REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
John Owen
 
 

 

Braindumps of 300-208
Implementing Cisco Secure Access Solutions

 

Exam Questions, Answers, Braindumps (300-208)

The exam is tough but the guide from www.exams.ws was really helpful.

 

QUESTION NO: 1

A network administrator needs to implement a service that enables granular control of IOS commands that can be executed. Which AAA authentication method should be selected?

A. TACACS+

B. RADIUS

C. Windows Active Directory

D. Generic LDAP

Answer: A

QUESTION NO: 2

An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups?

A. member of

B. group

C. class

D. person

Answer: A

QUESTION NO: 3

Cisco 802.1X phasing enables flexible deployments through the use of open, low-impact, and closed modes. What is a unique characteristic of the most secure mode?

A. Granular ACLs applied prior to authentication

B. Per user dACLs applied after successful authentication

C. Only EAPoL traffic allowed prior to authentication

D. Adjustable 802.1X timers to enable successful authentication

Answer: C

QUESTION NO: 4

A network administrator must enable which protocol extension to utilize EAP-Chaining?

A. EAP-FAST

B. EAP-TLS

C. MSCHAPv2

D. PEAP

Answer: A

QUESTION NO: 5

In the command 'aaa authentication default group tacacs local', how is the word 'default' defined?

A. Command set

B. Group name

C. Method list

D. Login type

Answer: C

QUESTION NO: 6

Changes were made to the ISE server while troubleshooting, and now all wireless certificate authentications are failing. Logs indicate an EAP failure. What is the most likely cause of the problem?

A. EAP-TLS is not checked in the Allowed Protocols list

B. Certificate authentication profile is not configured in the Identity Store

C. MS-CHAPv2-is not checked in the Allowed Protocols list

D. Default rule denies all traffic

E. Client root certificate is not included in the Certificate Store

Answer: A

QUESTION NO: 7

The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?

A. tcp/8905

B. udp/8905

C. http/80

D. https/443

Answer: B

QUESTION NO: 8

Which two conditions are valid when configuring ISE for posturing? (Choose two.)

A. Dictionary

B. memberOf

C. Profile status

D. File

E. Service

Answer: D,E

QUESTION NO: 9

Which effect does the ip http secure-server command have on a Cisco ISE?

A. It enables the HTTP server for users to connect on the command line.

B. It enables the HTTP server for users to connect by using web-based authentication.

C. It enables the HTTPS server for users to connect by using web-based authentication.

D. It enables the HTTPS server for users to connect on the command line.

Answer: C

QUESTION NO: 10

In AAA, what function does authentication perform?

A. It identifies the actions that the user can perform on the device.

B. It identifies the user who is trying to access a device.

C. It identifies the actions that a user has previously taken.

D. It identifies what the user can access.

Answer: B

QUESTION NO: 11

Which identity store option allows you to modify the directory services that run on TCP/IP?

A. Lightweight Directory Access Protocol

B. RSA SecurID server

C. RADIUS

D. Active Directory

Answer: A

 

300-208


 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend