[Free] 2018(Aug) Ensurepass Cisco 500-254 Dumps with VCE and PDF 21-30

Posted on by admin

Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 500-254
100% Free Download! 100% Pass Guaranteed!

Implementing and Configuring Cisco Identity Services Engine (SISE)

Question No: 21

Which two dictionary groups does Cisco ISE provide? (Choose two.)

  1. system-defined

  2. RADIUS vendor

  3. RADIUS IETF

  4. user-defined

  5. LDAP

  6. Active Directory

Answer: A,D

Question No: 22

What is the limit of groups that Cisco ISE can retrieve from an Active Directory?

  1. 10

  2. 50 C. 100 D. 150 E. 200

Answer: C

Question No: 23

Which global command is used to activate 802.1X on a switch?

  1. dot1x enable

  2. dot1x system-auth-control

  3. dot1x service start

  4. dot1x switchport enable

Answer: B

Question No: 24

Which two commands are needed to configure 802.1X open mode? (Choose two.)

  1. authentication event

  2. authentication host-mode multi-auth

  3. authentication host-mode single domain

  4. authentication open

Answer: B,D

Question No: 25

Which statement is true about 802.1X closed mode?

  1. It is the default configuration of an 802.1X-enabled switch port.

  2. Only EAPOL traffic is allowed until the authentication process is finished.

  3. DNS and DHCP are allowed before authentication.

  4. Cisco Discovery Protocol is allowed before authentication.

  5. Only EAPOL and Cisco Discovery Protocol are allowed until the authentication process completes.

Answer: D

Question No: 26

The 802.1X protocol supports which two port types? (Choose two.)

  1. Layer 2 access port

  2. trunk port

  3. dynamic port

  4. Layer 3 access port

  5. EtherChannel port

Answer: A,D

Question No: 27

What is the default period for Cisco ISE to automatically purge expired guest accounts?

  1. immediately after expiration

  2. 1 day

  3. 7 days

  4. 15 days

  5. 30 days

Answer: D

Question No: 28

What is the recommended time zone for Cisco ISE installations?

  1. customer local time zone

  2. customer headquarters time zone

  3. Pacific time

  4. Coordinated Universal Time

Answer: D

Question No: 29

Which two EAP authentication methods require only a server certificate? (Choose two.)

  1. EAP-TLS

  2. EAP-FAST

  3. EAP-GTC

  4. EAP-MD5

  5. PEAP-MS-CHAPv2

Answer: C,E

Question No: 30

Which three encryption policies does MACsec support? (Choose three.)

  1. always-secure

  2. must-secure

  3. should-secure

  4. never-secure

  5. must-not-secure

Answer: B,C,E

100% Ensurepass Free Download!
500-254 PDF
100% Ensurepass Free Guaranteed!
500-254 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *