★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 300-208 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/300-208-dumps.html


2021 Apr 300-208 pdf exam

Q41. Which administrative role has permission to assign Security Group Access Control Lists? 

A. System Admin 

B. Network Device Admin 

C. Policy Admin 

D. Identity Admin 

Answer:


Q42. Which network component would issue the CoA? 

A. switch 

B. endpoint 

C. Admin Node 

D. Policy Service Node 

Answer:


Q43. What implementation must be added to the WLC to enable 802.1X and CoA for wireless endpoints? 

A. the ISE 

B. an ACL 

C. a router 

D. a policy server 

Answer:


Q44. Which command in the My Devices Portal can restore a previously lost device to the network? 

A. Reset 

B. Found 

C. Reinstate 

D. Request 

Answer:


Q45. Wireless client supplicants attempting to authenticate to a wireless network are generating excessive log messages. Which three WLC authentication settings should be disabled? (Choose three.) 

A. RADIUS Server Timeout 

B. RADIUS Aggressive-Failover 

C. Idle Timer 

D. Session Timeout 

E. Client Exclusion 

F. Roaming 

Answer: B,C,D 


Q46. Which EAP method uses a modified version of the MS-CHAP authentication protocol? 

A. EAP-POTP 

B. EAP-TLS 

C. LEAP 

D. EAP-MD5 

Answer:


Q47. Which option is required for inline security group tag propagation? 

A. Cisco Secure Access Control System 

B. hardware support 

C. Security Group Tag Exchange Protocol (SXP) v4 

D. Cisco Identity Services Engine 

Answer:


Q48. What are two client-side requirements of the NAC Agent and NAC Web Agent installation? (Choose two.) 

A. Administrator workstation rights 

B. Active Directory Domain membership 

C. Allowing of web browser activex installation 

D. WSUS service running 

Answer: A,C 


Q49. A network administrator needs to determine the ability of existing network devices to deliver key BYOD services. Which tool will complete a readiness assessment and outline hardware and software capable and incapable devices? 

A. Prime Infrastructure 

B. Network Control System 

C. Cisco Security Manager 

D. Identity Services Engine 

Answer:


Q50. In Cisco ISE, which two actions can be taken based on matching a profiler policy? (Choose two). 

A. exception 

B. network scan (NMAP) 

C. delete endpoint 

D. automatically remediate 

E. create matching identity group 

Answer: A,B