REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Ronaldo
 
 

 

Braindumps of 650-472
Introduction to 802.1X Operations for Cisco Security Professionals Exam

 

Exam Questions, Answers, Braindumps (650-472)

Submitting dumps with some changes. The original is also available in www.examcheats.net

 

QUESTION NO: 1

Which EAP method requires a digital certificate on the client?

A. P1AP-MD5

B. LEAP

C. EAP-GTC

D. PEAP

E. EAP-TLS

F. EAP-MOS

G. EAP-FAST

ANS:- E

Explanation:

QUESTION NO: 2

Which two choices are valid methods of authorizing a wired supplicant? (Choose two.)

A. EAP-FAST

B. VLAN assignment

C. dACL

D. EAPOL

E. RADIUS

ANS:- B,C

Explanation:

QUESTION NO: 3

Which two statements about MACsec security are true? (Choose two.)

A. MACsec is an IEEE standard that is defined by 802.3AE.

B. MACsec leverages an 802.1X EAP framework to negotiate the MACsec Key Agreement.

C. MACsec is an IETF standard that is defined by RFC 4501.

D. MACsec can negotiate a MACsec Key Agreement without 802.1X.

E. MACsec is an IETF standard that is defined by RFC 4505.

F. MACsec is an IEEE standard that is defined by 802.1AE.

ANS:- B,F

Explanation:

QUESTION NO: 4

Which statement correctly defines a persona?

A. A Cisco ISE node can be configured as a primary or backup persona.

B. Persona refers to collections of services running on a Cisco ISE node.

C. A Cisco ISE node can be configured as a wired or wireless persona.

D. Persona relates to the collection of 802.1X services configured on a Cisco Catalyst switch.

E. Persona refers to the collection of EAP methods available to a supplicant.

F. A Cisco ISE node can be configured as a standalone or distributed persona.

ANS:- B

Explanation:

QUESTION NO: 5

Which two EAP methods are examples of challenge-response methods? (Choose two.)

A. EAP-TLS

B. PEAP

C. EAP-FAST

D. LEAP

E. EAP-MD5

ANS:- D,E

Explanation:

QUESTION NO: 6

On a Cisco Catalyst switch, which default ports will the radius-server host command use for RADIUS authentication and accounting messages?

A. TCP - Authentication 1645/Accounting 1646

B. TCP - Authentication 1535/Accounting 1536

C. TCP - Authentication 1812/Accounting 1813

D. UDP - Authentication 1535/Accounting 1536

E. UDP - Authentication 1812/Accounting 1813

F. UDP - Authentication 1645/Accounting 1646

ANS:- E

Explanation:

QUESTION NO: 7

Which three modules are valid components of Cisco AnyConnect Secure Mobility Client for Windows? (Choose three)

A. Network Access Manager

B. VPN Module

C. Network Authentication Manager

D. Telemetry and Profiling Module

E. Profiling Module

F. Posture Module

G. Profiling Module

ANS:- A,E,F

Explanation:

QUESTION NO: 8

Which section of the 802.1X standard cites other 802 standards needed to Wry understand the scope of 802.1X?

A. Section 3 - Definitions

B. Section 2 - Normative References

C. Section 5 - Acronyms and Abbreviations

D. Section 4 - Normative Definitions

E. Section 6 - Conformance

ANS:- B

Explanation:

QUESTION NO: 9

Which three RADIUS attributes art required to dynamically assign a VIAN? (Choose three)

A. Attribute 65 (Tunnel-Medium-Type)

B. Attribute 26 (Vendor-Specific)

C. Attribute 64 (Tunnel-Type)

D. Attribute 8 (Framed-IP-Address)

E. Attribute 5 (NASPort)

F. Attribute 81 (Tunne1-Private-Group-ID)

ANS:- A,C,F

Explanation:

QUESTION NO: 10

Consider the example of an end user plugging an unmanaged third-party switch into a port in a conference room. If the wiring closet switch port requires 802.1X authentication (and the authentication host mode is set to the default), what would be the result of multiple 802.1X clients attempting to access the network from the unmanaged switch?

A. After the first supplicant authenticates, other hosts connected to the unmanaged switch will be blocked from the network.

B. After 802.1X times out three times, all hosts on the unmanaged switch will have access to the network.

C. Up to eight hosts and one IP phone can be authenticated.

D. After the first supplicant authenticates, all other hosts connected to the unmanaged switch have access to the network.

ANS:- A

Explanation:

QUESTION NO: 11

Which two Cisco Catalyst switch command fragments enable WebAuth support on an interface? (Choose two.)

A. 3k-access(config-if)# authentication fallback

B. 3k-access(config-if)# authentication dotlx webauth

C. 3k-access(config-if)S authentication webauth

D. 3k-access(config-if)# dotlx priority webauth

E. 3k-access(config-if)- ip admission

F. 3k-access(config-if)ff dotlx fallback

G. 3k-access(config-if)# authentication order dotlx webauth

ANS:- A,E

Explanation:

QUESTION NO: 12

Which two statements are true with regard to the inner and outer phases of an EAP method? (Choose two.)

A. PEAP can include an optional phase 0 for PAC provisioning.

B. All EAP methods include an inner and outer phase.

C. The outer phase is used for authentication.

D. The inner phase is used for authentication.

E. The outer phase is used for securing the communication channel.

F. The inner phase is used for securing the communication channel.

ANS:- D,E

Explanation:

QUESTION NO: 13

Which Cisco ISE persona must run on dedicated hardware?

A. Inline Posture

B. Administrative

C. Centralized

D. Monitoring

E. Distributed Policy

F. Policy Services

G. Standalone

ANS:- A

Explanation:

QUESTION NO: 14

What must be configured on a Microsoft Windows 7 host to enable the Microsoft 802.1X supplicant for wired networks?

A. Wired 802.1X support requires installation of Windows 7 Service Pack JL

B. The 802.1X supplicant in the Authentication tab of interface Properties must be enabled.

C. The host must acquire its IP address from DHCP.

D. The Microsoft Wired AutoConfig service must be started.

E. 802.1X must be enabled in BIOS.

F. On systems running Intel 82566 Ethernet controllers, Intel driver vl6.1 or higher is required to enable 802.1X support

ANS:- D


 

650-472


 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend