Cisco AV-pair
TACACS+ or RADIUS ack frame role attribute
DH-CHAP challenge attribute
privilege level attribute
第1题:
Click the Exhibit button.A customer configures the Junos Pulse Access Control Service with a Contractor role, an Employee role, and a Remediation role. A user logs in and is assigned the Remediation role. Referring to the exhibit, to which RADIUS Return Attributes Policy will the user be assigned?()
A. CorporateVLAN
B. EmployeeVLAN
C. RemediationVLAN
D. GuestVLAN
第2题:
Which three statements about the Cisco Easy VPN feature are true?()
第3题:
A.The attribute "STATUS" is set to the string EXTERNAL_AUTH
B.The attribute "PRIV_USER" contains the username
C.The event type that is given in the attribute "NAME" is EXTERNAL_AUTH
D.There is no differentiation between native and external authentication events
E.External authentication is managed through external auditing logs
F.The "PROXY_PRIV" user shows a username if external authentication is used
第4题:
When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform. Which two of these parameters cannot be applied as a rule? ()
第5题:
You are enabling AAA RADIUS/TACACS+ on a UCS which attribute must be added to the User account?()
第6题:
A. local preference
B. MED
C. weight
D. or igin
E. next - hop
F. AS - path
第7题:
Which two are benefits of using remote AAA services for Cisco Nexus products? ()
第8题:
You are the administrator of a Junos Pulse Access Control Service implementation. You must restrict authenticated users connected from the branch offices to a few specific resources within the data center. However, when the authenticated users are connected at the corporate office, they are allowed more access to the data center resources.You have created two roles with different levels of access and are trying to determine the best way of controlling when a user is mapped to a specific role. Having the user prompted to manually select their role is possible, but you want to automate the process.Which configuration solves this problem?()
A. Implement a RADIUS request attribute policy to assist with realm selection and create different role-mapping rules for the user in each realm.
B. Implement a directory/attribute server on the realm and set up this server to determine by group membership the proper role to which a user should be mapped.
C. Reorder the role-mapping rules to allow for the more open role to be mapped first and then enable the "stop processing rules when this rule matches" function on this role.
D. Implement a Host Checker policy on the realm that determines the geographic location of the device and restricts the user based on the results of the policy.
第9题:
Which one of the following commands can be used to enable AAA authentication to determine if a user canaccess the privilege command level?()
第10题:
When the BGP path selection process is being performed on a Cisco router, which BGP attribute is used first when determining the best path?()