★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-208 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/300-208-dumps.html
Q61. Which two statements about administrative access to the ACS Solution Engine are true? (Choose two.)
A. The ACS Solution Engine supports command-line connections through a serial-port connection.
B. For GUI access, an administrative GUI user must be created with the add-guiadmin command.
C. The ACS Solution Engine supports command-line connections through an Ethernet interface.
D. An ACL-based policy must be configured to allow administrative-user access.
E. GUI access to the ACS Solution Engine is not supported.
Answer: B,D
Q62. Which protocol sends authentication and accounting in different requests?
A. RADIUS
B. TACACS+
C. EAP-Chaining
D. PEAP
E. EAP-TLS
Answer: B
Q63. A network administrator needs to implement a service that enables granular control of IOS commands that can be executed. Which AAA authentication method should be selected?
A. TACACS+
B. RADIUS
C. Windows Active Directory
D. Generic LDAP
Answer: A
Q64. In an 802.1X authorization process, a network access device provides which three functions? (Choose three.)
A. Filters traffic prior to authentication
B. Passes credentials to authentication server
C. Enforces policy provided by authentication server
D. Hosts a central web authentication page
E. Confirms supplicant protocol compliance
F. Validates authentication credentials
Answer: A,B,C
Q65. An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups?
A. member of
B. group
C. class
D. person
Answer: A
Q66. What attribute could be obtained from the SNMP query probe?
A. FQDN
B. CDP
C. DHCP class identifier
D. User agent
Answer: B
Q67. Which option restricts guests from connecting more than one device at a time?
A. Guest Portal policy > Set Device registration portal limit
B. Guest Portal Policy > Set Allow only one guest session per user
C. My Devices Portal > Set Maximum number of devices to register
D. Multi-Portal Policy > Guest users should be able to do device registration
Answer: B
Q68. Which two statements about MAB are true? (Choose two.)
A. It requires a preexisting database of the MAC addresses of permitted devices.
B. It is unable to control network access at the edge.
C. If MAB fails, the device is unable to fall back to another authentication method.
D. It is unable to link the IP and MAC addresses of a device.
E. It is unable to authenticate individual users.
Answer: A,E
Q69. Which advanced authentication setting is needed to allow an unknown device to utilize Central WebAuth?
A. If Authentication failed > Continue
B. If Authentication failed > Drop
C. If user not found > Continue
D. If user not found > Reject
Answer: C
Q70. What three changes require restarting the application service on an ISE node?.(Choose three.)
A. Registering a node.
B. Changing the primary node to standalone.
C. Promoting the administration node.
D. Installing the root CA certificate.
E. Changing the guest portal default port settings.
F. Adding a network access device.
Answer: A,B,C