- All Exams Instant Download
Which feature should be configured to achieve this in a scalable manner?
A network engineer must enforce access control using special tags, without re-engineering the network design. Which feature should be configured to achieve this in a scalable manner?A . SGT B. dACL C. VLAN D. RBACView AnswerAnswer: A
Which alternate method should be used to tell users how to remediate?
MacOS users are complaining about having to read through wordy instructions when remediating their workstations to gam access to the network. Which alternate method should be used to tell users how to remediate?A . URL link B. message text C. executable D. file distributionView AnswerAnswer: A Explanation: https://www.sciencedirect.com/topics/computer-science/remediation-action
Which command most be issued for this to work?
A network administrator is configuring a secondary cisco ISE node from the backup configuration of the primary cisco ISE node to create a high availability pair The Cisco ISE CA certificates and keys must be manually backed up from the primary Cisco ISE and copied into the secondary Cisco ISE....
Which Cisco ISE deployment model is recommended for an enterprise that has over 50,000 concurrent active endpoints?
Which Cisco ISE deployment model is recommended for an enterprise that has over 50,000 concurrent active endpoints?A . large deployment with fully distributed nodes running all personas B. medium deployment with primary and secondary PAN/MnT/pxGrid nodes with shared PSNs C. medium deployment with primary and secondary PAN/MnT/pxGrid nodes with dedicated...
What must be done to accomplish this task effciently?
An organization is migrating its current guest network to Cisco ISE and has 1000 guest users in the current database There are no resources to enter this information into the Cisco ISE database manually. What must be done to accomplish this task effciently?A . Use a CSV file to import...
the administrator use in order to properly profile an ACME Al Connector endpoint for network access with MAC address <MAC ADDRESS>?
An administrator is configuring a new profiling policy within Cisco ISE The organization has several endpoints that are the same device type and all have the same Block ID in their MAC address. The profiler does not currently have a profiling policy created to categorize these endpoints. therefore a custom...
Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?
A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group. Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?A . Keep track of guest user activities B. Configure authorization settings for guest users C. Create and...
this feature?
An engineer is designing a new distributed deployment for Cisco ISE in the network and is considering failover options for the admin nodes. There is a need to ensure that an admin node is available for configuration of policies at all times. What is the requirement to enable this feature?A...
Where in the Layer 2 frame should this be verified?
A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices. Where in the Layer 2 frame should this be verified?A . CMD filed B. 802.1Q filed C. Payload D. 802.1 AE headerView AnswerAnswer: A Explanation: https://www.cisco.com/c/dam/global/en_ca/assets/ciscoconnect/2014/pdfs/policy_defined_segmentation_with_trustsec_rob_bleeker.pdf (slide 25)
What is an advantage of using EAP-TLS over EAP-MS-CHAPv2 for client authentication?
What is an advantage of using EAP-TLS over EAP-MS-CHAPv2 for client authentication?A . EAP-TLS uses a username and password for authentication to enhance security, while EAP-MS-CHAPv2 does not. B. EAP-TLS secures the exchange of credentials, while EAP-MS-CHAPv2 does not. C. EAP-TLS uses a device certificate for authentication to enhance security,...
