Topic 3, Exam Pool C
Which two posture redirect ACLs and remediation DACLs must be pushed from Cisco ISE to a Cisco IOS switch if the endpoint must remediate itself? The ISE IP address is 10.201.228.76 and the IP address of the remediating server is 10.201.229.1. (Choose two.)
A . ip access-l ex ACL-POSTURE-REDIRECT deny udp any any eq domain deny ip any host 10.201.228.76 permit tcp any any eq 80 permit tcp any any eq 443
B . ip access-l ex ACL-POSTURE-REDIRECT deny udp any any eq domain deny ip any host 10.201.228.76 deny ip any host 10.201.229.1 permit tcp any any eq 80permit tcp any any eq 443
C . ip access-l ex ACL-POSTURE-REDIRECT deny udp any any eq domain permit ip any host 10.201.228.76 permit ip any host 10.201.229.1 deny ip any any
D . POSTURE_REMEDIATION DACL permit udp any any eq domain permit tcp any host 10.201.228.76 permit tcp any any eq 80 permit tcp any any eq 443
E . POSTURE_REMEDIATION DACL permit udp any any eq domain deny tcp any host 10.201.228.76 permit tcp any any eq 80 permit tcp any any eq 443 permit ip any host 10.210.229.1
F . POSTURE_REMEDIATION DACL permit udp any any eq domain deny tcp any host 10.201.228.76 deny ip any host 10.210.229.1 permit tcp any any eq 80 permit tcp any any eq 443
Answer: B, D