★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-208 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/300-208-dumps.html
Best Quality of 300 208 dumps practice question materials and ebook for Cisco certification for IT examinee, Real Success Guaranteed with Updated 300 208 dumps pdf dumps vce Materials. 100% PASS Implementing Cisco Secure Access Solutions (SISAS) exam Today!
Q51. Which effect does the ip http secure-server command have on a Cisco ISE?
A. It enables the HTTP server for users to connect on the command line.
B. It enables the HTTP server for users to connect by using web-based authentication.
C. It enables the HTTPS server for users to connect by using web-based authentication.
D. It enables the HTTPS server for users to connect on the command line.
Answer: C
Q52. In the command 'aaa authentication default group tacacs local', how is the word 'default' defined?
A. Command set
B. Group name
C. Method list
D. Login type
Answer: C
Q53. Cisco ISE distributed deployments support which three features? (Choose three.)
A. global implementation of the profiler service CoA
B. global implementation of the profiler service in Cisco ISE
C. configuration to send system logs to the appropriate profiler node
D. node-specific probe configuration
E. server-specific probe configuration
F. NetFlow probes
Answer: A,C,D
Q54. What is a feature of Cisco WLC and IPS synchronization?
A. Cisco WLC populates the ACLs to prevent repeat intruder attacks.
B. The IPS automatically send shuns to Cisco WLC for an active host block.
C. Cisco WLC and IPS synchronization enables faster wireless access.
D. IPS synchronization uses network access points to provide reliable monitoring.
Answer: B
Q55. Which command enables static PAT for TCP port 25?
A. nat (outside,inside) static 209.165.201.3 209.165.201.226 eq smtp
B. nat static 209.165.201.3 eq smtp
C. nat (inside,outside) static 209.165.201.3 service tcp smtp smtp
D. static (inside,outside) 209.165.201.3 209.165.201.226 netmask 255.255.255.255
Answer: C
Q56. What steps must you perform to deploy a CA-signed identity certificate on an ISE device?
A. 1. Download the CA server certificate and install it on ISE.
2. Generate a signing request and save it as a file.
3. Access the CA server and submit the CA request.
4. Install the issued certificate on the ISE.
B. 1. Download the CA server certificate and install it on ISE.
2. Generate a signing request and save it as a file.
3. Access the CA server and submit the CSR.
4. Install the issued certificate on the CA server.
C. 1. Generate a signing request and save it as a file.
2. Download the CA server certificate and install it on ISE.
3. Access the ISE server and submit the CA request.
4. Install the issued certificate on the CA server.
D. 1. Generate a signing request and save it as a file.
2. Download the CA server certificate and install it on ISE.
3. Access the CA server and submit the CSR.
4. Install the issued certificate on the ISE.
Answer: D
Q57. The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?
A. tcp/8905
B. udp/8905
C. http/80
D. https/443
Answer: B
Q58. Which identity store option allows you to modify the directory services that run on TCP/IP?
A. Lightweight Directory Access Protocol
B. RSA SecurID server
C. RADIUS
D. Active Directory
Answer: A
Q59. Which term describes a software application that seeks connectivity to the network via a network access device?
A. authenticator
B. server
C. supplicant
D. WLC
Answer: C
Q60. Which two authentication stores are supported to design a wireless network using PEAP EAP-MSCHAPv2 as the authentication method? (Choose two.)
A. Microsoft Active Directory
B. ACS
C. LDAP
D. RSA Secure-ID
E. Certificate Server
Answer: A,B