web analytics

Free PassLeader 300-208 Exam Dumps with VCE and PDF Download (Question 136 – Question 150)

New 300-208 exam questions from PassLeader 300-208 dumps! Welcome to download the newest PassLeader 300-208 VCE and PDF dumps: http://www.passleader.com/300-208.html (430 Q&As –> 451 Q&As –> 508 Q&As –> 531 Q&As)

P.S. Free 300-208 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfkFleG9jUGxxS3kwS0VwcllTWmlxdTlBZUd5cnBkaG5DSE5FbU5yOEpYQzQ

QUESTION 136
Certain endpoints are missing DHCP profiling data. Which option describes what can be used to determine if DHCP requests from clients are reaching Cisco ISE?

A.    output of show interface gigabitEthernet 0 from the CLI
B.    output of debug logging all 7 from the CLI
C.    output of show logging application profiler.log from the CLI
D.    the TCP dump diagnostic tool through the GUI
E.    the posture troubleshooting diagnostic tool through the GUI

Answer: D

QUESTION 137
Which debug command on a Cisco WLC shows the reason that a client session was terminated?

A.    debug dot11 state enable
B.    debug dot1x packet enable
C.    debug client mac addr
D.    debug dtls event enable
E.    debug ap enable cisco ap

Answer: C

QUESTION 138
Which two identity databases are supported when PEAP-MSCHAPv2 is used as EAP type? (Choose two.)

A.    Windows Active Directory
B.    LDAP
C.    RADIUS token server
D.    internal endpoint store
E.    internal user store
F.    certificate authentication profile
G.    RSA SecurID

Answer: AE

QUESTION 139
Which two Cisco Catalyst switch interface commands allow only a single voice device and a single data device to be connected to the IEEE 802.1X-enabled interface? (Choose two.)

A.    authentication host-mode single-host
B.    authentication host-mode multi-domain
C.    authentication host-mode multi-host
D.    authentication host-mode multi-auth

Answer: AB

QUESTION 140
What are two possible reasons why a scheduled nightly backup of ISE to a FTP repository would fail? (Choose two.)

A.    ISE attempted to write the backup to an invalid path on the FTP server.
B.    The ISE and FTP server clocks are out of sync.
C.    The username and password for the FTP server are invalid.
D.    The server key is invalid or misconfigured.
E.    TCP port 69 is disabled on the FTP server.

Answer: AC

QUESTION 141
Which two statements about MAB are true? (Choose two.)

A.    It requires a preexisting database of the MAC addresses of permitted devices.
B.    It is unable to control network access at the edge.
C.    If MAB fails, the device is unable to fall back to another authentication method.
D.    It is unable to link the IP and MAC addresses of a device.
E.    It is unable to authenticate individual users.

Answer: AE

QUESTION 142
Which type of access list is the most scalable that Cisco ISE can use to implement network authorization enforcement for a large number of users?

A.    downloadable access lists
B.    named access lists
C.    VLAN access lists
D.    MAC address access lists

Answer: A

QUESTION 143
When you select Centralized Web Auth in the ISE Authorization Profile, which two components host the web authentication portal? (Choose two.)

A.    ISE
B.    the WLC
C.    the access point
D.    the switch
E.    the endpoints

Answer: BD

QUESTION 144
What is the default posture status for non-agent capable devices, such as Linux and iDevices?

A.    Unknown
B.    Validated
C.    Default
D.    Compliant

Answer: D

QUESTION 145
Your guest-access wireless network is experiencing degraded performance and excessive latency due to user saturation. Which type of rate limiting can you implement on your network to correct the problem?

A.    per-device
B.    per-policy
C.    per-access point
D.    per-controller
E.    per-application

Answer: A

QUESTION 146
You are installing Cisco ISE on nodes that will be used in a distributed deployment. After the initial bootstrap process, what state will the Cisco ISE nodes be in?

A.    Remote
B.    Policy service
C.    Administration
D.    Standalone

Answer: D

QUESTION 147
What three changes require restarting the application service on an ISE node? (Choose three.)

A.    Registering a node.
B.    Changing the primary node to standalone.
C.    Promoting the administration node.
D.    Installing the root CA certificate.
E.    Changing the guest portal default port settings.
F.    Adding a network access device.

Answer: ABC

QUESTION 148
Which default identity source is used by the MyDevices_Portal_Sequence identity source sequence?

A.    internal users
B.    guest users
C.    Active Directory
D.    internal endpoints
E.    RADIUS servers

Answer: A

QUESTION 149
What EAP method supports mutual certificate-based authentication?

A.    EAP-TTLS
B.    EAP-MSCHAP
C.    EAP-TLS
D.    EAP-MD5

Answer: C

QUESTION 150
Which two Active Directory authentication methods are supported by Cisco ISE? (Choose two.)

A.    MS-CHAPv2
B.    PEAP
C.    PPTP
D.    EAP-PEAP
E.    PPP

Answer: AB


New 300-208 exam questions from PassLeader 300-208 dumps! Welcome to download the newest PassLeader 300-208 VCE and PDF dumps: http://www.passleader.com/300-208.html (430 Q&As –> 451 Q&As –> 508 Q&As –> 531 Q&As)

P.S. Free 300-208 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfkFleG9jUGxxS3kwS0VwcllTWmlxdTlBZUd5cnBkaG5DSE5FbU5yOEpYQzQ