[Free] 2018(Aug) Ensurepass Cisco 300-208 Dumps with VCE and PDF 51-60

Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 300-208
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Access Solutions

Question No: 51

Which Cisco ISE 1.x protocol can be used to control admin access to network access devices?

  1. TACACS

  2. RADIUS

  3. EAP

  4. Kerberos

Answer: B

Question No: 52

Where must periodic re-authentication be configured to allow a client to come out of the quarantine state and become compliant?

  1. on the switch port

  2. on the router port

  3. on the supplicant

  4. on the controller

Answer: A

Question No: 53

A properly configured Cisco ISE Policy Service node is not receiving any profile data from a Cisco switch that runs Device Sensor.

Which option is the most likely reason for the failure?

  1. Syslog is configured for the Policy Administration Node.

  2. RADIUS Accounting is disabled.

  3. The SNMP community strings are mismatched.

  4. RADIUS Authentication is misconfigured.

  5. The connected endpoints support CDP but not DHCP.

Answer: B

Question No: 54

You have configured a Cisco ISE 1.2 deployment for self-registration of guest users. What two options can you select from to determine when the account duration timer begins? (Choose two.)

  1. CreateTime

  2. FirstLogin

  3. BeginLogin

  4. StartTime

Answer: A,B

Question No: 55

Refer to the exhibit.

Ensurepass 2018 PDF and VCE

If the user matches the given TACACS profile on Cisco ISE, which command can the user enter from shell prompt on a Cisco switch?

  1. enable

  2. enable 10

  3. show run

  4. configure terminal

Answer: B

Question No: 56

A network administrator wants to use dynamic VLAN assignment from Cisco ISE. Which option must be configured on the switch to support this?

  1. AAA authentication

  2. VTP

  3. DTP

  4. AAA authorization

Answer: D

Question No: 57

Which command can check a AAA server authentication for server group Group1, user cisco, and password cisco555 on a Cisco ASA device?

  1. ASA# test aaa-server authentication Group1 username cisco password cisco555

  2. ASA# test aaa-server authentication group Group1 username cisco password cisco555

  3. ASA# aaa-server authorization Group1 username cisco password cisco555

  4. ASA# aaa-server authentication Group1 roger cisco555

Answer: A

Question No: 58

How many bits are in a security group tag?

  1. 64

  2. 8

  3. 16

  4. 32

Answer: C

Question No: 59

A security engineer has a new TrustSec project and must create a few static security group tag classifications as a proof of concept. Which two classifications can the tags be mapped to? (Choose two.)

  1. VLAN

  2. user ID

  3. interface

  4. switch ID

  5. MAC address

Answer: A,C

Explanation: In static classification the tag maps to some thing (an IP, subnet, VLAN, or interface) rather than relying on an

authorization from the Cisco ISE.

This process of assigning the SGT is defined as 鈥渃lassification.鈥?These classifications are thentransported

deeper into the network for policy enforcement

Question No: 60

A network administrator is seeing a posture status quot;unknownquot; for a single corporate machine on the Cisco ISE authentication report, whereas the other machines are reported as quot;compliantquot;. Which option is the reason for machine being reported as quot;unknownquot;?

  1. Posture agent is not installed on the machine.

  2. Posture policy does not support the OS.

  3. Posfure compliance condition is missing on the machine.

  4. Posture service is disabled on Cisco ISE.

Answer: A

100% Ensurepass Free Download!
300-208 PDF
100% Ensurepass Free Guaranteed!
300-208 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *