Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Security Group Access requires which three syslog messages to be sent to Cisco ISE? (Choose three.)
A. IOS-7-PROXY_DROP
B. AP-1-AUTH_PROXY_DOS_ATTACK
C. MKA-2-MACDROP
D. AUTHMGR-5-MACMOVE
E. ASA-6-CONNECT_BUILT
F. AP-1-AUTH_PROXY_FALLBACK_REQ
Answer: B,D,F
Q2. Which EAP method uses a modified version of the MS-CHAP authentication protocol?
A. EAP-POTP
B. EAP-TLS
C. LEAP
D. EAP-MD5
Answer: C
Q3. Which three statements about the Cisco ISE profiler are true? (Choose three.)
A. It sends endpoint data to AAA servers.
B. It collects endpoint attributes.
C. It stores MAC addresses for endpoint systems.
D. It monitors and polices router and firewall traffic.
E. It matches endpoints to their profiles.
F. It stores endpoints in the Cisco ISE database with their profiles.
Answer: B,E,F
Q4. Which two authentication stores are supported to design a wireless network using PEAP EAP-MSCHAPv2 as the authentication method? (Choose two.)
A. Microsoft Active Directory
B. ACS
C. LDAP
D. RSA Secure-ID
E. Certificate Server
Answer: A,B
Q5. Where must periodic re-authentication be configured to allow a client to come out of the quarantine state and become compliant?
A. on the switch port
B. on the router port
C. on the supplicant
D. on the controller
Answer: A
Q6. Which two conditions are valid when configuring ISE for posturing? (Choose two.)
A. Dictionary
B. member Of
C. Profile status
D. File
E. Service
Answer: D,E
Q7. Which three posture states can be used for authorization rules? (Choose three.)
A. unknown
B. known
C. noncompliant
D. quarantined
E. compliant
F. no access
G. limited
Answer: A,C,E
Q8. Which statement about IOS accounting is true?
A. A named list of AAA methods must be defined.
B. A named list of accounting methods must be defined.
C. Authorization must be configured before accounting.
D. A named list of tracking methods must be defined.
Answer: C
Q9. When MAB is configured, how often are ports reauthenticated by default?
A. every 60 seconds
B. every 90 seconds
C. every 120 seconds
D. never
Answer: D
Q10. When you add a new PSN for guest access services, which two options must be enabled under deployment settings? (Choose two.)
A. Admin
B. Monitoring
C. Policy Service
D. Session Services
E. Profiling
Answer: C,D
Q11. An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups?
A. member of
B. group
C. class
D. person
Answer: A
Q12. Which protocol sends authentication and accounting in different requests?
A. RADIUS
B. TACACS+
C. EAP-Chaining
D. PEAP
E. EAP-TLS
Answer: B
Q13. Which Cisco ISE 1.x protocol can be used to control admin access to network access devices?
A. TACACS+
B. RADIUS
C. EAP
D. Kerberos
Answer: B
Q14. What is a required step when you deploy dynamic VLAN and ACL assignments?
A. Configure the VLAN assignment.
B. Configure the ACL assignment.
C. Configure Cisco IOS Software 802.1X authenticator authorization.
D. Configure the Cisco IOS Software switch for ACL assignment.
Answer: C
Q15. In AAA, what function does authentication perform?
A. It identifies the actions that the user can perform on the device.
B. It identifies the user who is trying to access a device.
C. It identifies the actions that a user has previously taken.
D. It identifies what the user can access.
Answer: B
Q16. Which two statements about administrative access to the Cisco Secure ACS SE are true? (Choose two.)
A. The Cisco Secure ACS SE supports command-line connections through a serial-port connection.
B. For GUI access, an administrative GUI user must be created by using the add-guiadmin command.
C. The Cisco Secure ACS SE supports command-line connections through an Ethernet interface.
D. An ACL-based policy must be configured to allow administrative-user access.
E. GUI access to the Cisco Secure ASC SE is not supported.
Answer: B,D
Q17. Which three remediation actions are supported by the Web Agent for Windows? (Choose three.)
A. Automatic Remediation
B. Message text
C. URL Link
D. File Distribution
E. AV definition update
F. Launch Program
Answer: B,C,D