[Free] 2018(Aug) Ensurepass Cisco 300-208 Dumps with VCE and PDF 81-90

Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 300-208
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Access Solutions

Question No: 81

You discover that the Cisco ISE is failing to connect to the Active Directory server. Which option is a possible cause of the problem?

  1. NTP server time synchronization is configured incorrectly.

  2. There is a certificate mismatch between Cisco ISE and Active Directory.

  3. NAT statements required for Active Directory are configured incorrectly.

  4. The RADIUS authentication ports are being blocked by the firewall.

Answer: A

Question No: 82

In a multi-node ISE deployment, backups are not working on the MnT node. Which ISE CLI option would help mitigate this issue?

  1. repository

  2. ftp-url

  3. application-bundle

  4. collector

Answer: A

Question No: 83

Which Cisco ISE feature can differentiate a corporate endpoint from a personal device?

  1. EAP chaining

  2. PAC files

  3. authenticated in-band provisioning

  4. machine authentication

Answer: A

Question No: 84

Where is dynamic SGT classification configured?

  1. Cisco ISE

  2. NAD

  3. supplicant

  4. RADIUS proxy

Answer: A

Question No: 85

Which debug command on a Cisco WLC shows the reason that a client session was

terminated?

  1. debug dot11 state enable

  2. debug dot1x packet enable

  3. debug client mac addr

  4. debug dtls event enable

  5. debug ap enable cisco ap

Answer: C

Question No: 86

In AAA, what function does authentication perform?

  1. It identifies the actions that the user can perform on the device.

  2. It identifies the user who is trying to access a device.

  3. It identifies the actions that a user has previously taken.

  4. It identifies what the user can access.

Answer: B

Question No: 87

A security administrator wants to profile endpoints and gain visibility into attempted authentications. Which 802.1x mode allows these actions?

  1. monitor mode

  2. high-security mode

  3. closed mode

  4. low-impact mode

Answer: A

Explanation: Monitor ModeMonitor Mode is a process, not just a command on a switch. The process is to enable authentication (with authentication open), see exactly which devices fail and which ones succeed, and correct the failed authentications before they cause any problems.

Question No: 88

Which three algorithms should be avoided due to security concerns? (Choose three.)

  1. DES for encryption

  2. SHA-1 for hashing

  3. 1024-bit RSA

  4. AES GCM mode for encryption

  5. HMAC-SHA-1

  6. 256-bit Elliptic Curve Diffie-Hellman

  7. 2048-bit Diffie-Hellman

Answer: A,B,C

Question No: 89

Which advanced option within a WLAN must be enabled to trigger central web authentication for wireless users?

  1. AAA override

  2. Static IP tunnelling

  3. Diagnostic channel

  4. DHCP server Answer A

Question No: 90

Which network component would issue the CoA?

  1. switch

  2. endpoint

  3. Admin Node

  4. Policy Service Node

Answer: D

100% Ensurepass Free Download!
300-208 PDF
100% Ensurepass Free Guaranteed!
300-208 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No