Refer to the exhibit. Based on the configuration in this WLAN security setting, Which method can a client use to authenticate to the network?
Correct Answer: A
Question 202
Which JSON syntax is valid?
Correct Answer: C
This JSON can be written as follows: { "switch": { "name": "dist1", "interfaces": ["gig1", "gig2", "gig3"] } }
Question 203
What does this EEM applet event accomplish? "event snmp oid 1.3.6.1.3.7.1.5.1.2.4.2.9 get-type next entry-op g entry-val 75 poll-interval 5"
Correct Answer: B
Explanation EEM offers the ability to monitor events and take informational or corrective action when the monitored events occur or reach a threshold. An EEM policy is an entity that defines an event and the actions to be taken when that event occurs. There are two types of EEM policies: an applet or a script. An applet is a simple form of policy that is defined within the CLI configuration. To specify the event criteria for an Embedded Event Manager (EEM) applet that is run by sampling Simple Network Management Protocol (SNMP) object identifier values, use the event snmp command in applet configuration mode. event snmp oid oid-value get-type {exact | next} entry-op operator entry-val entryvalue [exit-comb {or | and}] [exit-op operator] [exit-val exit-value] [exit-time exit-timevalue] poll-interval poll-int-value + oid: Specifies the SNMP object identifier (object ID) + get-type: Specifies the type of SNMP get operation to be applied to the object ID specified by the oid-value argument. - next - Retrieves the object ID that is the alphanumeric successor to the object ID specified by the oid-value argument. + entry-op: Compares the contents of the current object ID with the entry value using the specified operator. If there is a match, an event is triggered and event monitoring is disabled until the exit criteria are met. + entry-val: Specifies the value with which the contents of the current object ID are compared to decide if an SNMP event should be raised. + exit-op: Compares the contents of the current object ID with the exit value using the specified operator. If there is a match, an event is triggered and event monitoring is reenabled. + poll-interval: Specifies the time interval between consecutive polls (in seconds) Reference: https://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtioseem.html Question 2 Cisco TrustSec uses tags to represent logical group privilege. This tag, called a Security Group Tag (SGT), is used in access policies. The SGT is understood and is used to enforce traffic by Cisco switches, routers and firewalls . Cisco TrustSec is defined in three phases: classification, propagation and enforcement. When users and devices connect to a network, the network assigns a specific security group. This process is called classification. Classification can be based on the results of the authentication or by associating the SGT with an IP, VLAN, or port-profile (-> Answer 'security group tag ACL assigned to each port on a switch' and answer 'security group tag number assigned to each user on a switch' are not correct as they say "assigned ... on a switch" only. Answer 'security group tag ACL assigned to each router on a network' is not correct either as it says "assigned to each router").
Question 204
Which function does a fabric edge node perform in an SD-Access deployment?
Correct Answer: B
Explanation There are five basic device roles in the fabric overlay: + Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay. + Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric. + Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric. + Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric. + Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.
Question 205
Refer to the exhibit. Cisco DNA Center has obtained the username of the client and the multiple devices that the client is using on the network. How is Cisco DNA Center getting these context details?
Correct Answer: C
Explanation Features of the Cisco DNA Assurance solution includes Device 360 and client 360, which provides a detailed view of the performance of any device or client over time and from any application context. Provides very granular troubleshooting in seconds.
