Q1. The NAC Agent v4.9.x uses which ports and protocols to communicate with an ISE Policy Service Node?
A. tcp/8905, http/80, ftp/21
B. tcp/8905, http/80, https/443
C. udp/8905, telnet/23, https/443
D. udp/8906, http/80, https/443
Answer: B
Q2. Which two services are included in the Cisco ISE posture service? (Choose two.)
A. posture administration
B. posture run-time
C. posture monitoring
D. posture policing
E. posture catalog
Answer: A,B
Q3. What implementation must be added to the WLC to enable 802.1X and CoA for wireless endpoints?
A. the ISE
B. an ACL
C. a router
D. a policy server
Answer: A
Q4. Which statement about a distributed Cisco ISE deployment is true?
A. It can support up to two monitoring Cisco ISE nodes for high availability.
B. It can support up to three load-balanced Administration ISE nodes.
C. Policy Service ISE nodes can be configured in a redundant failover configuration.
D. The Active Directory servers of Cisco ISE can be configured in a load-balanced configuration.
Answer: A
Q5. In a multi-node ISE deployment, backups are not working on the MnT node. Which ISE CLI option would help mitigate this issue?
A. repository
B. ftp-url
C. application-bundle
D. collector
Answer: A
Q6. What is another term for 802.11i wireless network security?
A. 802.1x
B. WEP
C. TKIP
D. WPA
E. WPA2
Answer: E
Q7. Which debug command on a Cisco WLC shows the reason that a client session was terminated?
A. debug dot11 state enable
B. debug dot1x packet enable
C. debug client mac addr
D. debug dtls event enable
E. debug ap enable cisco ap
Answer: C
Q8. What is a required step when you deploy dynamic VLAN and ACL assignments?
A. Configure the VLAN assignment.
B. Configure the ACL assignment.
C. Configure Cisco IOS Software 802.1X authenticator authorization.
D. Configure the Cisco IOS Software switch for ACL assignment.
Answer: C
Q9. An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups?
A. member of
B. group
C. class
D. person
Answer: A
Q10. After an endpoint has completed authentication with MAB, a security violation is triggered because a different MAC address was detected. Which host mode must be active on the port?
A. single-host mode
B. multidomain authentication host mode
C. multiauthentication host mode
D. multihost mode
Answer: A