What Printable 300-208 exam Is?

Q1. Which three remediation actions are supported by the Web Agent for Windows? (Choose three.) 

A. Automatic Remediation 

B. Message text 

C. URL Link 

D. File Distribution 

E. AV definition update 

F. Launch Program 

View Answer

Q2. A properly configured Cisco ISE Policy Service node is not receiving any profile data from a Cisco switch that runs Device Sensor. 

Which option is the most likely reason for the failure? 

A. Syslog is configured for the Policy Administration Node. 

B. RADIUS Accounting is disabled. 

C. The SNMP community strings are mismatched. 

D. RADIUS Authentication is misconfigured. 

E. The connected endpoints support CDP but not DHCP. 

View Answer

Q3. You are configuring SGA on a network device that is unable to perform SGT tagging. How can the device propagate SGT information? 

A. The device can use SXP to pass IP-address-to-SGT mappings to a TrustSec-capable hardware peer. 

B. The device can use SXP to pass MAC-address-to-STG mappings to a TrustSec-capable hardware peer. 

C. The device can use SXP to pass MAC-address-to-IP mappings to a TrustSec-capable hardware peer. 

D. The device can propagate SGT information in an encapsulated security payload. 

E. The device can use a GRE tunnel to pass the SGT information to a TrustSec-capable hardware peer. 

View Answer

Q4. In this simulation, you are task to examine the various authentication events using the ISE GUI. For example, you should see events like Authentication succeeded. Authentication failed and etc... 

Which two statements are correct regarding the event that occurred at 2014-05-07 00:22:48.175? (Choose two.) 

A. The DACL will permit http traffic from any host to 10.10.2.20 

B. The DACL will permit http traffic from any host to 10.10.3.20 

C. The DACL will permit icmp traffic from any host to 10.10.2.20 

D. The DACL will permit icmp traffic from any host to 10.10.3.20 

E. The DACL will permit https traffic from any host to 10.10.3.20 

View Answer

Q5. Which three are required steps to enable SXP on a Cisco ASA? (Choose three). 

A. configure AAA authentication 

B. configure password 

C. issue the aaa authorization command aaa-server group command 

D. configure a peer 

E. configure TACACS 

F. issue the cts sxp enable command 

View Answer

Q6. Wireless client supplicants attempting to authenticate to a wireless network are generating excessive log messages. Which three WLC authentication settings should be disabled? (Choose three.) 

A. RADIUS Server Timeout 

B. RADIUS Aggressive-Failover 

C. Idle Timer 

D. Session Timeout 

E. Client Exclusion 

F. Roaming 

View Answer

Q7. Which command configures console port authorization under line con 0? 

A. authorization default|WORD 

B. authorization exec line con 0|WORD 

C. authorization line con 0|WORD 

D. authorization exec default|WORD 

View Answer

Q8. Which two conditions are valid when configuring ISE for posturing? (Choose two.) 

A. Dictionary 

B. member Of 

C. Profile status 

D. File 

E. Service 

View Answer

Q9. Refer to the exhibit. 

If the given configuration is applied to the object-group vpnservers, during which time period are external users able to connect? 

A. From Friday at 6:00 p.m. until Monday at 8:00 a.m. 

B. From Monday at 8:00 a.m. until Friday at 6:00 p.m. 

C. From Friday at 6:01 p.m. until Monday at 8:01 a.m. 

D. From Monday at 8:01 a.m. until Friday at 5:59 p.m. 

View Answer

Q10. The NAC Agent v4.9.x uses which ports and protocols to communicate with an ISE Policy Service Node? 

A. tcp/8905, http/80, ftp/21 

B. tcp/8905, http/80, https/443 

C. udp/8905, telnet/23, https/443 

D. udp/8906, http/80, https/443 

View Answer