An administrator needs to give the same level of access to the network devices when users are logging into them using TACACS+. However, the administrator must restrict certain commands based on one of three user roles that require different commands. How is this accomplished without creating too many objects using Cisco ISE?
Question 132
What are two differences between the RADIUS and TACACS+ protocols? (Choose two.)
Question 133
An administrator adds a new network device to the Cisco ISE configuration to authenticate endpoints to the network. The RADIUS test fails after the administrator configures all of the settings in Cisco ISE and adds the proper configurations to the switch. What is the issue?
Question 134
An organization is adding nodes to their Cisco ISE deployment and has two nodes designated as primary and secondary PAN and MnT nodes. The organization also has four PSNs. An administrator is adding two more PSNs to this deployment but is having problems adding one of them. What is the problem?
Question 135
Which two Cisco ISE deployment models require two nodes configured with dedicated PAN and MnT personas? (Choose two.)
Question 136
An organization wants to enable web-based guest access for both employees and visitors. The goal is to use a single portal for both user types Which two authentication methods should be used to meet this requirement? (Choose two.)
Question 137
Refer to the exhibit. An engineer is configuring the remote access VPN to use Cisco ISE for AAA and needs to conduct posture checks on the connecting endpoints. After the endpoint connects, it receives its initial authorization result and continues onto the compliance scan. What must be done for this AAA configuration to allow compliant access to the network?
Question 138
An administrator has added a new Cisco ISE PSN to their distributed deployment Which two features must the administrator enable to accept authentication requests and profile the endpoints correctly, and add them to their respective endpoint identity groups? (Choose two.)
Question 139
While configuring Cisco TrustSec on Cisco IOS devices, the engineer must set the CTS device ID and password in order for the devices to authenticate with each other. However, after this is complete, the devices are not able to properly authenticate. What issue would cause this to happen even if the device ID and passwords are correct?
Question 140
Refer to the exhibit. An administrator is manually adding a device to a Cisco ISE identity group to ensure that it is able to access the network when needed without authentication. Upon testing, the administrator notices that the device never hits the correct authorization policy line using the condition EndPoints-LogicalProfileEQUALS static_list. Why is this occurring?
