Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
P.S. Practical 300-208 study guides are available on Google Drive, GET MORE: https://drive.google.com/open?id=1_xVgo4HWhYrMix9C6_yXBTZosmmUrgad
Q1. Which configuration is required in the Cisco ISE Authentication policy to allow Central Web Authentication?
A. Dot1x and if authentication failed continue
B. MAB and if user not found continue
C. MAB and if authentication failed continue
D. Dot1x and if user not found continue
Answer: B
Q2. When you select Centralized Web Auth in the ISE Authorization Profile, which two components host the web authentication portal? (Choose two.)
A. ISE
B. the WLC
C. the access point
D. the switch
E. the endpoints
Answer: B,D
Q3. Scenario:
Currently, many users are expehecing problems using their AnyConnect NAM supplicant to login to the network. The rr desktop support staff have already examined and vehfed the AnyConnect NAM configuration is correct.
In this simulation, you are tasked to examine the various ISE GUI screens to determine the ISE current configurations to help isolate the problems. Based on the current ISE configurations, you will need to answer three multiple choice questions.
To access the ISE GUI, click on the ISE icon in the topology diagram to access the ISE GUI.
Not all the ISE GUI screen are operational in this simulation and some of the ISE GUI operations have been reduced in this simulation.
Not all the links on each of the ISE GUI screen works, if some of the links are not working on a screen, click Home to go back to the Home page first. From the Home page, you can access all the required screens.
To view some larger GUI screens, use the simulation window scroll bars. Some of the larger GUI screens only shows partially but will include all information required to complete this simulation.
Which of the following statement is correct?
A. Currently,IT users who successfully authenticate will have their packets tagged withaSGTof3.
B. Currently,ITusers who successfully authenticate will be assigned to VLAN 9.
C. Currently, any domain administrator who successfully authenticate will be assigned to VLAN 10.
D. Computers belonging to the secure-x domain which passes machine authentication but failed user authentication will have the Employee_Restricted_DACL applied.
E. Print Servers matching the Linksys-PrintServer identity group will have the following access restrictions:permit icmp any host 10.10.2.20 permit tcp any host 10.10.2.20 eq 80 permit icmp any host 10.10.3.20 permit tcp any host 10.10.3.20 eq 80 deny ip any any
Answer: C
Q4. What is a feature of Cisco WLC and IPS synchronization?
A. Cisco WLC populates the ACLs to prevent repeat intruder attacks.
B. The IPS automatically send shuns to Cisco WLC for an active host block.
C. Cisco WLC and IPS synchronization enables faster wireless access.
D. IPS synchronization uses network access points to provide reliable monitoring.
Answer: B
Q5. Which error in a redirect ACL can cause the redirection of an endpoint to the provisioning portal to fail?
A. The redirect ACL is blocking access to ports 80 and 443.
B. The redirect ACL is applied to an incorrect SVI.
C. The redirect ACL is blocking access to the client provisioning portal.
D. The redirect ACL is blocking access to Cisco ISE port 8905.
Answer: A
Q6. Which advanced option within a WLAN must be enabled to trigger central web authentication for wireless users?
A. AAA override
B. Static IP tunnelling
C. Diagnostic channel
D. DHCP server
Answer: A
Q7. Refer to the exhibit.
In a distributed deployment of Cisco ISE, which column in Figure 1 is used to fill in the Host Name field in Figure 2 to collect captures on Cisco ISE while authenticating the specific
endpoint?
A. Server
B. Network Device
C. Endpoint ID
D. Identity
Answer: A
Q8. What user rights does an account need to join ISE to a Microsoft Active Directory domain?
A. Create and Delete Computer Objects
B. Domain Admin
C. Join and Leave Domain
D. Create and Delete User Objects
Answer: A
Q9. A company wants to allow employees to register and manage their own devices that do not support NSP. Which portals enable this?
A. MDM portals
B. Client provisioning portals
C. My devices portals
D. BYOD Portals
Answer: C
Q10. Which command configures console port authorization under line con 0?
A. authorization default|WORD
B. authorization exec line con 0|WORD
C. authorization line con 0|WORD
D. authorization exec default|WORD
Answer: D
P.S. Easily pass 300-208 Exam with Surepassexam Practical Dumps & pdf vce, Try Free: https://www.surepassexam.com/300-208-exam-dumps.html (310 New Questions)