An engineer is testing low-impact mode for a phased deployment of Cisco ISE. Which type of traffic is denied when a host tries to connect to the network prior to authentication?
SISE ebook:
Creating Local Access Control Lists:
Certain functions, such as URL redirection, require the use of locally configured access control lists (ACLs) on a switch. Some of these ACLs are used immediately, and some may not be used until a much later phase of deployment. This section shows how to prepare the switches for all possible deployment models at one time and limit the operational expense of repeated switch configuration.
Add the following ACL to be used on switch ports in Low-Impact mode:
C3560X(config)# ip access-list ext ACL-DEFAULT
C3560X(config-ext-nacl)# remark DHCP
C3560X(config-ext-nacl)# permit udp any eq bootpc any eq bootps
C3560X(config-ext-nacl)# remark DNS
C3560X(config-ext-nacl)# permit udp any any eq domain
C3560X(config-ext-nacl)# remark Ping
C3560X(config-ext-nacl)# permit icmp any any
C3560X(config-ext-nacl)# remark PXE / TFTP
C3560X(config-ext-nacl)# permit udp any any eq tftp
C3560X(config-ext-nacl)# remark Drop all the rest
C3560X(config-ext-nacl)# deny ip any any log
This section is not available anymore. Please use the main Exam Page.300-715 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
redpassion
Highly Voted 1 year, 5 months agoNikoTomas
Most Recent 8 months, 3 weeks agoNikoTomas
8 months, 3 weeks agoChidinnaji
1 year, 5 months agorhylos
1 year, 5 months agorhylos
1 year, 5 months agoddev3737
1 year, 5 months agorhylos
1 year, 5 months ago