PrepAway - Latest Free Exam Questions & Answers

2 Comments on “Which identity store option allows you to modify the directory services that run on TCP/IP?

  1. Pance says:

    QUESTION 186
    Which functionality does the Cisco ISE self-provisioning flow provide?

    A. It provides support for native supplicants, allowing users to connect devices directly to the network.
    B. It provides the My Devices portal, allowing users to add devices to the network.
    C. It provides support for users to install the Cisco NAC agent on enterprise devices.
    D. It provides self-registration functionality to allow guest users to access the network.

    Answer: A

    QUESTION 187
    During client provisioning on a Mac OS X system, the client system fails to renew its IP address. Which change can you make to the agent profile to correct the problem?

    A. Enable the Agent IP Refresh feature.
    B. Enable the Enable VLAN Detect Without UI feature.
    C. Enable CRL checking.
    D. Edit the Discovery Host parameter to use an IP address instead of an FQDN.

    Answer: A

    QUESTION 188
    Where is dynamic SGT classification configured?

    A. Cisco ISE
    B. NAD
    C. supplicant
    D. RADIUS proxy

    Answer: A

    QUESTION 189
    What is the function of the SGACL policy matrix on a Cisco TrustSec domain with SGT Assignment?

    A. It determines which access policy to apply to the endpoint.
    B. It determines which switches are trusted within the TrustSec domain.
    C. It determines the path the SGT of the packet takes when entering the Cisco TrustSec domain.
    D. It lists all servers that are permitted to participate in the TrustSec domain.
    E. It lists all hosts that are permitted to participate in the TrustSec domain.

    Answer: A

    QUESTION 190
    You are configuring SGA on a network device that is unable to perform SGT tagging. How can the device propagate SGT information?

    A. The device can use SXP to pass IP-address-to-SGT mappings to a TrustSec-capable hardware peer.
    B. The device can use SXP to pass MAC-address-to-STG mappings to a TrustSec-capable hardware peer.
    C. The device can use SXP to pass MAC-address-to-IP mappings to a TrustSec-capable hardware peer.
    D. The device can propagate SGT information in an encapsulated security payload.
    E. The device can use a GRE tunnel to pass the SGT information to a TrustSec-capable hardware peer.

    Answer: A




    0



    0

Leave a Reply