REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Brown
 
 

 

Braindumps of 500-254
Implementing and Configuring Cisco Identity Services Engine (SISE)

 

Exam Questions, Answers, Braindumps (500-254)

Hi to all, Thanks to www.examcheats.net for helping me in such  a manner. I purchased their study material and got through the exam.

 

QUESTION NO: 1

Which two elements must you configure on a Cisco Wireless LAN Controller to allow Cisco ISE to authenticate wireless users? (Choose two.)

A. Configure Cisco ISE as a RADIUS authentication server and enter a shared secret.

B. Configure Cisco ISE as a RADIUS accounting server and enter a shared secret.

C. Configure all attached LWAPs to use the configured Cisco ISE node.

D. Configure RADIUS attributes for each SSID.

E. Configure each WLAN to use the configured Cisco ISE node.

F. Configure the Cisco Wireless LAN Controller to join a Microsoft Active Directory domain.

ANSWER: A,E

QUESTION NO: 2

Which three Cisco TrustSec enforcement modes are used to help protect network operations when securing the network? (Choose three.)

A. logging mode

B. monitor mode

C. semi-passive mode

D. low-impact mode

E. closed mode

ANSWER: B,D,E

QUESTION NO: 3

Which statement is correct about Change of Authorization?

A. Change of Authorization is a fundamental component of Cisco TrustSec and Cisco ISE.

B. Change of Authorization can be triggered dynamically based on a matched condition in a policy, and manually by being invoked by an administrator operation.

C. It is possible to trigger Change of Authorization manually from the ISE interface.

D. Authentication is the supported Change of Authorization action type.

ANSWER: D

QUESTION NO: 4

The default Cisco ISE node configuration has which role or roles enabled by default?

A. Administration only

B. Inline Posture only

C. Administration and Policy Service

D. Policy Service, Monitoring, and Administration

ANSWER: D

QUESTION NO: 5

Inline Posture nodes support which enforcement mechanisms?

A. VLAN assignment

B. downloadable ACLs

C. security group access

D. dynamic ACLs

ANSWER: B

QUESTION NO: 6

What is the process for Cisco ISE to obtain a signed certificate from a CA?

A. Request a certificate from the CA, and import the CA-signed certificate into ISE.

B. Generate a CSR; download the certificate from the CA; bind the CA-signed certificate with its private key, and import the CA-signed certificate into ISE.

C. Generate a CSR; export the CSR to the local file system and send to the CA; download the certificate from the CA, and bind the CA-signed certificate with its private key.

D. Submit a CSR to the CA; download the certificate from the CA; bind the CA-signed certificate with its private key, and import the CA-signed certificate into ISE.

ANSWER: C

QUESTION NO: 7

What is the Cisco ISE default admin login name and password?

A. admin/admin

B. admin/cisco

C. ISEAdmin/admin

D. admin/no default password—the admin password is configured at setup

ANSWER: D

QUESTION NO: 8

What are two methods to verify that Cisco ISE is properly connected to AD? (Choose two.)

A. Use the Test Connection feature in the Cisco ISE External Identity Sources Active Directory.

B. View the Active Directory Log /opt/CSCOcmp/logs/ad_agent.log.

C. Use the ISE Dashboard Summary alarms.

D. Use ktpass to determine if the Kerberos ticket is valid.

ANSWER: A,B

QUESTION NO: 9

Where is the license installed within Cisco ISE deployment?

A. A license is installed on the Policy Service node within ISE deployment.

B. A license is installed on the primary or secondary Administration node within ISE deployment.

C. A license is installed only on the primary Administration node within ISE deployment.

D. A license is preinstalled for ISE deployment.

ANSWER: C

QUESTION NO: 10

Which of these is NOT a high-availability option that is available for Cisco ISE deployments?

A. In the event of failure of the Primary Administration node, the standby instance automatically becomes active.

B. In the event of failure of the Primary Monitoring node, the standby instance automatically becomes active.

C. Clustering of Policy Service nodes to provide N+1 redundancy

D. Stateless failover of Inline Posture nodes

ANSWER: A

QUESTION NO: 11

What are the three default Cisco ISE identity user groups? (Choose three.)

A. employee

B. contractor

C. activated guest

D. guest

E. sponsor

ANSWER: A,C,D

 

500-254


 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend