500-490 Exam Question 6
Which two activities should occur during an SE's discovery process? (Choose two.)
Correct Answer: A,E
The discovery process is a critical phase in the sales cycle, where the SE gathers information about the customer's network environment, business goals, challenges, and needs. The discovery process helps the SE to understand the customer's pain points, identify opportunities, and propose solutions that align with the customer's objectives and address their problems. The discovery process also helps the SE to establish credibility, trust, and rapport with the customer, and to map Cisco innovation to the customer's needs.
Some of the activities that should occur during the SE's discovery process are:
* Gathering information about the current state of the customer's network environment. This includes collecting data about the network topology, devices, protocols, applications, performance, security, availability, scalability, and management. The SE can use various tools and methods to gather this information, such as interviews, questionnaires, surveys, audits, assessments, and network analysis tools. Gathering information about the current state helps the SE to understand the customer's existing network capabilities, limitations, and gaps, and to benchmark the network against best practices and industry standards12
* Mapping Cisco innovation to the customer's needs. This involves identifying how Cisco products, solutions, and services can help the customer achieve their desired outcomes, address their challenges, and overcome their pain points. The SE can use various tools and methods to map Cisco innovation to the customer's needs, such as value proposition, business case, return on investment (ROI) analysis, proof of value (POV), proof of concept (POC), and demonstrations. Mapping Cisco innovation to the customer's needs helps the SE to show the value and benefits of Cisco solutions, differentiate Cisco from competitors, and influence the customer's decision making34 References:
1: Cisco Discovery Service 2: Cisco Network Assessment Services 3: Cisco Catalyst SD-WAN Demos 4:
Cisco Business Critical Services
Some of the activities that should occur during the SE's discovery process are:
* Gathering information about the current state of the customer's network environment. This includes collecting data about the network topology, devices, protocols, applications, performance, security, availability, scalability, and management. The SE can use various tools and methods to gather this information, such as interviews, questionnaires, surveys, audits, assessments, and network analysis tools. Gathering information about the current state helps the SE to understand the customer's existing network capabilities, limitations, and gaps, and to benchmark the network against best practices and industry standards12
* Mapping Cisco innovation to the customer's needs. This involves identifying how Cisco products, solutions, and services can help the customer achieve their desired outcomes, address their challenges, and overcome their pain points. The SE can use various tools and methods to map Cisco innovation to the customer's needs, such as value proposition, business case, return on investment (ROI) analysis, proof of value (POV), proof of concept (POC), and demonstrations. Mapping Cisco innovation to the customer's needs helps the SE to show the value and benefits of Cisco solutions, differentiate Cisco from competitors, and influence the customer's decision making34 References:
1: Cisco Discovery Service 2: Cisco Network Assessment Services 3: Cisco Catalyst SD-WAN Demos 4:
Cisco Business Critical Services
500-490 Exam Question 7
Which three options focus of the current digital business era? (Choose three.)
Correct Answer: A,C,D
https://salesconnect.cisco.com/sc/s/learning-activity-from-plan?ltui__urlRecordId=a0c8c00000P3hKMAAZ<u
500-490 Exam Question 8
Which two options help you sell Cisco ISE? (Choose two.)
Correct Answer: A,D
Cisco ISE is a comprehensive solution that enables enterprises to enforce consistent and secure access policies across wired, wireless, and VPN connections. It also provides visibility, control, and automation for the network devices, endpoints, users, and applications. To sell Cisco ISE effectively, it is important to highlight the benefits and features of the solution that address the customer's pain points and needs. Among the options given, two options help you sell Cisco ISE:
* Showcasing the entire ISE feature set: ISE has a rich and diverse feature set that covers various use cases, such as device management, asset visibility, software-defined segmentation, software-defined access, guest and wireless access, BYOD, posture assessment, threat detection and response, and more1.
By showcasing the entire ISE feature set, you can demonstrate the value proposition and differentiation of ISE from other solutions, and how it can help the customer achieve their business and technical goals.
* Explaining ISE support for 3rd party network devices: ISE is not limited to Cisco networks only. It can also support 3rd party network devices that comply with the standard protocols and interfaces, such as RADIUS, SNMP, TACACS+, 802.1X, MAB,CoA, and EAP2. By explaining ISE support for 3rd party network devices, you can show the customer that ISE is a flexible and interoperable solution that can work with their existing network infrastructure, and that they do not need to replace their non-Cisco devices to deploy ISE.
The other three options are not helpful for selling Cisco ISE:
* Referring to TrustSec as being only supported on Cisco networks: TrustSec is a Cisco technology that enables software-defined segmentation based on security group tags (SGTs) and security group access control lists (SGACLs)3. TrustSec is not only supported on Cisco networks, but also on 3rd party network devices that can integrate with ISE through pxGrid, which is a platform for sharing contextual information across multiple security products4. By referring to TrustSec as being only supported on Cisco networks, you can create a false impression that ISE is a proprietary and closed solution that requires a complete Cisco network overhaul, which can discourage the customer from adopting ISE.
* Discussing the importance of custom profiling: Profiling is a feature of ISE that allows it to identify and classify the endpoints on the network based on their attributes, such as MAC address, IP address, device type, operating system, etc.5. Custom profiling is the ability to create custom profiles and policies for the endpoints that are not recognized by the default ISE profiles. While custom profiling is an important feature of ISE, it is not a key selling point, because it is a complex and time-consuming process that requires a deep understanding of the endpoint attributes and behaviors, and it may not be relevant or applicable for all customers. By discussing the importance of custom profiling, you can confuse or overwhelm the customer with technical details that are not essential for their use case, and divert their attention from the core benefits and features of ISE.
* Downplaying the value of pxGrid as compared to RESTful APIs: pxGrid is a platform that enables ISE to share contextual information, such as identity, location, posture, device type, etc., with other security products, such as firewalls, SIEMs, threat detection systems, etc.4. RESTful APIs are a standard way of communicating with web services, such as ISE, using HTTP methods, such as GET, POST, PUT, DELETE, etc... Both pxGrid and RESTful APIs are valuable for ISE, because they provide different capabilities and benefits. pxGrid allows ISE to exchange real-time and bidirectional information with other security products, and to enforce consistent policies across the network4. RESTful APIs allow ISE to be integrated with external applications and systems, such as portals, dashboards, workflows, etc., and to automate and customize the network operations. By downplaying the value of pxGrid as compared to RESTful APIs, you can misrepresent the functionality and potential of ISE, and miss the opportunity to showcase how ISE can enhance the security and efficiency of the network.
References:
Cisco Identity Services Engine (ISE) Use Cases1 : Cisco Identity Services Engine Network Component Compatibility, Release 2.72 : Cisco TrustSec3 : Cisco pxGrid4 : Cisco ISE Network Discovery5 : Cisco Identity Services Engine Administrator Guide, Release 2.7 - Configure Custom Profiling Policies [Cisco Identity Services Engine] - Cisco : Cisco Identity Services Engine API Reference Guide, Release 2.7 - Cisco ISE REST APIs [Cisco Identity Services Engine] - Cisco
* Showcasing the entire ISE feature set: ISE has a rich and diverse feature set that covers various use cases, such as device management, asset visibility, software-defined segmentation, software-defined access, guest and wireless access, BYOD, posture assessment, threat detection and response, and more1.
By showcasing the entire ISE feature set, you can demonstrate the value proposition and differentiation of ISE from other solutions, and how it can help the customer achieve their business and technical goals.
* Explaining ISE support for 3rd party network devices: ISE is not limited to Cisco networks only. It can also support 3rd party network devices that comply with the standard protocols and interfaces, such as RADIUS, SNMP, TACACS+, 802.1X, MAB,CoA, and EAP2. By explaining ISE support for 3rd party network devices, you can show the customer that ISE is a flexible and interoperable solution that can work with their existing network infrastructure, and that they do not need to replace their non-Cisco devices to deploy ISE.
The other three options are not helpful for selling Cisco ISE:
* Referring to TrustSec as being only supported on Cisco networks: TrustSec is a Cisco technology that enables software-defined segmentation based on security group tags (SGTs) and security group access control lists (SGACLs)3. TrustSec is not only supported on Cisco networks, but also on 3rd party network devices that can integrate with ISE through pxGrid, which is a platform for sharing contextual information across multiple security products4. By referring to TrustSec as being only supported on Cisco networks, you can create a false impression that ISE is a proprietary and closed solution that requires a complete Cisco network overhaul, which can discourage the customer from adopting ISE.
* Discussing the importance of custom profiling: Profiling is a feature of ISE that allows it to identify and classify the endpoints on the network based on their attributes, such as MAC address, IP address, device type, operating system, etc.5. Custom profiling is the ability to create custom profiles and policies for the endpoints that are not recognized by the default ISE profiles. While custom profiling is an important feature of ISE, it is not a key selling point, because it is a complex and time-consuming process that requires a deep understanding of the endpoint attributes and behaviors, and it may not be relevant or applicable for all customers. By discussing the importance of custom profiling, you can confuse or overwhelm the customer with technical details that are not essential for their use case, and divert their attention from the core benefits and features of ISE.
* Downplaying the value of pxGrid as compared to RESTful APIs: pxGrid is a platform that enables ISE to share contextual information, such as identity, location, posture, device type, etc., with other security products, such as firewalls, SIEMs, threat detection systems, etc.4. RESTful APIs are a standard way of communicating with web services, such as ISE, using HTTP methods, such as GET, POST, PUT, DELETE, etc... Both pxGrid and RESTful APIs are valuable for ISE, because they provide different capabilities and benefits. pxGrid allows ISE to exchange real-time and bidirectional information with other security products, and to enforce consistent policies across the network4. RESTful APIs allow ISE to be integrated with external applications and systems, such as portals, dashboards, workflows, etc., and to automate and customize the network operations. By downplaying the value of pxGrid as compared to RESTful APIs, you can misrepresent the functionality and potential of ISE, and miss the opportunity to showcase how ISE can enhance the security and efficiency of the network.
References:
Cisco Identity Services Engine (ISE) Use Cases1 : Cisco Identity Services Engine Network Component Compatibility, Release 2.72 : Cisco TrustSec3 : Cisco pxGrid4 : Cisco ISE Network Discovery5 : Cisco Identity Services Engine Administrator Guide, Release 2.7 - Configure Custom Profiling Policies [Cisco Identity Services Engine] - Cisco : Cisco Identity Services Engine API Reference Guide, Release 2.7 - Cisco ISE REST APIs [Cisco Identity Services Engine] - Cisco
500-490 Exam Question 9
What is the easiest way to enable SD-Access for all your remote sites after you have your campus SD-Access fabric up and running?
Correct Answer: B
SD-Access - High Level Branch Design-Software Defined Access @
0:34https://salesconnect.cisco.com/sc/s/learning-activity-from-plan?ltui__urlRecordId=a0c8c00000O0wmZAAR
https://www.ciscolive.com/c/dam/r/ciscolive/apjc/docs/2020/pdf/BRKCRS-3493.pdf
0:34https://salesconnect.cisco.com/sc/s/learning-activity-from-plan?ltui__urlRecordId=a0c8c00000O0wmZAAR
https://www.ciscolive.com/c/dam/r/ciscolive/apjc/docs/2020/pdf/BRKCRS-3493.pdf
500-490 Exam Question 10
Which Cisco product were incorporated into Cisco ISE between ISE releases 2.0 and 2.3?
Correct Answer: B
Cisco ISE incorporated Cisco ACS (Cisco Secure Access Control System) between ISE releases 2.0 and 2.3.
Cisco ACS was a network access policy platform that provided authentication, authorization, and accounting (AAA) services for network devices and users. Cisco ACS was discontinued in 2017 and replaced by Cisco ISE, which offers more advanced features and capabilities for identity-based network access control. Cisco ISE provides a migration tool that allows customers to migrate their data and configurations from Cisco ACS to Cisco ISE. The migration tool supports Cisco ACS versions 5.5, 5.6, 5.7, and 5.8 and Cisco ISE versions
2.0, 2.1, 2.2, and 2.3.
References:
* Cisco Secure Access Control System End-of-Life Announcement [Cisco Secure Access Control System]
* Cisco Secure ACS to Cisco ISE Migration Tool [Cisco Identity Services Engine]
* Cisco Identity Services Engine Administrator Guide, Release 2.3 - Cisco Secure ACS to Cisco ISE Migration [Cisco Identity Services Engine]
* Cisco Identity Services Engine Administrator Guide, Release 2.3 - Manage Migration [Cisco Identity Services Engine]
* [Cisco Identity Services Engine Migration Guide, Release 2.3 [Cisco Identity Services Engine]]
* [Designing Cisco Enterprise Networks (ENDESIGN) Exam Topics [Cisco]]
* [Cisco Validated Design Guides [Cisco]]
ISE 2.3 includes the final suite of capabilities designed to reach feature parity with Cisco Secure Access Control System (ACS), allowing all existing ACS customers to migrate their deployment to ISE. New features include TACACS+-based device administration for IPv6, import and export capabilities for TACACS+-based command sets, policy export scheduling, IP range support in all octets, and more. See the ACS vs ISE Comparison for feature comparisons with every release of ISE
Cisco ACS was a network access policy platform that provided authentication, authorization, and accounting (AAA) services for network devices and users. Cisco ACS was discontinued in 2017 and replaced by Cisco ISE, which offers more advanced features and capabilities for identity-based network access control. Cisco ISE provides a migration tool that allows customers to migrate their data and configurations from Cisco ACS to Cisco ISE. The migration tool supports Cisco ACS versions 5.5, 5.6, 5.7, and 5.8 and Cisco ISE versions
2.0, 2.1, 2.2, and 2.3.
References:
* Cisco Secure Access Control System End-of-Life Announcement [Cisco Secure Access Control System]
* Cisco Secure ACS to Cisco ISE Migration Tool [Cisco Identity Services Engine]
* Cisco Identity Services Engine Administrator Guide, Release 2.3 - Cisco Secure ACS to Cisco ISE Migration [Cisco Identity Services Engine]
* Cisco Identity Services Engine Administrator Guide, Release 2.3 - Manage Migration [Cisco Identity Services Engine]
* [Cisco Identity Services Engine Migration Guide, Release 2.3 [Cisco Identity Services Engine]]
* [Designing Cisco Enterprise Networks (ENDESIGN) Exam Topics [Cisco]]
* [Cisco Validated Design Guides [Cisco]]
ISE 2.3 includes the final suite of capabilities designed to reach feature parity with Cisco Secure Access Control System (ACS), allowing all existing ACS customers to migrate their deployment to ISE. New features include TACACS+-based device administration for IPv6, import and export capabilities for TACACS+-based command sets, policy export scheduling, IP range support in all octets, and more. See the ACS vs ISE Comparison for feature comparisons with every release of ISE
- Other Version
- 506Cisco.500-490.v2024-04-23.q39
- 1143Cisco.500-490.v2022-04-06.q35
- 108Cisco.Actualtorrent.500-490.v2022-03-23.by.arlen.35q.pdf
- 1177Cisco.500-490.v2021-10-12.q32
- 105Cisco.Vce4plus.500-490.v2021-08-20.by.burton.34q.pdf
- Latest Upload
- 155CrowdStrike.CCSE-204.v2026-06-12.q25
- 168VMware.2V0-17.25.v2026-06-12.q49
- 167Appian.ACA-100.v2026-06-11.q23
- 252CompTIA.220-1202.v2026-06-11.q114
- 184CheckPoint.156-590.v2026-06-11.q47
- 267CompTIA.220-1202.v2026-06-10.q109
- 219CertiProf.CEHPC.v2026-06-10.q54
- 155Hitachi.HQT-4160.v2026-06-10.q25
- 416PMI.PMI-ACP-CN.v2026-06-09.q453
- 199Splunk.SPLK-5002.v2026-06-08.q52
[×]
Download PDF File
Enter your email address to download Cisco.500-490.v2024-09-27.q17 Practice Test