650-472 S802DT1X Introduction to 802.1X Operations for Cisco Security Professionals Exam
Exam Number 650-472
Last day to test: December 31, 2016
Duration 60 minutes (60-65 Questions)
Available Languages English
This exam will test field engineers’ knowledge on the 802.1X concepts, components, and operations, and TrustSec authentication, access control, and end-user policy. Candidates will be tested on how to identify the steps and options for configuring a switch and a Wireless LAN Controller for 802.1X operations with Identity Services Engine (ISE) as the authentication server to authorize network access to employees and guests.
Exam Topics
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
Identity based networking concepts
IEEE 802.1X concepts, architecture, and requirements for deployment
Component requirements for 802.1X operations
IEEE 802.1X operations in wired and wireless environment
Designing Identity Based Networks with 802.1X and ISE
QUESTION 1
Which two statements represent good use cases for Wake on LAN? (Choose two.)
A. WoL can be used to power-up hosts for on-demand PXE booting.
B. WoL can be used to power-up hosts for after-hours operating system updates and application patching.
C. WoL can be used to power-up hosts to access the IPMI.
D. WoL can be used to save electricity by powering down underused servers and desktops.
Answer: A,B
Explanation:
QUESTION 2
Which two choices are valid methods of authorizing a wired supplicant? (Choose two.)
A. EAP-FAST
B. VLAN assignment
C. dACL
D. EAPOL
E. RADIUS
Answer: B,C
Explanation:
QUESTION 3
Which two statements about MACsec security are true? (Choose two.)
A. MACsec is an IEEE standard that is defined by 802.3AE.
B. MACsec leverages an 802.1X EAP framework to negotiate the MACsec Key Agreement.
C. MACsec is an IETF standard that is defined by RFC 4501.
D. MACsec can negotiate a MACsec Key Agreement without 802.1X.
E. MACsec is an IETF standard that is defined by RFC 4505.
F. MACsec is an IEEE standard that is defined by 802.1AE.
Answer: B,F
Explanation:
QUESTION 4
Which statement correctly defines a persona?
A. A Cisco ISE node can be configured as a primary or backup persona.
B. Persona refers to collections of services running on a Cisco ISE node.
C. A Cisco ISE node can be configured as a wired or wireless persona.
D. Persona relates to the collection of 802.1X services configured on a Cisco Catalyst switch.
E. Persona refers to the collection of EAP methods available to a supplicant.
F. A Cisco ISE node can be configured as a standalone or distributed persona.
Answer: B
Explanation:
Click here to view complete Q&A of 650-472 exam
Certkingdom Review
Best Cisco 650-472 Certification, Cisco 650-472 Training at certkingdom.com