1. A switch has the following command issued as part of an 802.1X deployment.
address ipv4 10.1.1.50 auth-port 1812 acct-port 1813
What is the purpose of this command?
- It identifies the address of the default gateway and the ports used for traffic destined for remote networks.
- It identifies the address of the RADIUS server and ports on the server used for RADIUS traffic.
- It identifies the address of the RADIUS server and the ports used for EAPOL messages.
- It identifies the address of the switch to which the client connects and the ports used for the EAPOL messages.
2. Which device is used as the authentication server in an 802.1X implementation?
- wireless router
- Ethernet switch
- access point
- RADIUS server
3. What are two main capabilities of a NAC system? (Choose two.)
- route filtering
- incident response
- DMZ protection
- security posture check
- administrative role assignment
4. Which Cisco appliance can be used to filter network traffic contents to report and deny traffic based on the web server reputation?
5. Which command is used to enable AAA as part of the 802.1X configuration process on a Cisco device?
- aaa new-model
- dot1x pae authenticator
- dot1x system-auth-control
- aaa authentication dot1x
6. The switch port to which a client attaches is configured for the 802.1X protocol. The client must authenticate before being allowed to pass data onto the network. Between which two 802.1X roles is EAP data encapsulated using RADIUS? (Choose two.)
- data nonrepudiation server
- authentication server
7. Which host-based security measure is used to restrict incoming and outgoing connections?
- host-based firewall
- antivirus/antimalware software
- host-based IPS
8. Which security service is provided by 802.1x?
- malware analysis of files
- malware analysis and protection across the full attack continuum
- protection against emerging threats for Cisco products
- port-based network access control
9. Why is it important to protect endpoints?
- After an endpoint is breached, an attacker can gain access to other devices.
- Endpoints are the starting point for VLAN attacks.
- Endpoints are susceptible to STP manipulation attacks that can disrupt the rest of the LAN.
- A breached endpoint gives a threat actor access to system configuration that can modify security policy.
10. Websites are rated based on the latest website reputation intelligence. Which endpoint security measure prevents endpoints from connecting to websites that have a bad rating?
- spam filtering
- host-based IPS
- antimalware software
11. When would the authentication port-control command be used during an 802.1X implementation?
- when a client has sent an EAPOL-logoff message
- when the authentication server is located at another location and cannot be reached
- when the authentication server is located in the cloud
- when an organization needs to control the port authorization state on a switch
12. When using 802.1X authentication, what device controls physical access to the network, based on the authentication status of the client?
- the authentication server
- the router that is serving as the default gateway
- the supplicant
- the switch that the client is connected to
13. A port has been configured for the 802.1X protocol and the client has successfully authenticated. Which 802.1X state is associated with this PC?