Tag Archives: ISE

An engineer has configured Cisco ISE to assign VLANs to clients based on their method of authentication, but this is not working as expected. Which action will resolve this issue?

Refer to the exhibit. An engineer has configured Cisco ISE to assign VLANs to clients based on their method of authentication, but this is not working as expected. Which action will resolve this issue? A. enable AAA override B. set a NAC state C. utilize RADIUS profiling D. require a DHCP address assignment Answer: Option C. Explanation: No… Read More »

Which two features must be used on Cisco ISE to enable the TACACS+ feature? (Choose two.)

A. Command Sets B. Server Sequence C. Device Administration License D. External TACACS Servers E. Device Admin Service Answer: Option C, E. Explanation: No answer description available for this question Show AnswerDiscussion The post Which two features must be used on Cisco ISE to enable the TACACS+ feature? (Choose two.) appeared first on Majanto.

What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two.)

A. Client Provisioning portal B. remediation actions C. updates D. access policy E. conditions Answer: Option B, E. Explanation: No answer description available for this question Show AnswerDiscussion The post What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two.) appeared first on Majanto.

A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group. Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?

A. Keep track of guest user activities. B. Create and manage guest user accounts. C. Configure authorization settings for guest users. D. Authenticate guest users to Cisco ISE. Answer: Option B. Explanation: No answer description available for this question Show AnswerDiscussion The post A network administrator has just added a front desk receptionist account to the Cisco ISE… Read More »

An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones. The phones do not have the ability to authenticate via 802.1X. Which command is needed on each switch port for authentication?

A. dot1x system-auth-control B. enable bypass-MAC C. enable network-authentication D. mab Answer: Option D. Explanation: No answer description available for this question Show AnswerDiscussion The post An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones. The phones do not have the ability to authenticate via 802.1X. <br>Which… Read More »

An engineer is implementing Cisco ISE and needs to configure 802.1X. The port settings are configured for port-based authentication. Which command should be used to complete this configuration?

A. aaa authentication dot1x default group radius B. dot1x system-auth-control C. authentication port-control auto D. dot1x pae authenticator Answer: Option B. Explanation: No answer description available for this question Show AnswerDiscussion The post An engineer is implementing Cisco ISE and needs to configure 802.1X. The port settings are configured for port-based authentication.<br> Which command should be used to… Read More »

What occurs when a Cisco ISE distributed deployment has two nodes and the secondary node is deregistered?

A. The secondary node restarts. B. The primary node restarts. C. Both nodes restart. D. The primary node becomes standalone. Answer: Option C. Explanation: No answer description available for this question Show AnswerDiscussion The post What occurs when a Cisco ISE distributed deployment has two nodes and the secondary node is deregistered? appeared first on Majanto.

Which personas can a Cisco ISE node assume?

A. policy service, gatekeeping, and monitoring B. administration, monitoring, and gatekeeping C. administration, policy service, and monitoring D. administration, policy service, gatekeeping Answer: Option C. Explanation: Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_dis_deploy.html Show AnswerDiscussion The post Which personas can a Cisco ISE node assume? appeared first on Majanto.

A network administrator changed a Cisco ISE deployment from pilot to production and noticed that the JVM memory utilization increased significantly. The administrator suspects this is due to replication between the nodes. What must be configured to minimize performance degradation?

A. Enable the endpoint attribute filter. B. Review the profiling policies for any misconfiguration. C. Ensure that Cisco ISE is updated with the latest profiler feed update. D. Change the reauthentication interval. Answer: Option A. Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/ b_ise_admin_guide_23_chapter_010111.html Show AnswerDiscussion The post A network administrator changed a Cisco ISE deployment from pilot to production and noticed that… Read More »

An administrator is attempting to replace the built-in self-signed certificates on a Cisco ISE appliance. The CA is requesting some information about the appliance in order to sign the new certificate. What must be done in order to provide the CA this information?

A. Install the Root CA and intermediate CA. B. Generate the CSR. C. Download the CA server certificate. D. Download the intermediate server certificate. Answer: Option B. Explanation: No answer description available for this question Show AnswerDiscussion The post An administrator is attempting to replace the built-in self-signed certificates on a Cisco ISE appliance. The CA is requesting… Read More »