Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. What three changes require restarting the application service on an ISE node?.(Choose three.)
A. Registering a node.
B. Changing the primary node to standalone.
C. Promoting the administration node.
D. Installing the root CA certificate.
E. Changing the guest portal default port settings.
F. Adding a network access device.
Answer: A,B,C
Q2. Which command enables static PAT for TCP port 25?
A. nat (outside,inside) static 209.165.201.3 209.165.201.226 eq smtp
B. nat static 209.165.201.3 eq smtp
C. nat (inside,outside) static 209.165.201.3 service tcp smtp smtp
D. static (inside,outside) 209.165.201.3 209.165.201.226 netmask 255.255.255.255
Answer: C
Q3. A network engineer is configuring HTTP based CWA on a switch. Which three configuration elements are required? (Choose three.)
A. HTTP server enabled
B. Radius authentication on the port with MAB
C. Redirect access-list
D. Redirect-URL
E. HTTP secure server enabled
F. Radius authentication on the port with 802.1x
G. Pre-auth port based access-list
Answer: A,B,C
Q4. A network administrator needs to implement a service that enables granular control of IOS commands that can be executed. Which AAA authentication method should be selected?
A. TACACS+
B. RADIUS
C. Windows Active Directory
D. Generic LDAP
Answer: A
Q5. Which command configures console port authorization under line con 0?
A. authorization default|WORD
B. authorization exec line con 0|WORD
C. authorization line con 0|WORD
D. authorization exec default|WORD
Answer: D
Q6. Which model does Cisco support in a RADIUS change of authorization implementation?
A. push
B. pull
C. policy
D. security
Answer: A
Q7. Which five portals are provided by PSN? (Choose five.)
A. guest
B. sponsor
C. my devices
D. blacklist
E. client provisioning
F. admin
G. monitoring and troubleshooting
Answer: A,B,C,D,E
Q8. Refer to the exhibit.
Which three statements about the given configuration are true? (Choose three.)
A. TACACS+ authentication configuration is complete.
B. TACACS+ authentication configuration is incomplete.
C. TACACS+ server hosts are configured correctly.
D. TACACS+ server hosts are misconfigured.
E. The TACACS+ server key is encrypted.
F. The TACACS+ server key is unencrypted.
Answer: B,C,F
Q9. Which two options are valid for configuring IEEE 802.1AE MACSec between switches in a TrustSec network? (Choose two.)
A. manually on links between supported switches
B. in the Cisco Identity Services Engine
C. in the global configuration of a TrustSec non-seed switch
D. dynamically on links between supported switches
E. in the Cisco Secure Access Control System
F. in the global configuration of a TrustSec seed switch
Answer: A,D
Q10. Which two profile attributes can be collected by a Cisco Catalyst Switch that supports Device Sensor? (Choose two.)
A. LLDP agent information
B. user agent
C. DHCP options
D. open ports
E. operating system
F. trunk ports
Answer: A,C
Q11. When you add a new PSN for guest access services, which two options must be enabled under deployment settings? (Choose two.)
A. Admin
B. Monitoring
C. Policy Service
D. Session Services
E. Profiling
Answer: C,D
Q12. Which administrative role has permission to assign Security Group Access Control Lists?
A. System Admin
B. Network Device Admin
C. Policy Admin
D. Identity Admin
Answer: C
Q13. Which EAP method uses a modified version of the MS-CHAP authentication protocol?
A. EAP-POTP
B. EAP-TLS
C. LEAP
D. EAP-MD5
Answer: C
Q14. Which two conditions are valid when configuring ISE for posturing? (Choose two.)
A. Dictionary
B. member Of
C. Profile status
D. File
E. Service
Answer: D,E
Q15. Where must periodic re-authentication be configured to allow a client to come out of the quarantine state and become compliant?
A. on the switch port
B. on the router port
C. on the supplicant
D. on the controller
Answer: A
Q16. In the command 'aaa authentication default group tacacs local', how is the word 'default' defined?
A. Command set
B. Group name
C. Method list
D. Login type
Answer: C
Q17. In this simulation, you are task to examine the various authentication events using the ISE GUI. For example, you should see events like Authentication succeeded. Authentication failed and etc...
Which four statements are correct regarding the event that occurred at 2014-05-07 00:19:07.004? (Choose four.)
A. The IT_Corp authorization profile were applied.
B. The it1 user was matched to the IT_Corp authorization policy.
C. The it1 user supplicant used the PEAP (EAP-MSCHAPv2) authentication method.
D. The it1 user was authenticated using MAB.
E. The it1 user was successfully authenticated against AD1 identity store.
F. The it1 user machine has been profiled as a Microsoft-Workstation.
G. The it1 user machine has passed all the posture assessement tests.
Answer: B,C,E,F
Explanation:
Here are the details shown for this event:
Screen Shot 2015-06-23 at 5.27.37 PM