CCNP Secure FAQ 802.1X and Cisco Identity-Based Networking Services (IBNS)
Q1. Which of the following is a framework defined by the IEEE 802.1 working group that provides a standard link layer protocol for port-based access control and authentication?
A. 802.1q
B. 802.11b
C. 802.1x
D. 802.1w
Q2. What are the three roles the IEEE 802.1x framework defines in the authentication process?
A. Authentication server
B. Administrator
C. Authenticator
D. Supplicant
E. Client
F. Object
Q3. Prior to the client authentication, which protocols are allowed to pass through a port? (Select three.)
A. EAPOL
B. RADIUS
C. CDP
D. TACACS+
E. SNMP
F. Spanning Tree Protocol (STP)
Q4. Which of the following are valid IBNS deployment modes?
A. Monitor Mode
B. High-Security Mode
C. Low-Security Mode
D. Unlocked Mode
E. Low-Impact Mode
Q5. Which of the following are valid EAP packet types?
A. EAPOL-Alert
B. EAPOL-Start
C. EAPOL-Logoff
D. EAPOL-Private
E. EAP-Packet
Q6. Which of the following are valid configurable 802.1x port states?
A. Auto
B. Unauthorized
C. Forced-Authorized
D. Authorized
E. Forced-Unauthorized
Q7. Which of the following port authentication host modes allows a single data and single voice host to be authenticated?
A. Single-Host
B. Multi-Host
C. Multi-Domain
D. Multi-Auth
E. Open
Q8. Which of the following is the correct Ethernet type value used with EAPOL?
A. 88:8E
B. 08:00
C. 88:E5
D. 86:DD
E. 88:08
Q9. Which field in the EAP frame format is 1 octet and aids in matching responses with requests?
A. Code
B. Identifier
C. Length
D. Data
Q10. Which of the following EAP types utilizes tunnels to encapsulate EAP traffic?
A. PEAP
B. EAP-TLS
C. EAP-TTLS
D. EAP-FAST
Q11. The _____deployment mode reduces known issues with other protocols’ timeouts and networked services.
Q12. The _____ feature provides the ability for a host without 802.1x support to gain full network access.
Q13. The _____ feature provides the ability for a host to gain some network access even after failing authentication.
Q14. When implementing 802.1x, the _____ is the entity that validates the identity of the requesting host.
Q15. The _____ and _____ protocols are not supported by 802.1x natively without external tunneling support.
Q16. In a LAN environment, the _____ protocol is used to transport EAP traffic.
Q17. When the supplicant initiates the 802.1x connection, it sends an _____ frame to start the connection.
Q18. When using EAP-MD5, a _____ is sent in lieu of a password on the network.
Q19. The _____ is relied on by EAP-FAST to help establish tunneling.
Q20. When using EAPOL, the PAE group address is always set to _____.
More Resources