[Free] 2017(Nov) Dumps4cert Testinsides Cisco 300-208 Dumps with VCE and PDF Download 61-70

Dumps4cert 2017 Nov Cisco Official New Released 300-208
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/300-208.html

Implementing Cisco Secure Access Solutions

Question No: 61

Which port does Cisco ISE use for native supplicant provisioning of a Windows machine?

  1. TCP 8443

  2. TCP/UDP 8905

  3. TCP/UDP 8909

  4. TCP 443

Answer: C Explanation:

8909 : web, cisco nac agent, supplicant provisioning wizard installation 8905 : Cisco NAC agent update

Question No: 62

A user is on a wired connection and the posture status is noncompliant.

Which state will their EPS session be placed in?

  1. disconnected

  2. limited

  3. no access

  4. quarantined

Answer: D

Question No: 63

What is a required step when you deploy dynamic VLAN and ACL assignments?

  1. Configure the VLAN assignment.

  2. Configure the ACL assignment.

  3. Configure Cisco IOS Software 802.1X authenticator authorization.

  4. Configure the Cisco IOS Software switch for ACL assignment.

Answer: C

Question No: 64

Which setting provides the best security for a WLAN and authenticates users against a centralized directory store?

  1. WPA2 AES-CCMP and 801.X authentication

  2. WPA2 AES-CCMP and PSK authentication

  3. WPA2 TKIP and PSK authentication

  4. WPA2 TKIP and 802.1X authentication

Answer: A

Question No: 65

Which two components are required to connect to a WLAN network that is secured by EAP-TLS authentication? (Choose two.)

  1. Kerberos authentication server

  2. AAA/RADIUS server

  3. PSKs

  4. CA server

Answer: B,D

Question No: 66

Which CoA type does a Cisco ISE PSN send to a network access device when a NAG agent reports the OS patch status of a noncompliant endpoint?

  1. CoA-Terminate

  2. CoA-PortBounce

  3. CoA-Reauth

  4. CoA-Remediate

Answer: C

Explanation: If an endpoint is marked noncompliant during that download, a CoA is sent and the device is forced to

reauthenticate,

providing a different result (such as quarantine).

Question No: 67

Which two options must be used on Cisco ISE to enable the TACACS feature? (Choose two.)

  1. TACACS External Servers

  2. TACACS Authentication Settings

  3. TACACS Server Sequence

  4. Enable Device Admin Service

  5. TACACS Command Sets

  6. TACACS Profiles

  7. Device Administration License

Answer: D,G

Question No: 68

In Cisco ISE 1.3 and above, which two operations are allowed on Endpoint Certificates pages for issued endpoint certificates on the admin portal? (Choose two.)

  1. unrevoke

  2. delete

  3. view

  4. export

  5. revoke

Answer: C,E

Question No: 69

Which three features should be enabled as best practices for MAB? (Choose three.)

  1. MD5

  2. IP source guard

  3. DHCP snooping

  4. storm control

  5. DAI

  6. URPF

Answer: B,C,E

Question No: 70

What is the effect of the ip http secure-server command on a Cisco ISE?

  1. It enables the HTTP server for users to connect on the command line.

  2. It enables the HTTP server for users to connect using Web-based authentication.

  3. It enables the HTTPS server for users to connect using Web-based authentication.

  4. It enables the HTTPS server for users to connect on the command line.

Answer: C

100% Free Download!
Download Free Demo:300-208 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert 300-208 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE