Config Router

  • Google Sheets
  • CCNA Online training
    • CCNA
  • CISCO Lab Guides
    • CCNA Security Lab Manual With Solutions
    • CCNP Route Lab Manual with Solutions
    • CCNP Switch Lab Manual with Solutions
  • Juniper
  • Linux
  • DevOps Tutorials
  • Python Array
You are here: Home / Cisco / CCNP Security FAQ: Troubleshooting Tools

CCNP Security FAQ: Troubleshooting Tools

March 24, 2020 by James Palmer

CCNP Security FAQ: Troubleshooting Tools


Figure: Live sessions

Q1. Which ISE diagnostic tool can be used to find misconfigurations in a Cisco NAD?
a. TCP Dump
b. Live Sessions Log
c. RADIUS Authentication Troubleshooting Tool
d. Evaluate Configuration Validator

Answer: D. The Evaluate Configuration Validator tool compares a switch configuration to a “template” configuration built in to ISE, and any differences between the configurations are pointed out.

Q2. Which ISE diagnostic tool can be used to examine different aspects of a session and provide some additional details that might not have been available in the detailed authentication report?
a. TCP Dump
b. Live Sessions Log
c. RADIUS Authentication Troubleshooting Tool
d. Evaluate Configuration Validator

Answer: C. The RADIUS Authentication Troubleshooting tool attempts to examine different aspects of a session and provide some additional details that might not have been available in the detailed authentication report, as well as provide some suggestions for items to check next.

Q3. True or False? Logging levels in ISE can be set to debug level only from the command-line interface.
a. True
b. False

Answer: B. Each ISE component can have its logging levels changed through the graphical user interface only.

Q4. Which ISE tool displays a correlated view of authentications, change of authorizations, and state changes of an endpoint through its lifecycle on a network?
a. Live Log
b. Live Sessions Log
c. RADIUS Authentication Troubleshooting Tool
d. Evaluate Configuration Validator

Answer: B. The Live Sessions Log correlates activity related to the entire session, not just the raw entries related to a passed or failed authentication.

Q5. Which ISE tool displays a near real-time view of passed and failed authentications?
a. Live Log
b. Live Sessions Log
c. RADIUS Authentication Troubleshooting Tool
d. Evaluate Configuration Validator

Answer: A. The Live Log displays events related to the raw syslog messages sent from the PSN to the MNT node, focused on passed or failed authentications.

Q6. Choose the option that best describes how external syslog servers can receive logs from ISE.
a. Each PSN must be configured locally to send syslog to all sources.
b. It is not possible to configure ISE to log to external logging servers.
c. The MnT node is configured to forward all received syslog to the external recipients.
d. Each PSN sends syslog to the MNT nodes, and the external syslog receivers at the same time.

Answer: D. Logging targets are configured centrally, and the settings are pushed down to each PSN. Each PSN is configured to send syslog messages to all configured logging targets concurrently.

Q7. Where does an ISE admin disable all event de-duplication?
a. Administration > System > Logging > Message Catalog
b. Administration > System > Protocols > RADIUS
c. Administration > System > Logging > Remote Logging Targets
d. Administration > System > Protocols > IEEE 802.1X

Answer: B. The Suppress Anomalous Clients setting within Administration > System > Protocols > RADIUS is used to enable log de-duplication.

Q8. Which tool will gather all the important log files and combine them into a single bundle for TAC?
a. Cisco AnyConnect Network Access Manager (NAM)
b. Cisco AnyConnect Diagnostic and Reporting Tool (DART)
c. Cisco NAC Agent
d. Cisco ISE Agent

Answer: B. Cisco AnyConnect DART is the module used to collect all log files from the endpoint along with other important information, combining them all into a single Zip file for analysis by Cisco TAC.

Q9. What are the three main locations to troubleshoot network access authentication?
a. ISE, firewall, NAD
b. ISE, endpoint, firewall
c. ISE, endpoint, NAD
d. Endpoint, firewall, NAD

Answer: C. Although a firewall can sometimes be a good place to troubleshoot why communication is not successful, the three main locations to troubleshoot network access are ISE, the endpoint, and the NAD.

Q10. Which debug command will provide the best detail to identify why a URL redirection might not be working?
a. debug authentication
b. debug epm all
c. debug dot1x all
d. debug aaa all

Answer: B. debug epm is the go-to debug command for all activities related to URL-redirection, dACLs being applied, SGTs being assigned, and all other activity related to an authentication session advanced capabilities.

More Resources

  • CCNP Security FAQ
  • CCNP Security VPN FAQ
  • CCNP Secure IPS FAQ
  • CCNA Security FAQ
  • Network Security FAQ
  • CCNA Exam Answers Cisco Learning Network
  • CCNA Frequently Asked Questions
  • CCNA Exam Questions with Explanation
  • CCNA Cyber Ops FAQ

Related

Filed Under: Cisco Tagged With: CCNP, CCNP Security, CCNP Security FAQ, CCNP Security FAQ: Troubleshooting Tools

Recent Posts

  • How do I give user access to Jenkins?
  • What is docker volume command?
  • What is the date format in Unix?
  • What is the difference between ARG and ENV Docker?
  • What is rsync command Linux?
  • How to Add Music to Snapchat 2021 Android? | How to Search, Add, Share Songs on Snapchat Story?
  • How to Enable Snapchat Notifications for Android & iPhone? | Steps to Turn on Snapchat Bitmoji Notification
  • Easy Methods to Fix Snapchat Camera Not Working Black Screen Issue | Reasons & Troubleshooting Tips to Solve Snapchat Camera Problems
  • Detailed Procedure for How to Update Snapchat on iOS 14 for Free
  • What is Snapchat Spotlight Feature? How to Make a Spotlight on Snapchat?
  • Snapchat Hack Tutorial 2021: Can I hack a Snapchat Account without them knowing?

Copyright © 2025 · News Pro Theme on Genesis Framework · WordPress · Log in