[Free] 2018(Mar) EnsurePass Testinsides Cisco 300-208 Dumps with VCE and PDF 101-110

Ensurepass.com : Ensure you pass the IT Exams
2018 Mar Cisco Official New Released 300-208
100% Free Download! 100% Pass Guaranteed!

Implementing Cisco Secure Access Solutions

Question No: 101

Which two fields are characteristics of IEEE 802.1AE frame? (Choose two.)

  1. destination MAC address

  2. source MAC address

  3. 802.1AE header in EtherType

  4. security group tag in EtherType

  5. integrity check value

  6. CRC/FCS

Answer: C,E

Question No: 102

Which option is the correct redirect-ACL for Wired-CWA, with being the Cisco ISE IP address?

  1. ip access-l ex ACL-WEBAUTH-REDIRECT deny udp any any eq domain deny ip any host permit tcp any any eq 80 permit tcp any any eq 443

  2. ip access-l ex ACL-WEBAUTH-REDIRECT permit udp any any eq domain permit ip any host deny tcp any any eq 80 permit tcp any any eq 443

  3. ip access-l ex ACL-WEBAUTH-REDIRECT deny udp any any eq domain permit tcp any host eq 8443 deny ip any host permit tcp any any eq 80 permit tcp any any eq 443

  4. ip access-l ex ACL-WEBAUTH-REDIRECT permit udp any any eq domain deny ip any host permit tcp any any eq 80permit tcp any any eq 443

Answer: A

Question No: 103

Which two NAC agents support file remediation? (Choose two.)

  1. Web Agent for Macintosh

  2. NAC Agent for Windows

  3. NAC Agent for Macintosh

  4. Web Agent for UNIX

  5. Web Agent for Windows

Answer: B,E

Question No: 104

Which method does Cisco prefer to securely deploy guest wireless access in a BYOD implementation?

  1. deploying a dedicated Wireless LAN Controller in a DMZ

  2. configuring a guest SSID with WPA2 Enterprise authentication

  3. configuring guest wireless users to obtain DHCP centrally from the corporate DHCP server

  4. disabling guest SSID broadcasting

Answer: A

Question No: 105

Which command defines administrator CLI access in ACS5.x?

  1. Application reset-passwd acs username

  2. username username password password role admin

  3. username username password plain password role admin

  4. password-policy

Answer: C

Question No: 106

An engineer of company A will be sending guest credentials through SMS to conference participants. Which portal must be used to create them?

  1. SMS

  2. Sponsor

  3. Guest

  4. User

Answer: B

Question No: 107 CORRECT TEXT

The Secure-X company has recently successfully tested the 802.1X authentication deployment using the Cisco Catalyst switch and the Cisco ISEv1.2 appliance. Currently, each employee desktop is connected to an 802.1X enabled switch port and is able to use the Cisco AnyConnect NAM 802.1Xsupplicantto log in and connect to the network.

Currently, a new testing requirement is to add a network printer to the Fa0/19 switch port and have it connect to the network. The network printer does not support 802.1X supplicant. The Fa0/19 switch port is now configured to use 802.1X authentication only.

To support this network printer, the Fa0/19 switch port configuration needs to be edited to enable the network printer to authenticate using its MAC address. The network printer should also be on VLAN 9.

Another network security engineer responsible for managing the Cisco ISE has already per-configured all the requirements on the Cisco ISE, including adding the network printer MAC address to the Cisco ISE endpoint database and etc…

Your task in the simulation is to access the Cisco Catalyst Switch console then use the CLI to:

  • Enable only the Cisco Catalyst Switch Fa0/19 switch port to authenticate the network printer using its MAC address and:

  • Ensure that MAC address authentication processing is not delayed until 802.1Xfails

  • Ensure that even if MAC address authentication passes, the switch will still perform 802.1X authentication if requested by a 802.1X supplicant

  • Use the required show command to verify the MAC address authentication on the Fa0/19 is successful

    The switch enable password is Cisco

    For the purpose of the simulation, to test the network printer, assume the network printer will be unplugged then plugged back into the Fa0/19 switch port after you have finished the required configurations on the Fa0/19 switch port.

    Note: For this simulation, you will not need and do not have access to the ISE GUI To access the switch CLI, click the Switch icon in the topology diagram

    Ensurepass 2018 PDF and VCE

    Answer: Review the explanation for full configuration and solution.


    Initial configuration for fa 0/19 that is already done:

    Ensurepass 2018 PDF and VCE

    AAA configuration has already been done for us. We need to configure mac address bypass on this port to achieve the goal stated in the question. To do this we simply need to add this command under the interface:


    Then do a shut/no shut on the interface. Verification:

    Ensurepass 2018 PDF and VCE

    Question No: 108

    What is another term for 802.11i wireless network security?

    A. 802.1x

    1. WEP

    2. TKIP

    3. WPA

    4. WPA2

    Answer: E

    Question No: 109

    Refer to Following:

    aaa new model

    tacacs-server host single connection tacas-server key cisco123

    Which statement about the authentication protocol used in the configuration is true?

    1. Authentication request contains username, encrypted password, NAS IP address, and port.

    2. Authentication and authorization requests are sent in a single open connection between the network device and the TACACS server

    3. Authentication request contains username, password, NAS IP address and port.

    4. Authentication and authorization request packets are grouped together in a single packet.

    Answer: B

    Question No: 110

    Which network access device feature can you configure to gather raw endpoint data?

    1. Device Sensor

    2. Device Classifier

    3. Switched Port Analyzer

    4. Trust Anchor

    Answer: A

    100% Ensurepass Free Download!
    Download Free Demo:300-208 Demo PDF
    100% Ensurepass Free Guaranteed!
    300-208 Dumps

    EnsurePass ExamCollection Testking
    Lowest Price Guarantee Yes No No
    Up-to-Dated Yes No No
    Real Questions Yes No No
    Explanation Yes No No
    PDF VCE Yes No No
    Free VCE Simulator Yes No No
    Instant Download Yes No No

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com