Introduction to 802.1X Operations for Cisco Security Professionals Exam v7.0 (650-472)

Page:    1 / 5   
Total 69 questions

Which two NADs does NOT support RADIUS Change of Authorization requests?(Choose two.)

  • A. Cisco Catalyst 3750 switches
  • B. Cisco Adaptive Security Appliances
  • C. Unmanaged switches and hubs
  • D. Cisco Wireless LAN Controllers

Answer : B,C

Which two choices are drivers of IEEE 802.1X adoption? (Choose two.)

  • A. Guest networks
  • B. Heterogeneous Networks
  • C. Pervasive Wireless Deployments
  • D. Unprotected switch ports
  • E. Limited 802.1X standard functionality

Answer : A,C

Which module is NOT a valid component of Cisco AnyConnect Secure Mobility Client for

  • A. VPN Module
  • B. Profiling Module
  • C. Network Access Manager
  • D. Telemetry Module

Answer : B

These are the VPN modules in Cisco Anyconnect client:

Network Access Manager -

Posture Module -

Telemetry Module -

WebSecurity Module -

EAP was original created for which network type?

  • A. Point-to-Point Protocol
  • B. Local Area Network
  • C. Wide Area Network
  • D. Wireless Local Area Network

Answer : A

Reference: configuration/guide/eap_types.html

What is the Cisco Catalyst Switch default port used for CoA?

  • A. UDP 3799
  • B. UDP 1812
  • C. UDP 1645
  • D. UDP 1700

Answer : A

Reference: ml
Note: If using ISE then the port will be 1700 and if using ACS then it will be 3799
(according to RFC 3799 is the default port for CoA).

Which of the following RADIUS attribute is vendor specific and enables vendors to easily extend the protocol functionality?

  • A. 1
  • B. 2
  • C. 5
  • D. 26
  • E. 64

Answer : D

Reference: html

Which of the following is true about PEAP?

  • A. PEAP was created as an alternative to EAP-FAST
  • B. PEAP is limited to MS-CHAP to authenticate the supplicant
  • C. PEAP authentication operates in two phases
  • D. PEAP only requires a client-side certificate

Answer : C


Which Cisco Catalyst Switch command enables 802.1X authentication globally?

  • A. authentication priority dot1x mab
  • B. authentication order dot1x mab
  • C. dot1x pae authenticator
  • D. dot1x system-auth-control
  • E. aaa new-model

Answer : D


Which two Cisco Catalyst switch commands are required for URL-redirection? (Choose two.)

  • A. 3k-access(config-if)# authentication webauth
  • B. 3k-access(config-if)# authentication dot1x webauth
  • C. 3k-access(config-if)# ip http secure-server
  • D. 3k-access(config-if)# authentication order dot1x webauth
  • E. 3k-access(config-if)# ip http server
  • F. 3k-access(config-if)# dot1x priority webauth

Answer : C,E

Page:    1 / 5   
Total 69 questions