Question 1

An administrator is configuring a Cisco ISE posture agent in the client provisioning policy and needs to ensure that the posture policies that interact with clients are monitored, and end users are required to comply with network usage rules Which two resources must be added in Cisco ISE to accomplish this goal? (Choose two)

Options :

A : AnyConnect

B : Supplicant

C : Cisco ISE NAC

D : PEAP

E : Posture Agent

Answer: A

Question 2

An administrator made changes in Cisco ISE and needs to apply new permissions for endpoints that have already been authenticated by sending a CoA packet to the network devices. Which IOS command must be configured on the devices to accomplish this goal?

Options :

A : aaa server radius dynamic-author

B : authentication command bounce-port

C : authentication command disable-port

D : aaa nas port extended

Answer: A

Question 3

When configuring an authorization policy, an administrator cannot see specific Active Directory groups present in their domain to be used as a policy condition. However, other groups that are in the same domain are seen What is causing this issue?

Options :

A : Cisco ISE only sees the built-in groups, not user created ones

B : The groups are present but need to be manually typed as conditions

C : Cisco ISE-s connection to the AD join point is failing

D : The groups are not added to Cisco ISE under the AD join point

Answer: D

Question 4

Which profiling probe collects the user-agent string?

Options :

A : DHCP

B : AD

C : HTTP

D : NMAP

Answer: C

Question 5

What must match between Cisco ISE and the network access device to successfully authenticate endpoints?

Options :

A : SNMP version

B : shared secret

C : certificate

D : profile

Answer: B