Network Setup Assistant?


A) Microsoft App Store
B) Cisco App Store
C) Cisco ISE directly
D) Native OTA functionality

E) A) and B)
F) A) and C)

Correct Answer

verifed

verified

During BYOD flow, from where does a Microsoft Windows PC download the Network Setup Assistant?


A) Microsoft App Store
B) Cisco App Store
C) Cisco ISE directly
D) Native OTA functionality

E) B) and C)
F) A) and D)

Correct Answer

verifed

verified

What is needed to configure wireless guest access on the network?


A) endpoint already profiled in ISE
B) WEBAUTH ACL for redirection
C) Captive Portal Bypass turned on
D) valid user account in Active Directory

E) A) and B)
F) A) and C)

Correct Answer

verifed

verified

Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles? (Choose two.)


A) ASA
B) Firepower
C) Shell
D) WLC
E) IOS

F) A) and B)
G) A) and E)

Correct Answer

verifed

verified

Which two responses from the RADIUS server to NAS are valid during the authentication process? (Choose two.)


A) access-challenge
B) access-accept
C) access-request
D) access-reserved
E) access-response

F) A) and D)
G) A) and C)

Correct Answer

verifed

verified

What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?


A) State attribute
B) Class attribute
C) Event
D) Cisco-av-pair

E) A) and D)
F) None of the above

Correct Answer

verifed

verified

Which permission is common to the Active Directory Join and Leave operations?


A) Remove the Cisco ISE machine account from the domain.
B) Search Active Directory to see if a Cisco ISE machine account already exists.
C) Set attributes on the Cisco ISE machine account.
D) Create a Cisco ISE machine account in the domain if the machine account does not already exist.

E) All of the above
F) A) and B)

Correct Answer

verifed

verified

Showing 41 - 60 of 65

Related Exams

Exam 1

Supporting Cisco Data Center System Devices (DCTECH)

128 Questions

Exam 2

Cisco Certified Technician Routing & Switching (RSTECH)

48 Questions

Exam 3

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

141 Questions

Exam 4

Cisco Certified Network Associate (CCNA)

411 Questions

Exam 5

Managing Industrial Networks with Cisco Networking Technologies (IMINS)

36 Questions

Exam 6

DevNet Associate (DEVASC)

134 Questions

Exam 7

Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR)

25 Questions

Exam 8

Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)

114 Questions

Exam 9

Implementing Cisco SD-WAN Solutions (ENSDWI)

147 Questions

Exam 10

Designing Cisco Enterprise Networks (ENSLD)

109 Questions

Exam 11

Designing Cisco Enterprise Wireless Networks (300-425 ENWLSD)

106 Questions

Exam 12

Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI)

101 Questions

Exam 13

Automating Cisco Enterprise Solutions (ENAUTO)

84 Questions

Exam 14

Implementing Cisco Service Provider Advanced Routing Solutions (SPRI)

74 Questions

Exam 15

Implementing Cisco Service Provider VPN Services (SPVI)

49 Questions

Exam 16

Designing Cisco Data Center Infrastructure (DCID)

73 Questions

Exam 17

Troubleshooting Cisco Data Center Infrastructure (DCIT)

84 Questions

Exam 18

Implementing Cisco Application Centric Infrastructure (DCACI)

101 Questions

Exam 19

Configuring Cisco MDS 9000 Series Switches (DCSAN)

65 Questions

Exam 20

Implementing Cisco Application Centric Infrastructure - Advanced

36 Questions

Exam 21

Automating Cisco Data Center Solutions (DCAUTO)

36 Questions

Exam 22

Securing Networks with Cisco Firepower (300-710 SNCF)

65 Questions

Exam 23

Implementing and Configuring Cisco Identity Services Engine (300-715 SISE)

130 Questions

Exam 25

Securing the Web with Cisco Web Security Appliance (300-725 SWSA)

75 Questions

Exam 26

Implementing Secure Solutions with Virtual Private Networks (SVPN 300-730)

49 Questions

Exam 27

Automating Cisco Security Solutions (SAUTO)

75 Questions

Exam 28

Implementing Cisco Collaboration Applications (CLICA)

39 Questions

Exam 29

Implementing Cisco Advanced Call Control and Mobility Services (CLASSM)

86 Questions

Exam 30

Implementing Cisco Collaboration Cloud and Edge Solutions

90 Questions

Exam 31

Implementing Cisco Collaboration Conferencing

65 Questions

Exam 32

Automating Cisco Collaboration Solutions (CLAUTO)

27 Questions

Exam 33

Implementing DevOps Solutions and Practices using Cisco Platforms (DEVOPS)

66 Questions

Exam 34

Developing Solutions Using Cisco IoT and Edge Platforms (DEVIOT)

33 Questions

Exam 35

Developing Applications for Cisco Webex and Webex Devices (DEVWBX)

41 Questions

Exam 36

Performing CyberOps Using Core Security Technologies (CBRCOR)

37 Questions

Exam 37

Implementing Cisco Enterprise Network Core Technologies (ENCOR)

106 Questions

Exam 38

Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)

260 Questions

Exam 39

Implementing and Operating Cisco Data Center Core Technologies (DCCOR)

116 Questions

Exam 40

Implementing and Operating Cisco Security Core Technologies

208 Questions

Exam 41

Implementing Cisco Collaboration Core Technologies (CLCOR)

213 Questions

Exam 42

Developing Applications using Cisco Core Platforms and APIs (DEVCOR)

131 Questions

Exam 43

CCDE Design Written

145 Questions

Exam 44

Deploying Cisco Unified Contact Center Express

660 Questions

Exam 45

Cisco Meraki Solutions Specialist

101 Questions

Exam 46

Securing Cisco Networks with Sourcefire FireAMP Endpoints

24 Questions

Exam 47

Designing Cisco Unified Contact Center Enterprise (UCCED)

227 Questions

Exam 48

Implementing and Supporting Cisco Unified Contact Center Enterprise (UCCEIS)

55 Questions

Exam 49

Cisco Collaboration SaaS Authorization Exam

47 Questions

Exam 50

Cisco Security Architecture for System Engineers

56 Questions

Exam 51

Adopting The Cisco Business Architecture Approach (DTBAA)

239 Questions

Exam 52

Cisco Customer Success Manager (CSM)

44 Questions

Exam 53

Mastering The Cisco Business Architecture Discipline (DTBAD)

36 Questions

Show Answer