★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-208 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/300-208-dumps.html
2021 Apr 300-208 pdf exam
Q41. Which administrative role has permission to assign Security Group Access Control Lists?
A. System Admin
B. Network Device Admin
C. Policy Admin
D. Identity Admin
Answer: C
Q42. Which network component would issue the CoA?
A. switch
B. endpoint
C. Admin Node
D. Policy Service Node
Answer: D
Q43. What implementation must be added to the WLC to enable 802.1X and CoA for wireless endpoints?
A. the ISE
B. an ACL
C. a router
D. a policy server
Answer: A
Q44. Which command in the My Devices Portal can restore a previously lost device to the network?
A. Reset
B. Found
C. Reinstate
D. Request
Answer: C
Q45. Wireless client supplicants attempting to authenticate to a wireless network are generating excessive log messages. Which three WLC authentication settings should be disabled? (Choose three.)
A. RADIUS Server Timeout
B. RADIUS Aggressive-Failover
C. Idle Timer
D. Session Timeout
E. Client Exclusion
F. Roaming
Answer: B,C,D
Q46. Which EAP method uses a modified version of the MS-CHAP authentication protocol?
A. EAP-POTP
B. EAP-TLS
C. LEAP
D. EAP-MD5
Answer: C
Q47. Which option is required for inline security group tag propagation?
A. Cisco Secure Access Control System
B. hardware support
C. Security Group Tag Exchange Protocol (SXP) v4
D. Cisco Identity Services Engine
Answer: B
Q48. What are two client-side requirements of the NAC Agent and NAC Web Agent installation? (Choose two.)
A. Administrator workstation rights
B. Active Directory Domain membership
C. Allowing of web browser activex installation
D. WSUS service running
Answer: A,C
Q49. A network administrator needs to determine the ability of existing network devices to deliver key BYOD services. Which tool will complete a readiness assessment and outline hardware and software capable and incapable devices?
A. Prime Infrastructure
B. Network Control System
C. Cisco Security Manager
D. Identity Services Engine
Answer: A
Q50. In Cisco ISE, which two actions can be taken based on matching a profiler policy? (Choose two).
A. exception
B. network scan (NMAP)
C. delete endpoint
D. automatically remediate
E. create matching identity group
Answer: A,B