[Free] 2018(Mar) EnsurePass Dumpsleader Cisco 300-208 Dumps with VCE and PDF 81-90

Ensurepass.com : Ensure you pass the IT Exams
2018 Mar Cisco Official New Released 300-208
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Access Solutions

Question No: 81

You discover that the Cisco ISE is failing to connect to the Active Directory server. Which option is a possible cause of the problem?

  1. NTP server time synchronization is configured incorrectly.

  2. There is a certificate mismatch between Cisco ISE and Active Directory.

  3. NAT statements required for Active Directory are configured incorrectly.

  4. The RADIUS authentication ports are being blocked by the firewall.

Answer: A

Question No: 82

In a multi-node ISE deployment, backups are not working on the MnT node. Which ISE CLI option would help mitigate this issue?

  1. repository

  2. ftp-url

  3. application-bundle

  4. collector

Answer: A

Question No: 83

Which Cisco ISE feature can differentiate a corporate endpoint from a personal device?

  1. EAP chaining

  2. PAC files

  3. authenticated in-band provisioning

  4. machine authentication

Answer: A

Question No: 84

Where is dynamic SGT classification configured?

  1. Cisco ISE

  2. NAD

  3. supplicant

  4. RADIUS proxy

Answer: A

Question No: 85

Which debug command on a Cisco WLC shows the reason that a client session was


  1. debug dot11 state enable

  2. debug dot1x packet enable

  3. debug client mac addr

  4. debug dtls event enable

  5. debug ap enable cisco ap

Answer: C

Question No: 86

In AAA, what function does authentication perform?

  1. It identifies the actions that the user can perform on the device.

  2. It identifies the user who is trying to access a device.

  3. It identifies the actions that a user has previously taken.

  4. It identifies what the user can access.

Answer: B

Question No: 87

A security administrator wants to profile endpoints and gain visibility into attempted authentications. Which 802.1x mode allows these actions?

  1. monitor mode

  2. high-security mode

  3. closed mode

  4. low-impact mode

Answer: A

Explanation: Monitor ModeMonitor Mode is a process, not just a command on a switch. The process is to enable authentication (with authentication open), see exactly which devices fail and which ones succeed, and correct the failed authentications before they cause any problems.

Question No: 88

Which three algorithms should be avoided due to security concerns? (Choose three.)

  1. DES for encryption

  2. SHA-1 for hashing

  3. 1024-bit RSA

  4. AES GCM mode for encryption

  5. HMAC-SHA-1

  6. 256-bit Elliptic Curve Diffie-Hellman

  7. 2048-bit Diffie-Hellman

Answer: A,B,C

Question No: 89

Which advanced option within a WLAN must be enabled to trigger central web authentication for wireless users?

  1. AAA override

  2. Static IP tunnelling

  3. Diagnostic channel

  4. DHCP server Answer A

Question No: 90

Which network component would issue the CoA?

  1. switch

  2. endpoint

  3. Admin Node

  4. Policy Service Node

Answer: D

100% Ensurepass Free Download!
Download Free Demo:300-208 Demo PDF
100% Ensurepass Free Guaranteed!
300-208 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No