Which two posture redirect ACLs and remediation DACLs must be pushed from Cisco ISE to a Cisco IOS switch if the endpoint must remediate itself?

Posted by: Pdfprep Category: 300-208 Tags: CCNP Security, 300-208 exam questions, 300-208 practice exam Post Date: December 20, 2020

Topic 3, Exam Pool C

Which two posture redirect ACLs and remediation DACLs must be pushed from Cisco ISE to a Cisco IOS switch if the endpoint must remediate itself? The ISE IP address is 10.201.228.76 and the IP address of the remediating server is 10.201.229.1. (Choose two.)
A . ip access-l ex ACL-POSTURE-REDIRECT     deny udp any any eq domain  deny ip any host 10.201.228.76  permit tcp any any eq 80 permit tcp any any eq 443
B . ip access-l ex ACL-POSTURE-REDIRECT     deny udp any any eq domain  deny ip any host 10.201.228.76  deny ip any host 10.201.229.1  permit tcp any any eq 80permit tcp any any eq 443
C . ip access-l ex ACL-POSTURE-REDIRECT     deny udp any any eq domain  permit ip any host 10.201.228.76  permit ip any host 10.201.229.1 deny ip any any
D . POSTURE_REMEDIATION DACL  permit udp any any eq domain  permit tcp any host 10.201.228.76  permit tcp any any eq 80 permit tcp any any eq 443
E . POSTURE_REMEDIATION DACL  permit udp any any eq domain  deny tcp any host 10.201.228.76  permit tcp any any eq 80  permit tcp any any eq 443 permit ip any host 10.210.229.1
F . POSTURE_REMEDIATION DACL  permit udp any any eq domain  deny tcp any host 10.201.228.76  deny ip any host 10.210.229.1  permit tcp any any eq 80 permit tcp any any eq 443

Answer: B, D

Which two posture redirect ACLs and remediation DACLs must be pushed from Cisco ISE to a Cisco IOS switch if the endpoint must remediate itself?

Author

Leave a Reply Cancel reply