Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

Which statement about configuring certificates for BYOD is true?

A.

An Android endpoint uses EST, whereas other operating systems use SCEP for enrollment

B.

The SAN field is populated with the end user name.

C.

An endpoint certificate is mandatory for the Cisco ISE BYOD

D.

The CN field is populated with the endpoint host name

An administrator is configuring TACACS+ on a Cisco switch but cannot authenticate users with Cisco ISE. The configuration contains the correct key of Cisc039712287. but the switch is not receiving a response from the Cisco ISE instance What must be done to validate the AAA configuration and identify the problem with the TACACS+ servers?

A.

Check for server reachability using the test aaa group tacacs+ admin legacy command.

B.

Test the user account on the server using the test aaa group radius server CUCS user admin pass legacy command.

C.

Validate that the key value is correct using the test aaa authentication admin legacy command.

D.

Confirm the authorization policies are correct using the test aaa authorization admin drop legacy command.

Which command displays all 802 1X/MAB sessions that are active on the switch ports of a Cisco Catalyst switch?

A.

show authentication sessions output

B.

Show authentication sessions

C.

show authentication sessions interface Gi 1/0/x

D.

show authentication sessions interface Gi1/0/x output

Which interface-level command is needed to turn on 802 1X authentication?

A.

Dofl1x pae authenticator

B.

dot1x system-auth-control

C.

authentication host-mode single-host

D.

aaa server radius dynamic-author

An engineer is enabling a newly configured wireless SSID for tablets and needs visibility into which other types of devices are connecting to it. What must be done on the Cisco WLC to provide this information to Cisco ISE9

A.

enable IP Device Tracking

B.

enable MAC filtering

C.

enable Fast Transition

D.

enable mDNS snooping

During BYOD flow, from where does a Microsoft Windows PC download the Network Setup Assistant?

A.

Cisco App Store

B.

Microsoft App Store

C.

Cisco ISE directly

D.

Native OTA functionality

An administrator needs to give the same level of access to the network devices when users are logging into them using TACACS+ However, the administrator must restrict certain commands based on one of three user roles that require different commands How is this accomplished without creating too many objects using Cisco ISE?

A.

Create one shell profile and multiple command sets.

B.

Create multiple shell profiles and multiple command sets.

C.

Create one shell profile and one command set.

D.

Create multiple shell profiles and one command set

An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones The phones do not have the ability to authenticate via 802 1X Which command is needed on each switch port for authentication?

A.

dot1x system-auth-control

B.

enable bypass-mac

C.

enable network-authentication

D.

mab

Which portal is used to customize the settings for a user to log in and download the compliance module?

A.

Client Profiling

B.

Client Endpoint

C.

Client Provisioning

D.

Client Guest

A customer wants to set up the Sponsor portal and delegate the authentication flow to a third party for added security while using Kerberos Which database should be used to accomplish this goal?

A.

RSA Token Server

B.

Active Directory

C.

Local Database

D.

LDAP