[Free] 2017(Feb) Ensurepass Braindumps Cisco 300-208 Practice Test 71-80

Ensurepass

Implementing Cisco Secure Access Solutions (SISAS)

 

QUESTION 71

What is a feature of Cisco WLC and IPS synchronization?

 

A.

Cisco WLC populates the ACLs to prevent repeat intruder attacks.

B.

The IPS automatically send shuns to Cisco WLC for an active host block.

C.

Cisco WLC and IPS synchronization enables faster wireless access.

D.

IPS synchronization uses network access points to provide reliable monitoring.

 

Correct Answer: B

 

 

QUESTION 72

Which option describes the purpose of configuring Native Supplicant Profile on the Cisco ISE?

 

A.

It helps employees add and manage new devices by entering the MAC address for the device.

B.

It is used to register personal devices on the network.

C.

It enforces the use of MSCHAPv2 or EAP-TLS for 802.1X authentication.

D.

It provides posture assessments and remediation for devices that are attempting to gain access to the corporate network.

 

Correct Answer: C

 

 

QUESTION 73

When you add a new PSN for guest access services, which two options must be enabled under deployment settings? (Choose two.)

 

A.

Admin

B.

Monitoring

C.

Policy Service

D.

Session Services

E.

Profiling

 

Correct Answer: CD

 

 

QUESTION 74

You discover that the Cisco ISE is fai
ling to connect to the Active Directory server. Which option is a possible cause of the problem?

 

A.

NTP server time synchronization is configured incorrectly.

B.

There is a certificate mismatch between Cisco ISE and Active Directory.

C.

NAT statements required for Active Directory are configured incorrectly.

D.

The RADIUS authentication ports are being blocked by the firewall.

 

Correct Answer: A

 

QUESTION 75

Which two portals can be configured to use portal FQDN? (Choose two.)

 

A.

admin

B.

sponsor

C.

guest

D.

my devices

E.

monitoring and troubleshooting

 

Correct Answer: BD

 

 

QUESTION 76

Your guest-access wireless network is experiencing degraded performance and excessive latency due to user saturation. Which type of rate limiting can you implement on your network to correct the problem?

 

A.

per-device

B.

per-policy

C.

per-access point

D.

per-controller

E.

per-application

 

Correct Answer: A

 

 

QUESTION 77

Where is dynamic SGT classification configured?

 

A.

Cisco ISE

B.

NAD

C.

supplicant

D.

RADIUS proxy

 

Correct Answer: A

 

 

QUESTION 78

What steps must you perform to deploy a CA-signed identity certificate on an ISE device?

 

A.

1. Download the CA server certificate and install it on ISE.

2. Generate a signing request and save it as a file.

3. Access the CA server and submit the CA request.

4. Install the issued certificate on the ISE.

B.

1. Download the CA server certificate and install it on ISE.

2. Generate a signing request and save it as a file.

3. Access the CA server and submit the CSR.

4. Install the issued certificate on the CA server.

C.

1. Generate a signing request and save it as a file.

2. Download the CA server certificate and install it on ISE.

3. Access the ISE server and submit the CA request.

4. Install the issued certificate on the CA server.

D.

1. Generate a signing request and save it as a file.

2. Download the CA server certificate and install it on ISE.

3. Access the CA server and submit the CSR.

4. Install the issued certificate on the ISE.

 

Correct Answer: D

 

 

QUESTION 79

Which feature must you configure on a switch to allow it to redirect wired endpoints to Cisco ISE?

 

A.

the http secure-server command

B.

RADIUS Attribute 29

C.

the RADIUS VSA for accounting

D.

the RADIUS VSA for URL-REDIRECT

 

Correct Answer: A

 

 

QUESTION 80

Which two statements about administrative access to the ACS Solution Engine are true? (Choose two.)

 

A.

The ACS Solution Engine supports command-line connections through a serial-port connection.

B.

For GUI access, an administrative GUI user must be created with the add-guiadmin command.

C.

The ACS Solution Engine supports command-line connections through an Ethernet interface.

D.

An ACL-based policy must be configured to allow administrative-user access.

E.

GUI access to the ACS Solution Engine is not supported.

 

Correct Answer: BD

 

Free VCE & PDF File for Cisco 300-208 Practice Test

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …