CertKiller.500-451.28q Number: 500-451 Passing Score: 800 Time Limit: 120 min File Version: 5.3 500-451 Cisco Unified Access Systems Engineer Exam I just passed today with 89%. My sole focus was the VCE. Around a third of the questions were similar but a slightly different scenario. Valid now a days. My most of friends are passing with Premium VCE files so 100% valid. When you will read this you will definitely clear exam and get good score. This vce file will definitely help you. Sections 1. Wired Unified Access Infrastructure and Advanced Features 2. Prime Infrastructure Setup for Wired and Wireless Clients 3. Basic Cisco ISE AAA and Guest Server Setup for Wired and Wireless Networks 4. Building the Wireless Network
5. Converged Access Solution 6. Securing Any Access 7. SmartOperations Overview Including EEM with GOLD and IP SLA 8. Application Visibility and Control Overview and Configuration 9. Monitoring, Reporting, and Troubleshooting with PI and ISE
Exam A QUESTION 1 When Cisco Catalyst 3850 Switches are implemented in a stack configuration, which command is used to verify the role of each switch in the stack, and what are the two roles supported? A. show switch stack role; active/standby B. show switch detail; active/standby C. show switch member; master/member D. show stack detail; master/member Correct Answer: B Section: Wired Unified Access Infrastructure and Advanced Features QUESTION 2 When the Cisco Catalyst 3850 is configured as a wireless mobility agent, what must be true? A. Cisco ISE must be joined to Microsoft AD. B. Access points must be connected directly to the Catalyst 3850. C. Access points may be connected anywhere in the network. D. The mobility controller must be CT5760. Correct Answer: B Section: Converged Access Solution QUESTION 3 Which option is performed exclusively by the mobility agent? A. key distribution to all mobility controllers B. 802.11 device location calculation C. CAPWAP tunnels termination
D. central radio resource management tasks Section: Converged Access Solution QUESTION 4 Which statement about single SSID wireless BYOD is true? A. uses only secure wireless B. has a dedicated open SSID for onboarding provisioning C. has a separate secure SSID for enhanced security on the network D. supports guests and employees and is the preferred method Section: Securing Any Access QUESTION 5 When managing Security Group Access in Cisco ISE 1.2, what is the description of the mapped cells matrix element? A. the source SGT names and the assigned 16-bit tag B. the destination SGT names and the assigned 16-bit tag C. when a source and destination pair of SGTs is not assigned any SGACLs or a status D. when a source and destination pair of SGTs is assigned an order of SGACLs and has a specified status Correct Answer: D Section: Securing Any Access
QUESTION 6 Before you implement BYOD onboarding, which two client provisioning resources should you download from Cisco.com to ISE? A. ISE posture agent profile, BYOD on-boarding profile B. BYOD on-boarding profile, native supplicant profile C. guest service portal agents, agent resources from Cisco cite D. supplicant provisioning wizard, WebAgent Correct Answer: D Section: Securing Any Access QUESTION 7 When a user gets redirected to the device registration portal, which important information field is prepopulated by ISE? A. user's username B. user's first and last name C. device ID with IP address D. device ID with MAC address Correct Answer: D Section: Securing Any Access QUESTION 8
When building the Security Group Egress Policy Matrix, what is the default policy regarding empty intersecting cells? A. enabled, SGACLs : permit IP B. enabled, SGACLs : deny IP C. disabled, SGACLs : permit IP D. disabled, SGACLs : deny IP Section: Securing Any Access QUESTION 9 A customer wants to dynamically monitor the status of a critical route. Which feature should you recommend that the customer use? A. Wireshark B. Embedded Event Manager C. IP Service Level Agreement D. Generic Online Diagnostics Section: SmartOperations Overview Including EEM with GOLD and IP SLA QUESTION 10 A customer is configuring the IP SLA Embedded Event Manager applet. What is the meaning of this configuration line within the applet: "event track 100 state down"? A. Track 100 down state events and create a syslog message when the 100th down state is detected. B. The tracking event "100" configured separately is used to detect the down state. C. If there is a down state for 100 seconds, trigger the applet actions. D. Stop tracking the interface if it flaps more than 100 times. Correct Answer: B
Section: SmartOperations Overview Including EEM with GOLD and IP SLA QUESTION 11 A network administrator is using the Embedded Event Manager, which is supporting multiple actions initiated from the script. Which two policy actions can be used within the EEM? (Choose two) A. Execute a Tcl script. B. Send an email. C. Run another policy. D. Hot swap the supervisor. E. Manually send an SNMP trap. Correct Answer: BC Section: Application Visibility and Control Overview and Configuration QUESTION 12 Which feature is used on the Catalyst 6500 Series Switch for real-time traffic capture and decoding? A. Lancope Lite B. Packet Monitor C. Mini Protocol Analyzer D. Inline Wireshark module Section: Application Visibility and Control Overview and Configuration QUESTION 13
Which dashboard under Overview in Prime Infrastructure 2.0 do you use to identify authentication failures and client status? A. AVC dashboard B. Client dashboard C. General dashboard D. Context Aware dashboard Correct Answer: B Section: Monitoring, Reporting, and Troubleshooting with PI and ISE QUESTION 14 What is ISE profiling? A. a feature used to identify the endpoints based on network data obtained from a number of enabled probes B. an ISE function used for applying security templates to endpoints when ISE is integrated with Cisco Prime Infrastructure C. a dynamic policy feature that uses a number of enabled probes to apply the correct ACL to roaming wireless endpoints D. a form used for self-onboarding of wireless devices Section: Monitoring, Reporting, and Troubleshooting with PI and ISE QUESTION 15 Which option describes the benefits of a secure BYOD architecture using SGT?
A. complex network design and lower operational costs B. eliminates ACL explosion and offloads filtering to ASA for rich and scalable policy rule automation C. complex network design and topology dependent segmentation using Security Group D. Segmentation using Security Group is topology dependent and offloads filtering to ASA for rich and scalable policy rule automation. Correct Answer: B Section: Monitoring, Reporting, and Troubleshooting with PI and ISE QUESTION 16 Cisco ISE uses HTTPS for its Guest Service portals (Guest, Sponsor, WebAuth). What is the default TCP port number? A. 8443 B. 8080 C. 443 D. 80 Section: Basic Cisco ISE AAA and Guest Server Setup for Wired and Wireless Networks QUESTION 17 Which access categories are defined in the Wi-Fi Alliance Wireless Multimedia certification? A. Voice, Video, Best Effort, Background B. 802.11b, 802.11g, 802.11a, 802.11n C. 802.11k, 802.11r, 802.11w, 802.11ac D. Expedite Forwarding, Assured Forwarding, Data, Scavenger Traffic Section: Building the Wireless Network
QUESTION 18 Which set of Converged Access components is related to "physical" entities? A. mobility agent, mobility controller, mobility oracle B. mobility controller, mobility groups, switch peer group C. mobility groups, switch peer group D. mobility oracle, switch peer group, mobility domain Section: Converged Access Solution QUESTION 19 Which platform supports SSO? A. Nexus 1000V Series Switches B. Catalyst 2960 Series Switches C. Catalyst 3850 Series Switches D. Catalyst 3750-X Series Switches Section: Wired Unified Access Infrastructure and Advanced Features
QUESTION 20 What is the best way to design a network to ensure that Cisco NSF operates according to specifications? A. Ensure that all attached neighbors are Cisco NSF-aware. B. Ensure that the local switch is the NSF master. C. Ensure that VSS NSF is enabled. D. Ensure that IOS ISSU is enabled. Section: Wired Unified Access Infrastructure and Advanced Features QUESTION 21 Which three components are part of a Unified Access solution? (Choose three.) A. One Policy (Cisco ISE) B. One Management (Cisco Prime) C. One Network (wired, wireless, VPN access) D. One Controller (Converged) E. One Solution F. One Security BC Section: Wired Unified Access Infrastructure and Advanced Features QUESTION 22 Which option can be a source of PI Assurance data?
A. MPA on Catalyst 6500 Series Switches B. Catalyst 3850 Series Switch interface status C. NetFlow on Catalyst 4500 Series Switch D. ISE client join statistics E. WLC SNMP traps Section: Prime Infrastructure Setup for Wired and Wireless Clients QUESTION 23 Which option is an advantage of using Cisco Prime Infrastructure as a network management solution? A. single GUI interface to all Cisco network devices B. Prime Infrastructure can also perform data center and virtualization infrastructure management. C. Hybrid and cloud-based options allow for easy scaling to accommodate growth. D. can be licensed for wired-only or wireless-only versions Section: Prime Infrastructure Setup for Wired and Wireless Clients QUESTION 24 How can you customize the Home view of Prime Infrastructure? A. Open the Administration menu, select the Dashlets option, select new Dashlet, click Add to Home View. B. Open the Operate menu, select the Home View option, Choose Edit Home View, select new Dashlet from the list. C. Add Dashlets and edit existing Dashlets. D. Home view cannot be customized in Prime Infrastructure 2.0. Section: Prime Infrastructure Setup for Wired and Wireless Clients
QUESTION 25 Which installation option is available as of Prime Infrastructure 2.0? A. distributed B. web-based installation C. physical appliance D. Windows installer Section: Prime Infrastructure Setup for Wired and Wireless Clients QUESTION 26 When configuring the RADIUS server between ISE and the network access device, there are many different types of NADs. Which option is the NAD? A. Cat2960 Access Switches B. CAP-3600 Access Point in Local mode C. CT 5508 Wireless LAN Controller D. Cisco Prime Infrastructure E. AnyConnect wireless client Section: Basic Cisco ISE AAA and Guest Server Setup for Wired and Wireless Networks QUESTION 27 Which action is required when configuring Flexible NetFlow on a Cisco Catalyst switch?
A. Configure the flow descriptor. B. Configure the flow exporter. C. Configure the flow importer. D. Configure the flow reset target. Correct Answer: B Section: Application Visibility and Control Overview and Configuration QUESTION 28 Which step is one of the typical configuration steps when configuring Flow Exporter for Prime Infrastructure 2.0 or higher? A. Set the IP address to export the Flexible NetFlow cache entry to a destination system. B. Configure the source IP address interface for each interface part of Flexible NetFlow exporter. C. Configure the TCP transport protocol and a TCP port number 1991 for a Flexible NetFlow flow exporter. D. Configure the TCP transport protocol and a TCP port number 9991 for a Flexible NetFlow flow exporter. Section: Application Visibility and Control Overview and Configuration