A network engineer is configuring guest access and notices that when a guest user
registers a second device for access, the first device loses access What must be done to
ensure that both devices for a particular user are able to access the guest network
simultaneously?
A.
Configure the sponsor group to increase the number of logins.
B.
Use a custom portal to increase the number of logins
C.
Modify the guest type to increase the number of maximum devices
D.
Create an Adaptive Network Control policy to increase the number of devices
Modify the guest type to increase the number of maximum devices
MacOS users are complaining about having to read through wordy instructions when remediating their workstations to gam access to the network Which alternate method should be used to tell users how to remediate?
A.
URL link
B.
Bmessage text
C.
executable
D.
file distribution
URL link
A network administrator is configuring a secondary cisco ISE node from the backup
configuration of the primary cisco ISE node to create a high availability pair The Cisco ISE
CA certificates and keys must be manually backed up from the primary Cisco ISE and
copied into the secondary Cisco ISE Which command most be issued for this to work?
A.
copy certificate Ise
B.
application configure Ise
C.
certificate configure Ise
D.
Import certificate Ise
copy certificate Ise
An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic. Which type of access list should be used for this configuration?
A.
reflexive ACL
B.
extended ACL
C.
standard ACL
D.
numbered ACL
extended ACL
A network security engineer needs to configure 802.1X port authentication to allow a single
host to be authenticated for data and another single host to be authenticated for voice. Which command should the engineer run on the interface to accomplish this goal?
A.
authentication host-mode single-host
B.
authentication host-mode multi-auth
C.
authentication host-mode multi-host
D.
authentication host-mode multi-domain
authentication host-mode multi-domain
When creating a policy within Cisco ISE for network access control, the administrator wants to allow different access restrictions based upon the wireless SSID to which the device is connecting. Which policy condition must be used in order to accomplish this?
A.
Network Access NetworkDeviceName CONTAINS <SSID Name>
B.
DEVICE Device Type CONTAINS <SSID Name>
C.
Radius Called-Station-ID CONTAINS <SSID Name>
D.
Airespace Airespace-Wlan-ld CONTAINS <SSID Name>
Radius Called-Station-ID CONTAINS <SSID Name>
An organization is hosting a conference and must make guest accounts for several of the
speakers attending. The conference ended two days early but the guest accounts are still
being used to access the network. What must be configured to correct this?
A.
Create an authorization rule denying sponsored guest access.
B.
Navigate to the Guest Portal and delete the guest accounts.
C.
Create an authorization rule denying guest access.
D.
Navigate to the Sponsor Portal and suspend the guest accounts
Navigate to the Sponsor Portal and suspend the guest accounts
What must be configured on the WLC to configure Central Web Authentication using Cisco ISE and a WLC?
A.
Set the NAC State option to SNMP NAC.
B.
Set the NAC State option to RADIUS NAC.
C.
Use the radius-server vsa send authentication command.
D.
Use the ip access-group webauth in command.
Set the NAC State option to RADIUS NAC.
A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices Where in the Layer 2 frame should this be verified?
A.
CMD filed
B.
802.1Q filed
C.
Payload
D.
802.1 AE header
CMD filed
Explanation:
https://www.cisco.com/c/dam/global/en_ca/assets/ciscoconnect/2014/pdfs/policy_defined_
segmentation_with_trustsec_rob_bleeker.pdf (slide 25)
Refer to the exhibit:
Which switch configuration change will allow only one voice and one data endpoint on each port?
A.
Multi-auth to multi-domain
B.
Mab to dot1x
C.
Auto to manual
D.
Multi-auth to single-auth
Multi-auth to multi-domain
Explanation: https://community.cisco.com/t5/network-access-control/cisco-ise-multi-author-
multi-host/m-p/3750907
A network engineer is configuring a network device that needs to filter traffic based on
security group tags using a security policy on a routed into this task?
A.
cts authorization list
B.
cts role-based enforcement
C.
cts cache enable
D.
cts role-based policy priority-static
cts role-based enforcement
An organization is adding new profiling probes to the system to improve profiling on Oseo ISE The probes must support a common network management protocol to receive information about the endpoints and the ports to which they are connected What must be configured on the network device to accomplish this goal?
A.
ARP
B.
SNMP
C.
WCCP
D.
ICMP
ICMP
| Page 7 out of 20 Pages |
| Previous |