This page was exported from Lead2pass New Updated Exam Questions [ https://www.getfreevce.com ] Export date:Sun Dec 22 18:55:05 2024 / +0000 GMT ___________________________________________________ Title: [PDF&VCE] Lead2pass Provides Latest Exam 300-208 Dumps VCE For Free Downloading (41-60) --------------------------------------------------- 2016 October Cisco Official New Released 300-208 Dumps in Lead2pass.com! 100% Free Download! 100% Pass Guaranteed! We at Lead2pass are committed to help you clear your 300-208 certification test with high scores. The chances of you failing to clear your 300-208 test, after going through our comprehensive exam dumps is very bleak. Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/300-208.html QUESTION 41 Which two statements about administrative access to the ACS Solution Engine are true? (Choose two.) A.    The ACS Solution Engine supports command-line connections through a serial-port connection. B.    For GUI access, an administrative GUI user must be created with the add-guiadmin command. C.    The ACS Solution Engine supports command-line connections through an Ethernet interface. D.    An ACL-based policy must be configured to allow administrative-user access. E.    GUI access to the ACS Solution Engine is not supported.Answer: BD QUESTION 42 What is the purpose of the Cisco ISE Guest Service Sponsor Portal? A.    It tracks and stores user activity while connected to the Cisco ISE. B.    It securely authenticates guest users for the Cisco ISE Guest Service. C.    It filters guest users from account holders to the Cisco ISE. D.    It creates and manages Guest User accounts. Answer: D QUESTION 43 What is the effect of the ip http secure-server command on a Cisco ISE? A.    It enables the HTTP server for users to connect on the command line. B.    It enables the HTTP server for users to connect using Web-based authentication. C.    It enables the HTTPS server for users to connect using Web-based authentication. D.    It enables the HTTPS server for users to connect on the command line. Answer: C QUESTION 44 When RADIUS NAC and AAA Override are enabled for WLC on a Cisco ISE, which two statements about RADIUS NAC are true? (Choose two.) A.    It will return an access-accept and send the redirection URL for all users. B.    It establishes secure connectivity between the RADIUS server and the ISE. C.    It allows the ISE to send a CoA request that indicates when the user is authenticated. D.    It is used for posture assessment, so the ISE changes the user profile based on posture result. E.    It allows multiple users to authenticate at the same time. Answer: CD QUESTION 45 What are the initial steps to configure an ACS as a TACACS server? A.    1. Choose Network Devices and AAA Clients > Network Resources. 2. Click Create. B.    1. Choose Network Resources > Network Devices and AAA Clients. 2. Click Create. C.    1. Choose Network Resources > Network Devices and AAA Clients. 2. Click Manage. D.    1. Choose Network Devices and AAA Clients > Network Resources. 2. Click Install. Answer: B QUESTION 46 Which two statements about administrative access to the Cisco Secure ACS SE are true? (Choose two.) A.    The Cisco Secure ACS SE supports command-line connections through a serial-port connection. B.    For GUI access, an administrative GUI user must be created by using the add-guiadmin command. C.    The Cisco Secure ACS SE supports command-line connections through an Ethernet interface. D.    An ACL-based policy must be configured to allow administrative-user access. E.    GUI access to the Cisco Secure ASC SE is not supported. Answer: BD QUESTION 47 When RADIUS NAC and AAA Override are enabled for a WLC on a Cisco ISE, which two statements about RADIUS NAC are true? (Choose two.) A.    It returns an access-accept and sends the redirection URL for all users. B.    It establishes secure connectivity between the RADIUS server and the Cisco ISE. C.    It allows the Cisco ISE to send a CoA request that indicates when the user is authenticated. D.    It is used for posture assessment, so the Cisco ISE changes the user profile based on posture result. E.    It allows multiple users to authenticate at the same time. Answer: CD QUESTION 48 In the command 'aaa authentication default group tacacs local', how is the word 'default' defined? A.    Command set B.    Group name C.    Method list D.    Login type Answer: C QUESTION 49 In an 802.1X authorization process, a network access device provides which three functions? (Choose three.) A.    Filters traffic prior to authentication B.    Passes credentials to authentication server C.    Enforces policy provided by authentication server D.    Hosts a central web authentication page E.    Confirms supplicant protocol compliance F.    Validates authentication credentials Answer: ABC QUESTION 50 Which two switchport commands enable MAB and allow non-802.1X capable devices to immediately run through the MAB process? (Choose two.) A.    authentication order mab dot1x B.    authentication order dot1x mab C.    no authentication timer D.    dot1x timeout tx-period E.    authentication open F.    mab Answer: AF QUESTION 51 Which two attributes must match between two Cisco ASA devices to properly enable high availability? (Choose two.) A.    model, interface configuration, and RAM B.    major and minor software release C.    tcp dead-peer detection protocol D.    802.1x authentication identity Answer: AB QUESTION 52 What are two client-side requirements of the NAC Agent and NAC Web Agent installation? (Choose two.) A.    Administrator workstation rights B.    Active Directory Domain membership C.    Allowing of web browser activex installation D.    WSUS service running Answer: AC QUESTION 53 Which three algorithms should be avoided due to security concerns? (Choose three.) A.    DES for encryption B.    SHA-1 for hashing C.    1024-bit RSA D.    AES GCM mode for encryption E.    HMAC-SHA-1 F.    256-bit Elliptic Curve Diffie-Hellman G.    2048-bit Diffie-Hellman Answer: ABC QUESTION 54 In the command 'aaa authentication default group tacacs local', how is the word 'default' defined? A.    Command set B.    Group name C.    Method list D.    Login type Answer: C QUESTION 55 Which statement about IOS accounting is true? A.    A named list of AAA methods must be defined. B.    A named list of accounting methods must be defined. C.    Authorization must be configured before accounting. D.    A named list of tracking methods must be defined. Answer: C QUESTION 56 What are the initial steps to configure an ACS as a TACACS server? A.    1. Choose Network Devices and AAA Clients > Network Resources. 2. Click Create. B.    1. Choose Network Resources > Network Devices and AAA Clients. 2. Click Create. C.    1. Choose Network Resources > Network Devices and AAA Clients. 2. Click Manage. D.    1. Choose Network Devices and AAA Clients > Network Resources. 2. Click Install. Answer: B QUESTION 57 Which effect does the ip http secure-server command have on a Cisco ISE? A.    It enables the HTTP server for users to connect on the command line. B.    It enables the HTTP server for users to connect by using web-based authentication. C.    It enables the HTTPS server for users to connect by using web-based authentication. D.    It enables the HTTPS server for users to connect on the command line. Answer: C QUESTION 58 A network administrator needs to implement a service that enables granular control of IOS commands that can be executed. Which AAA authentication method should be selected? A.    TACACS+ B.    RADIUS C.    Windows Active Directory D.    Generic LDAP Answer: A QUESTION 59 An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups? A.    member of B.    group C.    class D.    person Answer: A QUESTION 60 Cisco 802.1X phasing enables flexible deployments through the use of open, low-impact, and closed modes. What is a unique characteristic of the most secure mode? A.    Granular ACLs applied prior to authentication B.    Per user dACLs applied after successful authentication C.    Only EAPoL traffic allowed prior to authentication D.    Adjustable 802.1X timers to enable successful authentication Answer: C Lead2pass helps millions of candidates pass the Cisco 300-208 exam and get the certification. We have tens of thousands of successful stories. Our dumps are reliable, affordable, updated and of really best quality to overcome the difficulties of Cisco 300-208 certifications. Lead2pass exam dumps are latest updated in highly outclass manner on regular basis and material is released periodically. 300-208 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDM1I1WlhIdHJZNjA 2016 Cisco 300-208 exam dumps (All 250 Q&As) from Lead2pass: http://www.lead2pass.com/300-208.html [100% Exam Pass Guaranteed] --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2016-10-17 01:36:26 Post date GMT: 2016-10-17 01:36:26 Post modified date: 2016-10-17 01:36:26 Post modified date GMT: 2016-10-17 01:36:26 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com