- All Exams Instant Download
Which type of ISE default guest account must be used to allow this access1?
A new consultant must be granted network access for only six months. Which type of ISE default guest account must be used to allow this access1?A . contractorB . temporaryC . employeeD . annualView AnswerAnswer: A Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_01110.pdf
Which two classification options must the engineer select to accomplish this task?
A security engineer must provision dynamic TrustSec classifications. Which two classification options must the engineer select to accomplish this task? (Choose two.)A . interfaceB . 802.1XC . MABD . IP subnetE . VLANView AnswerAnswer: BC Explanation: Reference: https://www.cisco.com/c/dam/en/us/solutions/collateral/borderless-networks/trustsec/C07-730151-00_overview_of_trustSec_og.pdf page 11
In an ISE 1.3 environment which two remediation types are supported on the NAC agent for Macintosh1? (Choose two.)
In an ISE 1.3 environment which two remediation types are supported on the NAC agent for Macintosh1? (Choose two.)A . antivirus remediation (manual)B . link remediation (automatic)C . link remediation (manual)D . antivirus remediation (automatic)E . antispyware remediation (manual)View AnswerAnswer: AC Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_pos_pol.html Table 24.3
Which two logs would help in isolating the issue?
While troubleshooting a posture assessment issue on a Windows PC, the NAC Agent is not popping up as expected. Which two logs would help in isolating the issue? (Choose two.)A . Cisco AnyConnect ISE posture logsB . NAC agent logsC . Dart bundleD . Cisco ISE profiler log fileE ....
Which type of SGT propagation does a WLC in a data center require?
Which type of SGT propagation does a WLC in a data center require?A . SXPB . SGT ReflectorC . SGT inline taggingD . SGT ReflectorView AnswerAnswer: C
Which two features are supported by named access list, but not numbered access list? (Choose two.)
Which two features are supported by named access list, but not numbered access list? (Choose two.)A . IP options filteringB . Timed-Based Access ControlC . noncontiguous portsD . upper-layer session informationE . Context-Based Access ControlView AnswerAnswer: AC Explanation: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-acl-named.pdf
Which portals must the security engineer configure to accomplish this task?
An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants. Which portals must the security engineer configure to accomplish this task?A . Client Provisioning PortalsB . BYOD PortalsC . My Devices PortalsD . MDM PortalsView AnswerAnswer: C
Which command is needed to enable dotlx globally on the switch?
Which command is needed to enable dotlx globally on the switch?A . aaa authentication dotlx default group radiusB . dotlx system-auth-controlC . dotlx pae authenticatorD . authentication port-control autoView AnswerAnswer: B Explanation: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_8021x/configuration/xe-3se/3850/secuser- 8021x-xe-3se-3850-book/config-ieee-802x-pba.html
Which ISE flow mode does this diagram represent?
Refer to the exhibit. Which ISE flow mode does this diagram represent?A . closed modeB . low-impact modeC . application modeD . monitor modeView AnswerAnswer: A
Which two protocols does Cisco Prime Infrastructure use for device discovery? (Choose two.)
Which two protocols does Cisco Prime Infrastructure use for device discovery? (Choose two.)A . SNAPB . LLDPC . RARPD . DNSE . LACPView AnswerAnswer: BD
