[Free] 2017(Nov) Dumps4cert Testinsides Cisco 300-208 Dumps with VCE and PDF Download 61-70

Dumps4cert.com : Latest Dumps with PDF and VCE Files 2017 Nov Cisco Official New Released 300-208
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Access Solutions

Question No: 61

Which port does Cisco ISE use for native supplicant provisioning of a Windows machine?

  1. TCP 8443

  2. TCP/UDP 8905

  3. TCP/UDP 8909

  4. TCP 443

Answer: C Explanation:

8909 : web, cisco nac agent, supplicant provisioning wizard installation 8905 : Cisco NAC agent update

Question No: 62

A user is on a wired connection and the posture status is noncompliant.

Which state will their EPS session be placed in?

  1. disconnected

  2. limited

  3. no access

  4. quarantined

Answer: D

Question No: 63

What is a required step when you deploy dynamic VLAN and ACL assignments?

  1. Configure the VLAN assignment.

  2. Configure the ACL assignment.

  3. Configure Cisco IOS Software 802.1X authenticator authorization.

  4. Configure the Cisco IOS Software switch for ACL assignment.

Answer: C

Question No: 64

Which setting provides the best security for a WLAN and authenticates users against a centralized directory store?

  1. WPA2 AES-CCMP and 801.X authentication

  2. WPA2 AES-CCMP and PSK authentication

  3. WPA2 TKIP and PSK authentication

  4. WPA2 TKIP and 802.1X authentication

Answer: A

Question No: 65

Which two components are required to connect to a WLAN network that is secured by EAP-TLS authentication? (Choose two.)

  1. Kerberos authentication server

  2. AAA/RADIUS server

  3. PSKs

  4. CA server

Answer: B,D

Question No: 66

Which CoA type does a Cisco ISE PSN send to a network access device when a NAG agent reports the OS patch status of a noncompliant endpoint?

  1. CoA-Terminate

  2. CoA-PortBounce

  3. CoA-Reauth

  4. CoA-Remediate

Answer: C

Explanation: If an endpoint is marked noncompliant during that download, a CoA is sent and the device is forced to


providing a different result (such as quarantine).

Question No: 67

Which two options must be used on Cisco ISE to enable the TACACS feature? (Choose two.)

  1. TACACS External Servers

  2. TACACS Authentication Settings

  3. TACACS Server Sequence

  4. Enable Device Admin Service

  5. TACACS Command Sets

  6. TACACS Profiles

  7. Device Administration License

Answer: D,G

Question No: 68

In Cisco ISE 1.3 and above, which two operations are allowed on Endpoint Certificates pages for issued endpoint certificates on the admin portal? (Choose two.)

  1. unrevoke

  2. delete

  3. view

  4. export

  5. revoke

Answer: C,E

Question No: 69

Which three features should be enabled as best practices for MAB? (Choose three.)

  1. MD5

  2. IP source guard

  3. DHCP snooping

  4. storm control

  5. DAI

  6. URPF

Answer: B,C,E

Question No: 70

What is the effect of the ip http secure-server command on a Cisco ISE?

  1. It enables the HTTP server for users to connect on the command line.

  2. It enables the HTTP server for users to connect using Web-based authentication.

  3. It enables the HTTPS server for users to connect using Web-based authentication.

  4. It enables the HTTPS server for users to connect on the command line.

Answer: C

100% Dumps4cert Free Download!
Download Free Demo:300-208 Demo PDF
100% Dumps4cert Free Guaranteed!
Download 2017 Dumps4cert 300-208 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE