Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
650-472 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader Cisco 650-472 Dumps with VCE and PDF 21-30

September 6, 2017

EnsurePass
2017 Sep Cisco Official New Released 650-472
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/650-472.html

Introduction to 802.1X Operations for Cisco Security Professionals Exam

Question No: 21

Which two sets of ports does Cisco ISE listen on for RADIUS authentication and accounting messages? (Choose two.)

  1. UDP – Authentication 1535/Accounting 1536

  2. UDP – Authentication 1645/Accounting 1646

  3. TCP – Authentication 1535/Accounting 1536

  4. TCP – Authentication 1645/Accounting 1646

  5. UDP – Authentication 1812/Accounting 1813

  6. TCP – Authentication 1812/Accounting 1813

Answer: B,E

Question No: 22

Which three elements are required fields when adding a Cisco Wireless IAN Controller as a network device in Cisco ISE? (Choose three)

  1. Name

  2. Software Version

  3. Device Configuration Deployment

  4. RADIUS Shared Secret

  5. SSID

  6. Model Number

  7. IP Address

Answer: A,D,G

Question No: 23

During initial ISE setup, foe which three of the following required and optional elements does the setup script prompt the administrator to enter a value? (Choose three)

  1. Device Gateway

  2. Static Host Routes

  3. IP Address

  4. Active Directory Domain Name

  5. Path to RSA SecuriD Seed File

  6. NTP Server IP Address

  7. Path to RAMUS Seed File

Answer: A,C,D

Question No: 24

What action must be performed immediately after initial login to the Cisco ISE GUI?

  1. Configure an alternate local administrator account for password recovery.

  2. Configure profiling services to authenticate IP phones for MAB.

  3. Join a Microsoft Active Directory domain for time synchronization.

  4. Change the administrative user account password.

  5. Configure an NTP server for time synchronization.

  6. Configure RSA SecurelD to secure administrative access to Cisco ISE.

Answer: E

Question No: 25

Which method provides authenticated guest access to nonsupplicant hosts?

  1. restricted VIAN

  2. authentication fallback

  3. authentication proxy

  4. web authentication

  5. guest VIAN

  6. flexible authentication

Answer: D

Question No: 26

Which hardware component of a Cisco TrustSec solution for 802.1X is optional but widely adopted in most networks?

  1. external Authentication server

  2. Cisco AnyConnect Secure Mobility Client

  3. authentication server

  4. authenticator

  5. Cisco 4200 Series IPS

Answer: B

Question No: 27

Consider a design where a Cisco Catalyst switch that supports Network Edge Access Topology (NEAT) is connected to an upstream switch that requires 802.1X authentication on the switch-to-switch link. What differentiates a Cisco Catalyst switch configured for NEAT from an unmanaged switch connected to the same upstream switch port?

  1. Switches that support NEAT can be configured with a port in supplicant mode.

  2. Switches that support NEAT can perform Layer 2 MAC address translation to allow

    multiple hosts to be seen by the upstream switch as the same host.

  3. Switches that support NEAT can be configured with a port in authenticator mode that supports authentication multi-host.

  4. Switches that support NEAT can be configured with a port in authenticator mode that supports authentication multi-auth.

Answer: A

Question No: 28

Which two of these Cisco products can act as 802.1X authenticates? (Choose two.)

  1. Cisco 4255 Intrusion Prevention Sensor

  2. Cisco Catalyst 37SO Series Switch

  3. Cisco Wireless LAN Control

  4. Cisco Secure Access Control Server for Widows

  5. Cisco 3640 Rooter

  6. Cisco 5510 Adaptive Security Appliance

  7. Cisco Secure Access Control Solution for Windows

  8. Cisco 4255 Intrusion Prevention System

Answer: C,D

Question No: 29

What is the purpose of the fallback profile command?

  1. This command configures the Critical VLAN policy on an interface.

  2. This command configures a WebAuth profile to use in the event that MAB authentication fails.

  3. This command configures a WebAuth profile to use in the event that 802.1X authentication fails.

  4. This command globally enables WebAuth authentication.

  5. This command configures the Guest VLAN policy on an interface.

  6. This command configures the Restricted VLAN policy on an interface.

Answer: C

Question No: 30

What is the purpose of the restricted VLAN (authentication failed VLAN) on a Cisco Catalyst switch?

  1. It provides configurable guest access to nonsupplicant devices that have local credentials.

  2. It provides configurable guest access to devices that have a supplicant when the authenticator is down or unreachable.

  3. It provides configurable guest access to nonsupplicant devices that lack local credentials.

  4. It provides configurable guest access to devices that have a supplicant when the authentication server is down or unreachable.

  5. It provides configurable guest access to devices that have a supplicant but lack local credentials.

Answer: E

100% Free Download!
Download Free Demo:650-472 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 650-472 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE