Which CLI command manages the Java Keystore Certificate in Windows CCE servers?
PROCMON
OPENSSL
System CLI
Keytool
The CLI command that manages the Java Keystore Certificate in Windows CCE servers is keytool. Keytool is a utility that is included in the Java Runtime Environment (JRE) and allows you to create, import, export, list, and delete certificates, keys, and keystores. A keystore is a repository of security certificates that can be used for SSL/TLS communication. The Java Keystore Certificate is the default keystore that is used by the Java applications running on the Windows CCE servers, such as the Web Setup tool, the Diagnostic Framework Portico, and the Unified Intelligence Center12. To use keytool, you need to open a command prompt window and navigate to the JRE bin directory, which is typically located at C:\Program Files\Java\jre
What are two functions of a SIP Proxy Server? (Choose two.)
centralizes dial plans
connects to Call Router
handles box-to-box redundancy
helps to centralize the administration and call control
load balancer for HTTP and SIP
A SIP proxy server is a component of a SIP network that handles the setup and termination of calls between SIP devices. It also performs functions such as registration, authorization, network access control, and network security. Some of the functions of a SIP proxy server are:
References:
Which three modes can implement single sign-on in PCCE? (Choose three.)
Non-SSO
SSO
ldS
ldP
SAML
Hybrid
According to the Cisco documentation12, single sign-on (SSO) in PCCE can be implemented in one of these three modes:
Option A is incorrect because Non-SSO is the opposite of SSO, and it means continuing to use existing Active Directory-based and local authentication, without SSO1. Option C is incorrect because ldS is a typo for IdS, which is not a mode but a component of SSO. Option D is incorrect because ldP is a typo for IdP, which is also not a mode but a component of SSO.
References:
Which two claim rules will be added to specify the claims sent from ADFS to Cisco Identity Service as part of a successful SAML assertion in PCCE? (Choose two.)
sAMAccountName - Logon names maintained for backward compatibility
user_principal - For Identifying the authentication realm of the user in the assertion sent to Cisco Identity Service.
E-Mail Address - For the Outgoing claim type
Unspecified - For the Incoming name ID format
uid - For Identifying the authenticated user in the claim sent to the applications
= In order to configure SAML SSO for PCCE, you need to create claim rules that specify the claims sent from ADFS to Cisco Identity Service as part of a successful SAML assertion. The claim rules define how to transform the incoming claims from the AD FS identity provider into the outgoing claims that are expected by the Cisco Identity Service relying party. The two claim rules that are required for PCCE are:
The other options are not valid claim rules for PCCE. The user_principal option is not a valid attribute name in AD FS. The Unspecified option is not a valid claim type in AD FS. The uid option is not a valid attribute name in AD FS, but it is the outgoing claim type that is mapped from the sAMAccountName attribute.
References :=
What are two ways to deploy security certificates in CCE? (Choose two.)
Certificate Authority (CA)
3rd party signed
Security Authority (SA)
Digitally signed
Self-signed
Security certificates are used to ensure that browser communication is secure by authenticating clients and servers on the web. There are two ways to deploy security certificates in CCE: Certificate Authority (CA) signed certificates and self-signed certificates1.
CCE supports both CA signed certificates and self-signed certificates for securing the communication between different components, such as AW, CVP, Finesse, ECE, etc. However, some components may require additional steps or configurations to use CA signed certificates, such as importing the CA certificate into the AW machines, changing the Java truststore password, or binding the CA signed certificate in the Diagnostic Portico123.
The other options are not valid ways to deploy security certificates in CCE:
References:
1: Security Guide for Cisco Unified ICM/Contact Center Enterprise, Release 12.6(1) - Certificate Management for Secured Connections 2: Packaged CCE Migration Guide, Release 12.0 - Manage Security Certificates 4: Computer forensics certifications - Infosec Resources 3: Implement CA Signed Certificates in a CCE Solution - Cisco
What are two roles of a Certificate Authority (CA) in a trusted third-party CA certificate? (Choose two.)
to provide validation of certificate requests
to issue a CA signed Identity certificates
to provide domain validation certificate
to import the root CA certificate to each component
to generate a new Certificate Signing Request (CSR)
A certificate authority (CA) is a trusted entity that issues digital certificates for websites and other entities. CAs validate a website domain and, depending on the type of certificate, the ownership of the website, and then issue TLS/SSL certificates that are trusted by web browsers like Chrome, Safari and Firefox. Thus, CAs help keep the internet a safer place by verifying websites and other entities to enable more trust in online communications and transactions. Some of the roles of a CA in a trusted third-party CA certificate are:
References:
Which two validations will be completed for the PCCE production deployment model on an ESXi server? (Choose two.)
Linux verification for containers.
The hypervisor provides enough power.
The lab is deployed properly.
Ensure that the correct servers are on the correct sides.
Correct RAM and CPU are being deployed.
The PCCE production deployment model on an ESXi server requires two validations: ensuring that the correct servers are on the correct sides and verifying that the correct RAM and CPU are being deployed. These validations are necessary to ensure that the PCCE components are configured properly and have sufficient resources to run smoothly. The other options are not relevant for the PCCE production deployment model on an ESXi server. Linux verification for containers is not applicable because PCCE does not use containers. The hypervisor provides enough power is not a validation step, but a prerequisite for the ESXi server. The lab is deployed properly is not a validation for the production deployment model, but for the lab deployment model. References: Virtualization for Cisco Packaged CCE Release 11.6(x)1, Deployment Type Info API2.
Which team is responsible for ensuring that servers designated for use by CCE VMs meet these requirements, including but not limited to Storage System Performance and IOPS (Input/Output Operations Per Second) Requirements?
Design team
Deployment team
Support Team
Sales team
The deployment team is responsible for ensuring that servers designated for use by CCE VMs meet the requirements, including but not limited to Storage System Performance and IOPS (Input/Output Operations Per Second) Requirements. The deployment team is the group of engineers who install, configure, and test the CCE solution at the customer site. They must follow the design specifications and guidelines provided by the design team, and verify that the hardware and software components are compatible and meet the performance and capacity requirements. The deployment team must also ensure that the CCE VMs are deployed on the appropriate servers and have the correct network and storage configurations1. References: Troubleshooting Cisco Contact Center Enterprise (CCET) course outline2, Virtualization for Cisco Packaged CCE Release 11.6(x)1.
Where are external voice DNs sourced from in a CCE Dial Plan?
VGW
CUCM
CVP
CUBE
External voice DNs are sourced from CUCM in a CCE Dial Plan. External voice DNs are the DNs that are not associated with any CCE device, such as agent phones, VRU peripherals, or gateways. They are used to route calls to destinations outside the CCE network, such as PSTN numbers, voicemail, or other PBXs. CUCM is responsible for provisioning and managing these DNs and assigning them to the appropriate devices or trunks. CVP can also use external voice DNs to send calls to CUCM for further routing or treatment.
References:
Which telephony deployment is between a TDM trunk and a VOIP?
CUCM
CUBE
Voice gateway (VGW)
CUSP
A voice gateway (VGW) is a device that connects a traditional telephony network, such as a TDM trunk, to a voice over IP (VoIP) network, such as a Cisco Unified Communications Manager (CUCM) cluster. A VGW performs signaling and media conversion between the two networks, and can also provide supplementary services, such as call routing, digit manipulation, transcoding, conferencing, and fax relay. A VGW can be a standalone device, such as a Cisco Integrated Services Router (ISR), or a software module, such as a Cisco Unified Border Element (CUBE). A CUBE is a special type of VGW that can also provide security, demarcation, and interworking functions for VoIP calls. A CUBE can be deployed between two VoIP networks, such as CUCM and a service provider SIP trunk, or between a TDM trunk and a VoIP network, in which case it acts as both a CUBE and a VGW. A CUCM is not a VGW, but a call control platform that manages VoIP endpoints, such as IP phones, and interacts with VGWs for call routing and signaling. A CUSP is a Cisco Unified SIP Proxy, which is a device that provides SIP routing and load balancing for VoIP networks. A CUSP is not a VGW, but a SIP proxy server that can work with CUCM and CUBE to optimize SIP call flows. References:
Which keytool command lists certificates in the cacerts file?
keytool -list -showinfo
keytool -list -keystore cacerts
keytool -list cacerts
keytool -list -alias
The keytool command that lists certificates in the cacerts file is B: keytool -list -keystore cacerts. This command will display the aliases and fingerprints of all the certificates in the cacerts file, which is the default truststore for Java applications1. The cacerts file contains the root and intermediate certificates of various certificate authorities (CAs) that are trusted by Java2.
The other options are incorrect because:
References:
1: keytool - Key and Certificate Management Tool 2: How to check a Certificate is in default cacerts 3: java - How to view and edit cacerts file? - Stack Overflow 4: HOW TO: Import or list certificates from Java cacerts file using … 5: Keytool: List Certificate - Java Certs - ShellHacks
Which Cisco Unified Border Element configuration is used in Contact Center Enterprise with Cisco Unified Customer Voice Portal and Cisco Unified Border Element deployment?
voice gateway must be dedicated for VXML browser sessions.
Cisco Unified Border Element must be configured as media pass flow-around mode.
Cisco Unified Border Element must be configured as media pass flow-through mode.
Box-to-box Cisco Unified Border Element must be used for redundancy.
n Contact Center Enterprise with Cisco Unified Customer Voice Portal (CVP) and Cisco Unified Border Element (CUBE) deployment, CUBE must be configured as media pass flow-through mode. This means that CUBE will terminate and reoriginate both the signaling and media streams for each call leg. This allows CUBE to perform media manipulation, such as transcoding, transrating, DTMF interworking, and media forking. Media pass flow-through mode is required for CUBE to support advanced features for contact center, such as courtesy call back, contact center survivability, and encrypted (SRTP) trunks. Media pass flow-around mode, where CUBE only terminates and reoriginate the signaling stream and lets the media stream bypass CUBE, is not supported for contact center solutions. A voice gateway must not be dedicated for VXML browser sessions, as CUBE can coexist with VXML gateway on the same platform. Box-to-box CUBE can be used for redundancy, but it is not a mandatory configuration for contact center solutions123. References:
Which three statements describe fails in the high availability of Cisco Unified Intelligent Contact Management central controller? (Choose three.)
If ICM Logger side A fails, router side B cannot send historical info to ICM Logger side A and is limited to ICM Logger side B.
If the private LAN fails, the Peripheral Gateways are used to help determine the active call router side of the duplex pair.
If ICM Logger side A fails, the impact of call processing is limited to ICM call router side A.
If one ICM call router of a duplex pair of Cisco Unified ICM call routers fails, the surviving ICM call router recognizes the failure when it receives no response to heartbeats over the private LAN.
There is no impact on call processing during a Cisco Unified ICM Logger failure.
During Cisco Unified ICM call router failover processing, calls in progress in Cisco Unified Customer Voice Portal are disconnected, but all new calls are processed successfully.
References:
What should be deployed to provide a web-based administrative interface even though Unified CCE provides Configuration Manager as the legacy User Interface for administrators?
WebSetup
Contact Centre Management Portal (CCMP)
LDAP Plugin
Single Pane of Glass (SPOG)
The Single Pane of Glass (SPOG) is the web-based administrative interface that should be deployed to provide a unified and simplified view of the Unified CCE system, even though Unified CCE provides Configuration Manager as the legacy User Interface for administrators1. The SPOG is also known as the CCE Web Administration or the Unified CCE Administration console, and it allows administrators to configure and manage various Unified CCE features and settings, such as agents, attributes, precision queues, bucket intervals, media routing domains, license, bulk jobs, deployment type, system information, single sign-on, context service, and contact center AI23.
The other options are incorrect because:
References:
1: UCCE 10.5 Web Admin Interface - Cisco Community 2: Administration Guide for Cisco Unified Contact Center Enterprise, Release 12.6 (1) - Web Based CCE Administration [Cisco Unified Contact Center Enterprise] - Cisco 4: Web Setup Guide for Cisco Unified ICM/Contact Center Enterprise, Release 12.6(1) - Web Setup Overview [Cisco Unified Contact Center Enterprise] - Cisco 5: [Cisco Unified Contact Center Management Portal Data Sheet - Cisco] 3: Web Based CCE Administration - Cisco 6: Web Setup Guide for Cisco Unified ICM/Contact Center Enterprise, Release 12.6(1) - Web Setup Overview [Cisco Unified Contact Center Enterprise] - Cisco : Cisco Unified Contact Center Management Portal Data Sheet - Cisco
What are two tasks of a PCCE initialization under Unified CCE PG? (Choose two.)
Creates the CUCM Peripheral Gateway (PG) with the CUCM PIM.
Creates just VRU PG; VRU PIMs need to be added manually.
Creates the Media Routing PG (MR PG) with three MR PIMs.
Downloads JTAPI from the Unified Communications Manager and installs it on the Unified CCE PG.
Downloads JTAPI from the Unified Communications Manager, but manually need to be installed in the Unified CCE PG.
A PCCE initialization under Unified CCE PG performs the following two tasks among others:
References:
Cisco Packaged Contact Center Enterprise Installation and Upgrade Guide, Release 12.0 (1) - Configure Cisco Unified Contact Center Enterprise PG
What must be enabled on the CUIC server for CUIC reports to show up in Finesse?
PROXY
Cross Origin Resource Sharing (CORS)
Hazelcast
JSONP
Copyright © 2014-2024 CertsTopics. All Rights Reserved