Valid Cisco 300-208 Exam Questions

Complex questions of Implementing Cisco Secure Access solutions appear in the CCNP Security certification exam.

Try it Latest DumpsSchool 300-208 Exam dumps. Buy Full File here: (441 As Dumps)

Download the DumpsSchool 300-208 braindumps from Google Drive: (FREE VERSION!!!)

Question No. 1

Which port does Cisco ISE use for native supplicant provisioning of a Windows computer?

Answer: C

8909 : web, cisco nac agent, supplicant provisioning wizard installation

8905 : Cisco NAC agent update

Question No. 2

Which RADIUS attribute can you use to filter MAB requests in an 802.1x deployment?

Answer: B

Question No. 3

In Cisco ISE 1.3, which feature is available to a sponsor in a sponsor group?

Answer: B

Question No. 4

What is a required configuration step for an 802.1X capable switch to support dynamic VLAN and ACL assignments?

Answer: C

Question No. 5

Which command can check a AAA server authentication for server group Group1, user cisco, and password cisco555 on a Cisco ASA device?

Answer: A

Question No. 6

Which components must be selected for a client provisioning policy to do a Posture check on the Cisco ISE?

Answer: D

Question No. 7

Which command configures console port authorization under line con 0?

Answer: D

Question No. 8

When you select Centralized Web Auth in the ISE Authorization Profile, which component hosts the web authentication portal?

Answer: E

Question No. 9

Which RADIUS attribute can be used to dynamically assign the Inactivity active timer for MAB users from the Cisco ISE node?

Answer: B



When the inactivity timer is enabled, the switch monitors the activity from authenticated endpoints.

When the inactivity timer expires, the switch removes the authenticated session.

The inactivity timer for MAB can be statically configured on the switch port, or it can be dynamically assigned using the RADIUS Idle-Timeout attribute (Attribute 28).

Cisco recommends setting the timer using the RADIUS attribute because this approach lets gives you control over which endpoints are subject to this timer and the length of the timer for each class of endpoints.

For example, endpoints that are known to be quiet for long periods of time can be assigned a longer inactivity timer value than chatty endpoints.

Question No. 10

What is a feature of Cisco WLC and IPS synchronization?

Answer: B

Question No. 11

In a basic ACS deployment consisting of two servers, for which three tasks is the primary server responsible? (Choose three.)

Answer: A, B, D

Question No. 12

An ISE1.3 environment, which path does a network engineer use to set up a self-registered guest portal?

Answer: A

300-208 Dumps Google Drive: (Limited Version!!!)

Related Certification: CCNP Security dumps