9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

Windows Server 2012 R2 - QUESTIONS : PART 34

Which statements are true about the DHCP quarantine method? (Select two.)


The DNS server for a quarantine subnet is assigned by the enterprise DHCP server.

A quarantine subnet consists of a set of IP addresses dynamically assigned to endpoints.

Endpoint Integrity can be managed for endpoints with static IP addresses by defining exceptions.

A non-quarantine IP address is assigned by the NAC 800 after an endpoint passes integrity testing.

Port 2 of the NAC 800 can be connected to a switch that provides a path to multiple DHCP servers.


A ProCurve 3500yl switch is connected to port 1 of a ProCurve NAC 800 and a DHCP server is connected to port 2. The DHCP server IP address is The NAC 800 IP address is The IP address is assigned to VLAN 24 on the switch.
Which additional configuration settings would be appropriate for supporting a non-quarantine subnet and a quarantine subnet? (Select two.)


on the switch, a multinetted IP address of assigned to VLAN 24

on the NAC 800, the IP address of the DHCP server specified as

on the NAC 800, IP addresses through defined as exceptions

on the switch, the IP helper addresses and defined for VLAN 24

on the DHCP server, one scope for and a second scope for


Which configuration task is applicable to the ProCurve NAC 800 inline quarantine method?

Enable the internal firewall.

Specify one or more quarantine subnets.

Add IP address entries to the Accessible Services List.

Select the port to be used for connection to the external network.

Identify the static and DHCP IP address ranges of endpoints to monitor.


What is an important factor to consider when deploying the ProCurve NAC 800 using the DHCP quarantine method?


The IP address lease duration must be set to five minutes or less on the DHCP server.

The DHCP server requires one additional, non-overlapping scope for every existing DHCP scope.

A switch must support traffic mirroring for each DHCP server protected by the NAC 800.

Endpoint Integrity cannot be enforced for devices using static IP addresses.

The DNS server scope option on the DHCP server must be set to the IP address of the NAC 800.


A network is configured to support a ProCurve NAC 800 operating with the DHCP quarantine method. How does an endpoint transition from a quarantine IP address to a non-quarantine IP address after passing integrity testing?


The NAC 800 triggers the switch to re-authenticate the endpoint causing a new DHCP request to be issued.

The NAC 800 sends a DHCP release to the endpoint followed by a DHCP assignment message with the IP address.

The switch stops forwarding DHCP requests from the endpoint to the NAC 800 and instead sends them to the DHCP server.

Any subsequent DHCP request from the endpoint is allowed by the NAC 800 to pass to the DHCP server.


A network is configured to support a ProCurve NAC 800 operating with the DHCP quarantine method. The NAC 800 is located between a ProCurve 3500yl switch and a DHCP server. How is DHCP traffic processed when an endpoint, that is currently unknown to the NAC 800, sends a DHCP request for an IP address?

The switch requests the endpoint’s integrity state from the NAC 800 before forwarding to the DHCP server.

If the NAC 800 receives a DHCP request addressed to the DHCP server, the request is blocked by the NAC 800.

The DHCP server checks the endpoint’s integrity state passed to it by the NAC 800 before responding with an IP address.

The DHCP server responds with a quarantine IP address initially and waits for the NAC 800 to indicate the endpoint has passed integrity testing.


A ProCurve 5406zl switch is connected to port 1 of a ProCurve NAC 800 and a DHCP server is connected to port 2 of the NAC 800. You are planning to deploy the ProCurve NAC 800 with the DHCP quarantine method using a shared subnet approach. Which configuration requirement must be satisfied?


The quarantine and non-quarantine subnets defined on the NAC 800 must be the same.

 The switch requires that separate VLANs be defined for the quarantine and non-quarantine subnets.

Each switch VLAN supporting the endpoints must use a single IP helper set to the IP address of the NAC 800.

The scope on the DHCP server and the quarantine subnet on the NAC 800 must use non-overlapping IP addresses.


You are configuring a ProCurve NAC 800 to operate using the DHCP quarantine method. Which parameters are specified when adding a quarantine area? (Select three.)


IP address of the DHCP server

IP address of a RADIUS server

IP address of a default gateway

range of quarantine IP addresses

lease duration time for IP addresses

non-quarantine subnet using CIDR notation

IP address of a DNS server for quarantine subnet

static route for endpoints to use when quarantined


_____ Sets an alias for a host name

DNS Event Logging tab

DNS Debug Logging tab

DNS CNAME (canonical name)

SHOW ANSWER (Assignable IP range - is

Class C

Class D

Class A

Class B


_______ : Declares the host that's the most authoritative for the zone and, as such, is the best source of DNS information for the zone

DNS PTR Record

DNS Start of Authority

DNS Monitoring tab

DNS A Record


which is the type of DNS Scopes


Normal DHCP Scope

Normal, Multicast, Super

Multicast Scope

Forward Lookup Zone


_____. Is the process of placing timestamps on dynamically registered records






TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556