Feedback
Home
You may like this!
56.
Before a Cisco switch will generate a self-signed certificate, which configuration is required?
  • A.
    The internal CA must be enabled
  • B.
    An IPv6 address.
  • C.
    A Cisco switch cannot generate a self-signed certificate.
  • D.
    A domain name.
  • Answer & Explanation
  • Report
Answer : [D]
Explanation :
The Cisco switch will need the https server enabled to redirect https traffic. Before that service can be enabled, the switch needs a certificate. One of the prerequisites is a hostname and domain name, providing the switch a fully qualified domain name (FQDN). This FQDN will become the Subject Name of the self-signed certificate.
Report
Name Email  
57.
True or False? The URL redirection ACL can be downloaded from ISE to the NAD.
  • A.
    True
  • B.
    False
  • Answer & Explanation
  • Report
Answer : [B]
Explanation :
The traffic filtering ACL can be downloaded from ISE as a dACL, but the redirection ACL must preexist on the switch and is called by reference using a RADIUS AV-Pair. The AirespaceOS-based Cisco WLCs support only locally configured ACLs; therefore, all ACLs must be called by reference (also named ACLs).
Report
Name Email  
58.
Which of the following settings is required for a WLAN to support CWA on the Cisco WLC?
  • A.
    SNMP NAC
  • B.
    Layer-3 Authentication
  • C.
    RADIUS NAC
  • D.
    Fast Transition
  • Answer & Explanation
  • Report
Answer : [C]
Explanation :
RADIUS NAC is a critical setting for the WLAN that enables URL redirection and the pre- RUN states. Without this setting, CWA is not possible.
Report
Name Email  
59.
For wired and wireless MAB, which option must be configured for unknown identities?
  • A.
    Drop
  • B.
    Continue
  • C.
    Reject
  • D.
    Pass
  • Answer & Explanation
  • Report
Answer : [B]
Explanation :
CWA is controlled by the Authorization Policy. Even an unknown MAC address needs to “continue” out of the Authentication Policy, so the appropriate response can be sent to the NAD, including the URL redirection to the portal.
Report
Name Email  
60.
Which of the following rule types need to be created for CWA? (Choose two.)
  • A.
    A WebAuth authentication rule must be created for the authentication through the web portal.
  • B.
    An authorization rule must be created that redirects the user to the CWA portal.
  • C.
    An authentication rule must be created that permits access to users who have successfully authorized through the CWA portal.
  • D.
    An authorization rule must be created that permits access to users who have successfully authenticated through the CWA portal.
  • E.
    A WebAuth authentication rule must be created that redirects the end user to the CWA portal.
  • Answer & Explanation
  • Report
Answer : [B, D]
Explanation :
The first rule should match if no more specific authorization rule is used and should redirect the user to the CWA portal. The second rule types should exist above the redirection rule and allow access to the user after she has successfully authenticated to the CWA portal. The authorization policy rules read like an ACL—from top down, whereby the first matched rule is applied.
Report
Name Email  
 
  © 2024 infibee.com. All Rights Reserved.   Copyright | Privacy Policy | Sitemap  
Contact us on : info@infibee.com  
 
 
Share   Facebook   Twitter   Google +   Digg