لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
An administrator is configuring posture assessment in Cisco ISE for the first time. Which two components must be uploaded to Cisco ISE to use Secure Client for the agent configuration in a client provisioning policy?
A. ecure Client network visibility module
B. ecure Client compliance module
C. ecureClientProfile
D. ecure Client agent image
E. ecureClientProfile
عرض الإجابة
اجابة صحيحة: BD
السؤال #2
An engineer wants to learn more about Cisco ISE and deployed a new lab with two nodes. Which two persona configurations allow the engineer to successfully test redundancy of a failed node?
A. onfigure both nodes with the PAN, MnT, and PSN personas
B. onfigure one of the Cisco ISE nodes as the primary PAN and PSN personas and the other as the secondary
C. onfigure one of the Cisco ISE nodes as the primary PAN and MnT personas and the other as the secondary
D. onfigure both nodes with the PAN and MnT personas only
E. onfigure one of the Cisco ISE nodes as the Health Check node
عرض الإجابة
اجابة صحيحة: AC
السؤال #3
An administrator is troubleshooting an endpoint that is supposed to bypass 802.1X and use MAB. The endpoint is bypassing 802.1X and successfully getting network access using MAB, however the endpoint cannot communicate because it cannot obtain an IP address. What is the problem?
A. n ACL on the port is blocking HTTP traffic
B. he endpoint is using the wrong protocol to authenticate with Cisco ISE
C. he 802
D. he DHCP probe for Cisco ISE is not working as expected
عرض الإجابة
اجابة صحيحة: C
السؤال #4
An administrator is configuring a Cisco WLC for web authentication. Which two client profiling methods are enabled by default if the Apply Cisco ISE Default Settings check box has been selected?
A. HCP
B. DP
C. NMP
D. LDP
E. TT
عرض الإجابة
اجابة صحيحة: AE
السؤال #5
An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants. Which portal must the security engineer configure to accomplish this task?
A. y Devices
B. DM
C. lient Provisioning
D. YO
عرض الإجابة
اجابة صحيحة: A
السؤال #6
Which two authentication protocols are supported by RADIUS but not by TACACS+?
A. SCHAPv2
B. HAP
C. SCHAPv1
D. AP
E. A
عرض الإجابة
اجابة صحيحة: AE
السؤال #7
An engineer is deploying Cisco ISE to use 802.1x authentication for controlling access to the company's wired network. The request from company management is to minimize the impact on users during the rollout of 802.1x on the company switches. Which mode must be used first in a phased 802.1X deployment to fulfill this request?
A. ow-Impact
B. losed
C. pen
D. onito
عرض الإجابة
اجابة صحيحة: C
السؤال #8
An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords. Which two features must be configured to allow for this?
A. otspot guest portal
B. entral WebAuth
C. elf-registered guest portal
D. evice registration WebAuth
E. ocal WebAut
عرض الإجابة
اجابة صحيحة: AD
السؤال #9
Which two probes provide IP-to-MAC address binding information to the ARP cache in Cisco ISE?
A. HCP
B. TTP
C. NS
D. etFlow
E. ADIU
عرض الإجابة
اجابة صحيحة: AE
السؤال #10
An engineer must configure an HTTP probe on a Cisco ISE virtual appliance running on VMWare using a dedicated interface for profiling. The interface is assigned to the VM Network port group. The engineer is logged into the hypervisor with a user account that only provides access to the Cisco ISE VM and the network settings for the VM. Which security setting must be changed for this interface to accept SPAN traffic?
A. et Promiscuous mode to Accept in the Switch properties
B. et Promiscuous mode to Inherit from Switch in the Port Group properties
C. et Promiscuous mode to Inherit from Port Group in the Switch properties
D. et Promiscuous mode to Accept in the Port Group properties
عرض الإجابة
اجابة صحيحة: A
السؤال #11
An organization wants to enable web-based guest access for both employees and visitors. The goal is to use a single portal for both user types. Which two authentication methods should be used to meet this requirement?
A. ertificate-based
B. AC-based
C. OCAL
D. DAP
E. 02
عرض الإجابة
اجابة صحيحة: CD
السؤال #12
An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the default guest types. How should this configuration change be made without disrupting the other guest services currently offering three or more guest devices per user?
A. reate a new sponsor group and adjust the settings to limit the devices for each guest
B. reate an LDAP login for each guest and tag that in the guest portal for authentication
C. reate a new guest type and set the maximum number of devices sponsored guests can register
D. reate an ISE identity group to add users to and limit the number of logins via the group configuration
عرض الإجابة
اجابة صحيحة: C
السؤال #13
An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured, in addition to Active Directory groups, to achieve this goal?
A. ibrary Condition for External Identity: External Groups
B. DAP External Identity Sources
C. ibrary Condition for Identity Group: User Identity Group
D. dentity Source Sequences
E. ctive Directory External Identity Source
عرض الإجابة
اجابة صحيحة: AE
السؤال #14
A network administrator is configuring a secondary Cisco ISE node from the backup configuration of the primary Cisco ISE node to create a high availability pair. The Cisco ISE CA certificates and keys must be manually backed up from the primary Cisco ISE and copied into the secondary Cisco ISE. Which command must be issued for this to work?
A. pplication configure ise
B. ertificate configure ise
C. opy certificate ise
D. mport certificate is
عرض الإجابة
اجابة صحيحة: A
السؤال #15
Due to a recent network incident, all access to network devices must be centrally logged and tracked in Cisco ISE. On which nodes must the Device Admin service be enabled?
A. ach PSN
B. ach PAN
C. ne PSN
D. ne PA
عرض الإجابة
اجابة صحيحة: A
السؤال #16
An administrator is configuring an AD domain to be used with authentication for endpoints and users within Cisco ISE. Which two steps are required to configure this to be used as an external identity store?
A. onfigure Active Directory Schema
B. dd an Authentication Joint Point
C. onfigure Authentication Domains
D. dd an Active Directory Join Point
E. onfigure Active Directory Domain
عرض الإجابة
اجابة صحيحة: DE
السؤال #17
To configure BYOD using Cisco ISE, an administrator is considering issuing certificates to the devices connecting to provide a better user experience. Extemal CA servers cannot be used for this purpose because everything must be local to the Cisco ISE. What must be done to accomplish this?
A. onfigure the Cisco ISE Internal CA to issue certificates to each endpoint connecting to the BYOD network
B. se ISE as a sub CA for the BYOD portal and redirect users to the Root CA for certificate issuance
C. onfigure MS SCEP so that endpoints can query their local AD server for the correct certificate
D. se the captive portal network assistant to issue certificates to the endpoints as they authenticate
عرض الإجابة
اجابة صحيحة: A
السؤال #18
A network engineer is configuring a new certificate template on the internal CA within Cisco ISE to provision certificates to BYOD devices that must be enrolled in the network. What must be configured in the SAN field of the certificate to identify the devices after enrollment?
A. ser principal name
B. AC address
C. ommon name
D. mail addres
عرض الإجابة
اجابة صحيحة: B
السؤال #19
An engineer tests Cisco ISE posture services on the network and must configure the compliance module to automatically download and install on endpoints. Which action accomplishes this task for VPN users?
A. ush the compliance module from Cisco FTD prior to attempting posture
B. reate a Cisco AnyConnect configuration and Client Provisioning policy within Cisco ISE
C. se a compound posture condition to check for the compliance module and download, if needed
D. onfigure the compliance module to be downloaded from within the posture policy
عرض الإجابة
اجابة صحيحة: B
السؤال #20
A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network. Which EAP type must be configured by the network administrator to complete this task?
A. AP-PEAP-MSCHAPv2
B. AP-TLS
C. AP-TTLS
D. AP-FAS
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: