Tag Archives: endpoints

Which TWO statements are TRUE about using an Autonomous Database with Private Endpoints

Which TWO statements are TRUE about using an Autonomous Database with Private Endpoints A. A Network Security Group is required within your Virtual Cloud Network before you can provision a Shared Autonomous Database to use Private Endpoints B. An Autonomous Database with private endpoints can be accessed from the public internet by adding your ip address to an… Read More »

In a Cisco SD-Access fabric, which control plane protocol is used for mapping and resolving endpoints?

A. DHCP B. VXLAN C. SXP D. LISP Answer: Option D. Explanation:  No answer description available for this question Show AnswerDiscussion The post In a Cisco SD-Access fabric, which control plane protocol is used for mapping and resolving endpoints? appeared first on Majanto.

An administrator is adding network devices for a new medical building into Cisco ISE. These devices must be in a network device group that is identifying them as “Medical Switch” so that the policies can be made separately for the endpoints connecting through them. Which configuration item must be changed in the network device within Cisco ISE to accomplish this goal?

A. Change the device profile to Medical Switch. B. Change the device type to Medical Switch. C. Change the device location to Medical Switch. D. Change the model name to Medical Switch. Answer: Option B. Explanation:  No answer description available for this question Show AnswerDiscussion The post An administrator is adding network devices for a new medical building… Read More »

A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network. Which EAP type must be configured by the network administrator to complete this task?

A. EAP-TTLS B. EAP-TLS C. EAP-FAST D. EAP-PEAP-MSCHAPv2 Answer: Option B. Explanation:  Reference: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/214975configure-eap-tls- authentication-with-is.html Show AnswerDiscussion The post A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be… Read More »

An organization is adding new profiling probes to the system to improve profiling on Cisco ISE. The probes must support a common network management protocol to receive information about the endpoints and the ports to which they are connected. What must be configured on the network device to accomplish this goal?

A. ICMP B. WCCP C. ARP D. SNMP Answer: Option D. Explanation:  Reference: https://en.wikipedia.org/wiki/Simple_Network_Management_Protocol Show AnswerDiscussion The post An organization is adding new profiling probes to the system to improve profiling on Cisco ISE. The probes must support a common network management protocol to receive information about the endpoints and the ports to which they are connected.<br> What… Read More »

An organization has a fully distributed Cisco ISE deployment. When implementing probes, an administrator must scan for unknown endpoints to learn the IP-to- MAC address bindings The scan is complete on one PSN, but the information is not available on the others. What must be done to make the information available?

A. Cisco ISE must be configured to learn the IP-MAC binding of unknown endpoints via RADIUS authentication, not via scanning. B. Cisco ISE must learn the IP-MAC binding of unknown endpoints via DHCP profiling, not via scanning. C. Scanning must be initiated from the MnT node to centrally gather the information. D. Scanning must be initiated from the… Read More »

An administrator is configuring a switch port for use with 802.1X. What must be done so that the port will allow voice and multiple data endpoints?

A. Connect a hub to the switch port to allow multiple devices access after authentication. B. Configure the port with the authentication host-mode multi-auth command. C. Connect the data devices to the port, then attach the phone behind them. D. Use the command authentication host-mode multi-domain on the port. Answer: Option B. Explanation:  Reference: https://networklessons.com/cisco/ccie-routing-switching-written/mac-authentication-bypass-mab Show AnswerDiscussion The… Read More »

An administrator is manually adding a device to a Cisco ISE identity group to ensure that it is able to access the network when needed without authentication Upon testing, the administrator notices that the device never hits the correct authorization policy line using the condition EndPoints LogicalProfile EQUALS static_list Why is this occurring?

A. The dynamic logical profile is overriding the statically assigned profile B. The device is changing identity groups after profiling instead ot remaining static C. The logical profile is being statically assigned instead of the identity group D. The identity group is being assigned instead of the logical profile Answer: Option C. Explanation:  No answer description available for… Read More »

What gives Cisco ISE an option to scan endpoints for vulnerabilities?

A. authentication policy B. authorization profile C. authentication profile D. authorization policy Answer: Option B. Explanation:  Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_010100.html Show AnswerDiscussion The post What gives Cisco ISE an option to scan endpoints for vulnerabilities? appeared first on Majanto.

Which two probes must be enabled for the ARP cache to function in the Cisco ISE profiling service so that a user can reliably bind the IP addresses and MAC addresses of endpoints? (Choose two.)

A. SNMP B. HTTP C. RADIUS D. DHCP E. NetFlow Answer: Option C, D. Explanation:  Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010100.html Show AnswerDiscussion The post Which two probes must be enabled for the ARP cache to function in the Cisco ISE profiling service so that a user can reliably bind the IP addresses and MAC addresses of endpoints? (Choose two.) appeared first… Read More »