Which action can you take to ensure that a noncompliant device is checked periodically and re-assessed before allowing access to the network?

ISE can be integrated with an MDM to ensure that only registered devices are allowed on the network, and use the MDM to push policies to the device. Devices can go in and out of compliance either due to policy changes on the MDM server, or another reason. Consider a...

December 19, 2019 No Comments READ MORE +

Which criteria does ASA use for packet classification if multiple contexts share an ingress interface MAC address?

Which criteria does ASA use for packet classification if multiple contexts share an ingress interface MAC address? A, ASA ingress interface IP address B. policy-based routing on ASA D. destination MAC address E. ASA ingress interface MAC address G. ASA egress interface IP addressView AnswerAnswer: E 

December 19, 2019 No Comments READ MORE +

Which two authentication methods can ensure that an employee on a personal device cant use his or her Active Directory credentials to log on to the network by simply reconfiguring their supplicant to use 802.1x and getting unfettered access?

In an effort to secure your enterprise campus network, any endpoint that connects to the network must authenticate before being granted access. For all corporate-owned endpoints, such as laptops, mobile phones and tables, you would like to enable 802. 1x and once authenticated allow full access to the network. For...

December 18, 2019 No Comments READ MORE +

In a large organization, with thousands of employees scattered across the globe, it is difficult to provision and onboard new employee devices with the correct profiles and certificates.

In a large organization, with thousands of employees scattered across the globe, it is difficult to provision and onboard new employee devices with the correct profiles and certificates. With ISE, it is possible to do client provided which four conditions are met. (Choose four)A . Endpoint operating System should be...

December 18, 2019 No Comments READ MORE +

Looking at the configuration what may cause the MAB authentication to fail for a supplicant?

Refer to the exhibit. aaa authentication login default group radius aaa authentication login NO_AUTH none aaa authentication login vty local aaa authentication dot1x default group radius aaa authorization network default group radius aaa accounting update newinfo aaa accounting dot1x default start-stop group radius ! ip dhcp excluded-address 60.1.1.11 ip dhcp...

December 17, 2019 No Comments READ MORE +

Which statement correctly describes Botnet attack?

Which statement correctly describes Botnet attack?A . It is launched by a single machine controlled by command and control systemB . It can be used to steal dataC . It is launched by a collection of noncompromised machines controllers by command and control systemD . It is a form of...

December 17, 2019 No Comments READ MORE +

Which possible cause is true?

7.21 configured ipv4, authenticated instance invalid, unsynced, stratum 16 ref ID INIT, time 00000000 0000000 (17:00:00.000 ccie Wed Dec 31, 1899) R2 is getting time synchronized from NTP server R1. It has been reported that clock on R2 cannot associate with the NTP server R1. Which possible cause is true?A...

December 16, 2019 No Comments READ MORE +

Which two commands must the help Desk enter on the IOS device to access privilege level 15?

In your ISE design, there are two TACACS profiles that are created for a device administration: Help Desk_Profile, and IOS_Admin_Profile. The Help Desk profile should login the user with privilege 1, with ability to change privilege level to 15. The Admin profile should login the user with privilege 15 by...

December 16, 2019 No Comments READ MORE +

Which statement about the Sender Base functionality is true?

Which statement about the Sender Base functionality is true?A . ESA sees a high negative score from Sender Base as very unlikely that sender is sending spamB . Sender Base uses DNS-based blacklist as one of the sources of information to define reputation score of sender’s IP address.C . WSA...

December 16, 2019 No Comments READ MORE +

Which statement about OSPFv2 configuration on ASA is true?

Which statement about OSPFv2 configuration on ASA is true?A . It does not support stub areas and not-so-stubby areasB . It only supports MD5 authentication with the peersC . Routing decision is based on the hop counts to the destinationD . It does not support virtual linksE . It allows...

December 15, 2019 No Comments READ MORE +