An engineer is configuring TACACS+ within Cisco ISE for use with a non-Cisco network device. They need to send special attributes in the Access-Accept response to ensure that the users are given the appropriate access. What must be configured to accomplish this ' ?
An engineer is configuring a new Cisco ISE node. The Device Admin service must run on this node to handle authentication requests for network-device access through TACACS+. Which persona must be enabled on this node to perform this function?
An administrator must configure Cisco ISE to authenticate a user accessing a Cisco Adaptive Security Appliance firewall through SSH. The solution must meet these requirements:
• The local Cisco ISE database must be used for user authentication.
• ASA commands run by users must be validated.
These configurations were performed:
• Added the Cisco Adaptive Security Appliance firewall
• Configured user accounts
• Enabled the Device Admin service in Cisco ISE
• Configured a TACACS+ profile
• Configured an authorization policy
• Configured the ASA firewall for authentication and authorization
Which two actions must be taken in Cisco ISE? (Choose two.)
What are two requirements of generating a single signing in Cisco ISE by using a certificate provisioning portal, without generating a certificate request? (Choose two )
An engineer is configuring static SGT classification. Which configuration should be used when authentication is disabled and third-party switches are in use?
An administrator must authenticate Cisco Secure Client users by using a secure token against an LDAP server to grant wireless network access in a Cisco ISE deployment. These configurations have been performed:
• Configured Microsoft Active Directory as an external identity source
• Created an authentication policy
• Created an authorization policy
The administrator must create a Cisco Secure Client profile to complete the configuration. Which protocol must be implemented in the policy?
Users in an organization report issues about having to remember multiple usernames and passwords. The network administrator wants the existing Cisco ISE deployment to utilize an external identity source to alleviate this issue. Which two requirements must be met to implement this change? (Choose two.)
An engineer needs to configure Cisco ISE Profiling Services to authorize network access for IP speakers that require access to the intercom system. This traffic needs to be identified if the ToS bit is set to 5 and the destination IP address is the intercom system. What must be configured to accomplish this goal?
An organization is adding nodes to their Cisco ISE deployment and has two nodes designated as primary and secondary PAN and MnT nodes. The organization also has four PSNs An administrator is adding two more PSNs to this deployment but is having problems adding one of them What is the problem?
An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones The phones do not have the ability to authenticate via 802 1X Which command is needed on each switch port for authentication?
TESTED 18 Jul 2026