300-208 Exam Questions - Online Test
300-208 Premium VCE File
150 Lectures, 20 Hours
Q1. The NAC Agent v4.9.x uses which ports and protocols to communicate with an ISE Policy Service Node?
A. tcp/8905, http/80, ftp/21
B. tcp/8905, http/80, https/443
C. udp/8905, telnet/23, https/443
D. udp/8906, http/80, https/443
Answer: B
Q2. Which two services are included in the Cisco ISE posture service? (Choose two.)
A. posture administration
B. posture run-time
C. posture monitoring
D. posture policing
E. posture catalog
Answer: A,B
Q3. What implementation must be added to the WLC to enable 802.1X and CoA for wireless endpoints?
A. the ISE
B. an ACL
C. a router
D. a policy server
Answer: A
Q4. Which statement about a distributed Cisco ISE deployment is true?
A. It can support up to two monitoring Cisco ISE nodes for high availability.
B. It can support up to three load-balanced Administration ISE nodes.
C. Policy Service ISE nodes can be configured in a redundant failover configuration.
D. The Active Directory servers of Cisco ISE can be configured in a load-balanced configuration.
Answer: A
Q5. In a multi-node ISE deployment, backups are not working on the MnT node. Which ISE CLI option would help mitigate this issue?
A. repository
B. ftp-url
C. application-bundle
D. collector
Answer: A
Q6. What is another term for 802.11i wireless network security?
A. 802.1x
B. WEP
C. TKIP
D. WPA
E. WPA2
Answer: E
Q7. Which debug command on a Cisco WLC shows the reason that a client session was terminated?
A. debug dot11 state enable
B. debug dot1x packet enable
C. debug client mac addr
D. debug dtls event enable
E. debug ap enable cisco ap
Answer: C
Q8. What is a required step when you deploy dynamic VLAN and ACL assignments?
A. Configure the VLAN assignment.
B. Configure the ACL assignment.
C. Configure Cisco IOS Software 802.1X authenticator authorization.
D. Configure the Cisco IOS Software switch for ACL assignment.
Answer: C
Q9. An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups?
A. member of
B. group
C. class
D. person
Answer: A
Q10. After an endpoint has completed authentication with MAB, a security violation is triggered because a different MAC address was detected. Which host mode must be active on the port?
A. single-host mode
B. multidomain authentication host mode
C. multiauthentication host mode
D. multihost mode
Answer: A
- [2021-New] Cisco 400-051 Dumps With Update Exam Questions (8-17)
- [2021-New] Cisco 400-201 Dumps With Update Exam Questions (51-60)
- [2021-New] Cisco 400-051 Dumps With Update Exam Questions (111-120)
- [2021-New] Cisco 300-115 Dumps With Update Exam Questions (11-20)
- [2021-New] Cisco 642-997 Dumps With Update Exam Questions (31-40)
- [2021-New] Cisco 200-125 Dumps With Update Exam Questions (41-50)
- [2021-New] Cisco 210-060 Dumps With Update Exam Questions (51-60)
- [2021-New] Cisco 300-101 Dumps With Update Exam Questions (13-22)
- [2021-New] Cisco 200-355 Dumps With Update Exam Questions (181-190)
- [2021-New] Cisco 210-060 Dumps With Update Exam Questions (21-30)