[Free] 2017(Apr) Ensurepass Braindumps Cisco 300-208 Latest Dumps 111-120

Ensurepass
2017 April Cisco Official New Released 300-208 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-208.html

Implementing Cisco Secure Access Solutions (SISAS)

QUESTION 111

Refer to the exhibit. The links outside the TrustSec area in the given SGA architecture are unprotected. On which two links does EAC take place? (Choose two.)

 

clip_image002

 

A.

between switch 2 and switch 3

B.

between switch 5 and host 2

C.

between host 1 and switch 1

D.

between the authentication server and switch 4

E.

between switch 1 and switch 2

F.

between switch 1 and switch 5

 

Correct Answer: AB

 

 

QUESTION 112

When you select Centralized Web Auth in the ISE Authorization Profile, which two components host the web authentication portal? (Choose two.)

 

A.

ISE

B.

the WLC

C.

the access point

D.

the switch

E.

the endpoints

 

Correct Answer: BD

 

 

QUESTION 113

In Cisco ISE 1.3, which feature is available to a sponsor in a sponsor group?

 

A.

Help employees add and manage new devices by entering the MAC address for the device.

B.

Restrict sponsors from viewing guest passwords.

C.

Allow the use
r to download a native supplicant profile.

D.

Reinstate or delete devices that were registered previously.

 

Correct Answer: B

 

 

QUESTION 114

Which command enables static PAT for TCP port 25?

 

static (inside,outside) 209.165.201.3 209.165.201.226 netmask 255.255.255.255

A.

nat (outside,inside) static 209.165.201.3 209.165.201.226 eq smtp

B.

nat static 209.165.201.3 eq smtp

C.

nat (inside,outside) static 209.165.201.3 service tcp smtp smtp

D.

 

Correct Answer: C

 

 

QUESTION 115

Which mechanism does Cisco ISE use to force a device off the network if it is reported lost or stolen?

 

A.

CoA

B.

dynamic ACLs

C.

SGACL

D.

certificate revocation

 

Correct Answer: A

 

 

QUESTION 116

An organization has recently deployed ISE with Trustsec capable Cisco switches and would like to allow differentiated network access based on user groups. Which solution is most suitable for achieving these goals?

 

A.

Cyber Threat Defense for user group control by leveraging Netflow exported from the Cisco switches and identity information from ISE

B.

MACsec in Multiple-Host Mode in order to encrypt traffic at each hop of the network infrastructure

C.

Identity-based ACLs preconfigured on the Cisco switches with user identities provided by ISE

D.

Cisco Security Group Access Policies to control access based on SGTs assigned to different user groups

 

Correct Answer: D

 

 

QUESTION 117

Which option is one method for transporting security group tags throughout the network?

 

A.

by embedding the SGT in the IP header

B.

via Security Group Exchange Protocol

C.

by embedding the SGT in the 802.1Q header

D.

by enabling 802.1AE on every network device

 

Correct Answer: B

 

 

QUESTION 118

Which command configures console port authorization under line con 0?

 

A.

authorization default|WORD

B.

authorization exec line con 0|WORD

C.

authorization line con 0|WORD

D.

authorization exec default|WORD

 

Correct Answer: D

 

 

QUESTION 119

Which command is useful when troubleshooting AAA Authentication between a Cisco router and the AAA server?

 

A.

test aaa-server test cisco cisco123 all new-code

B.

test aaa group7 tacacs+ auth cisco123 new-code

C.

test aaa group tacacs+ cisco cisco123 new-code

D.

test aaa-server tacacs+ group7 cisco cisco123 new-code

 

Correct Answer: C

 

 

QUESTION 120

Which two options can a sponsor select to create bulk guest accounts from the sponsor portal? (Choose two.)

 

A.

Known

B.

Random

C.

Monthly

D.

Imported

E.

Daily

F.

Yearly

 

Correct Answer: BD

100% Free Download!
—Download Free Demo:300-208 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-208 Full Exam PDF and VCE Q&As:267
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com