123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Education >> View Article

300-208 Exam Certification

Profile Picture
By Author: Dennis Ng
Total Articles: 67
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Question: 1

A network administrator needs to implement a service that enables granular control of IOS commands that can be executed. Which AAA authentication method should be selected?

A. TACACS+
B. RADIUS
C. Windows Active Directory
D. Generic LDAP

Answer: A

Question: 2

An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups?

A. member of
B. group
C. class
D. person

Answer: A

Question: 3

Cisco 802.1X phasing enables flexible deployments through the use of open, low-impact, and closed modes. What is a unique characteristic of the most secure mode?

A. Granular ACLs applied prior to authentication
B. Per user dACLs applied after successful authentication
C. Only EAPoL traffic allowed prior to authentication
D. Adjustable 802.1X timers to enable successful authentication

Answer: C

Question: 4

A network administrator must enable ...
... which protocol extension to utilize EAP-Chaining?

A. EAP-FAST
B. EAP-TLS
C. MSCHAPv2
D. PEAP

Answer: A

Question: 5

In the command 'aaa authentication default group tacacs local', how is the word 'default' defined?

A. Command set
B. Group name
C. Method list
D. Login type

Answer: C

Question: 6

Changes were made to the ISE server while troubleshooting, and now all wireless certificate authentications are failing. Logs indicate an EAP failure. What is the most likely cause of the problem?

A. EAP-TLS is not checked in the Allowed Protocols list
B. Certificate authentication profile is not configured in the Identity Store
C. MS-CHAPv2-is not checked in the Allowed Protocols list
D. Default rule denies all traffic
E. Client root certificate is not included in the Certificate Store

Answer: A

Question: 7

The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?

A. tcp/8905
B. udp/8905
C. http/80
D. https/443

Answer: B

Question: 8

Which two conditions are valid when configuring ISE for posturing? (Choose two.)

A. Dictionary
B. member Of
C. Profile status
D. File
E. Service

Answer: D,E

Question: 9

Refer to the exhibit.

Which three statements about the given configuration are true? (Choose three.)

A. TACACS+ authentication configuration is complete.
B. TACACS+ authentication configuration is incomplete.
C. TACACS+ server hosts are configured correctly.
D. TACACS+ server hosts are misconfigured.
E. The TACACS+ server key is encrypted.
F. The TACACS+ server key is unencrypted.

Answer: B,C,F

Question: 10

In AAA, what function does authentication perform?

A. It identifies the actions that the user can perform on the device.
B. It identifies the user who is trying to access a device.
C. It identifies the actions that a user has previously taken.
D. It identifies what the user can access.

Answer: B

Question: 11

Which identity store option allows you to modify the directory services that run on TCP/IP?

A. Lightweight Directory Access Protocol
B. RSA SecurID server
C. RADIUS
D. Active Directory

Answer: A

Question: 12

Which term describes a software application that seeks connectivity to the network via a network access device?

A. authenticator
B. server
C. supplicant
D. WLC

Answer: C

Question: 13

Cisco ISE distributed deployments support which three features? (Choose three.)

A. global implementation of the profiler service CoA
B. global implementation of the profiler service in Cisco ISE
C. configuration to send system logs to the appropriate profiler node
D. node-specific probe configuration
E. server-specific probe configuration
F. NetFlow probes

Answer: A,C,D

Question: 14

How frequently does the Profiled Endpoints dashlet refresh data?

A. every 30 seconds
B. every 60 seconds
C. every 2 minutes
D. every 5 minutes

Answer: B

Question: 15

Which command in the My Devices Portal can restore a previously lost device to the network?

A. Reset
B. Found
C. Reinstate
D. Request

Answer: C

Question: 16

What is the first step that occurs when provisioning a wired device in a BYOD scenario?

A. The smart hub detects that the physically connected endpoint requires configuration and must use MAB to authenticate.
B. The URL redirects to the Cisco ISE Guest Provisioning portal.
C. Cisco ISE authenticates the user and deploys the SPW package.
D. The device user attempts to access a network URL.

Answer: A

Question: 17

Which three features should be enabled as best practices for MAB? (Choose three.)

A. MD5
B. IP source guard
C. DHCP snooping
D. storm control
E. DAI
F. URPF

Answer: B,C,E

Question: 18

When MAB is configured, how often are ports reauthenticated by default?

A. every 60 seconds
B. every 90 seconds
C. every 120 seconds
D. never

Answer: D

Question: 19

What is a required step when you deploy dynamic VLAN and ACL assignments?

A. Configure the VLAN assignment.
B. Configure the ACL assignment.
C. Configure Cisco IOS Software 802.1X authenticator authorization.
D. Configure the Cisco IOS Software switch for ACL assignment.

Answer: C

Question: 20

Which model does Cisco support in a RADIUS change of authorization implementation?

A. push
B. pull
C. policy
D. security

Answer: A

Total Views: 305Word Count: 839See All articles From Author

Add Comment

Education Articles

1. Guaranteed Grades: Pay Someone To Take My Exam
Author: Doug Macejkovic

2. Blocks Before Books
Author: Michale

3. Azure Devops Training Online | Azure Devops Online Training
Author: visualpath

4. Learn Python Programming - from Basics To advanced
Author: vishal more

5. Data Engineering Course In Hyderabad | Aws Data Analytics Training
Author: naveen

6. Oci Online Training | Oracle Cloud Infrastructure In Hyderabad
Author: visualpath

7. Best Salesforce Data Cloud Certification Training
Author: visualpath

8. The Benefits Of Online Dry Needling Certification
Author: Daulat

9. Top Google Cloud Data Engineer Training In Bangalore
Author: Visualpath

10. Aima’s Management Diploma: The Smart Choice For Future Leaders
Author: Aima Courses

11. How Regular Mock Test For Bank Help You Crack Bank Exams
Author: Ayush Sharma

12. Debunking The Myth: Is Preschool Just Playtime?⁠
Author: Kookaburra

13. Cps Global School: A World-class Learning Destination In Chennai
Author: CPS Global School

14. Chennai Public School: Shaping Future Leaders Through Excellence In Education
Author: Chennai Public School

15. "transform Your Data Analysis With Lcc Computer Education's Excel Training"
Author: Khushi Gill

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: