A Cisco ISE administrator must restrict specific endpoints from accessing the network while in closed mode. The requirement is to have Cisco ISE centrally store the endpoints to restrict access from. What must be done to accomplish this task''
What is a characteristic of the UDP protocol?
If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?
The Blacklist identity group is system generated and maintained by ISE to prevent access to lost or stolen devices. In this design guide, two authorization profiles are used to enforce the permissions for wireless and wired devices within the Blacklist:
Drag the descriptions on the left onto the components of 802.1X on the right.
Which two features must be used on Cisco ISE to enable the TACACS. feature? (Choose two)
Which two responses from the RADIUS server to NAS are valid during the authentication process? (Choose two)
An engineer has been tasked with standing up a new guest portal for customers that are waiting in the lobby. There is a requirement to allow guests to use their social media logins to access the guest network to appeal to more customers What must be done to accomplish this task?
What gives Cisco ISE an option to scan endpoints for vulnerabilities?
A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices Where in the Layer 2 frame should this be verified?
https://www.cisco.com/c/dam/global/en_ca/assets/ciscoconnect/2014/pdfs/policy_defined_segmentation_with_trustsec_rob_bleeker.pdf (slide 25)
What is the minimum certainty factor when creating a profiler policy?
Which two methods should a sponsor select to create bulk guest accounts from the sponsor portal? (Choose two )
Select and Place
Which two external identity stores support EAP-TLS and PEAP-TLS? (Choose two.)
An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the default guest types. How should this configuration change be made without disrupting the other guest services currently offering three or more guest devices per user?
An engineer is configuring a virtual Cisco ISE deployment and needs each persona to be on a different node. Which persona should be configured with the largest amount of storage in this environment?
There are several devices on a network that are considered critical and need to be placed into the ISE database and a policy used for them. The organization does not want to use profiling. What must be done to accomplish this goal?
An engineer is configuring Cisco ISE policies to support MAB for devices that do not have 802.1X capabilities. The engineer is configuring new endpoint identity groups as conditions to be used in the AuthZ policies, but noticed that the endpoints are not hitting the correct policies. What must be done in order to get the devices into the right policies?
An employee must access the internet through the corporate network from a new mobile device that does not support native supplicant provisioning provided by Cisco ISE. Which portal must the employee use to provision to the device?
Which term refers to an endpoint agent that tries to join an 802 1X-enabled network?
What is needed to configure wireless guest access on the network?
What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two)
Which use case validates a change of authorization?
What must be configured on the Cisco ISE authentication policy for unknown MAC addresses/identities for successful authentication?
Which port does Cisco ISE use for native supplicant provisioning of a Windows laptop?
Which protocol must be allowed for a BYOD device to access the BYOD portal?