[Free] 2019(Nov) EnsurePass Cisco 300-208 Dumps with VCE and PDF 1-10

Get Full Version of the Exam

Question No.1

Which option is one method for transporting security group tags throughout the network?

  1. by embedding the SGT in the IP header

  2. via Security Group Exchange Protocol

  3. by embedding the SGT in the 802.1Q header

  4. by enabling 802.1AE on every network device

Correct Answer: B

Question No.2

A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group. Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?

  1. Authenticate guest users to Cisco ISE.

  2. Keep track of guest user activities.

  3. Create and manage guest user accounts.

  4. Configure authorization setting for guest users.

Correct Answer: C

Question No.3

You discover that the Cisco ISE is failing to connect to the Active Directory server. Which option is a possible cause of the problem?

  1. NTP server time synchronization is configured incorrectly.

  2. There is a certificate mismatch between Cisco ISE and Active Directory.

  3. NAT statements required for Active Directory are configured incorrectly.

  4. The RADIUS authentication ports are being blocked by the firewall.

Correct Answer: A

Question No.4

Which components must be selected for a client provisioning policy to do a Posture check on the Cisco ISE?

  1. Configuration Wizard, Wizard Profile

  2. Remediation Actions, Posture Requirements

  3. Operating System, Posture Requirements

  4. Agent, Profile, Compliance Module

Correct Answer: D

Question No.5

A network administrator wants to use dynamic VLAN assignment from Cisco ISE. Which option must be configured on the switch to support this?

  1. AAA authentication

  2. VTP

  3. DTP

  4. AAA authorization

Correct Answer: D

Question No.6

Your guest-access wireless network is experiencing degraded performance and excessive latency due to user saturation. Which type of rate limiting can you implement on your network to correct the problem?

  1. per-device

  2. per-policy

  3. per-access point

  4. per-controller

  5. per-application

Correct Answer: A

Question No.7

An engineer of Company A wants to know what kind of devices are connecting to the network. Which service can be enabled on the Cisco ISE node?

  1. central web authentication

  2. posture

  3. MAB

  4. profiling

Correct Answer: D


Cisco ISE Profiling Services provides dynamic detection and classification of endpoints connected to the network.Using MAC addresses as the unique identifier, ISE collects various attributes for each network endpoint to build an internal endpoint database.

Question No.8

Which two conditions are valid when configuring ISE for posturing? (Choose two.)

  1. Dictionary

  2. member Of

  3. Profile status

  4. File

  5. Service

Correct Answer: DE

Question No.9

Refer to the exhibit. In a distributed deployment of Cisco ISE, which column in Figure 1 is used to fill in the Host Name field in Figure 2 to collect captures on Cisco ISE while authenticating the specific endpoint?


  1. Server

  2. Network Device

  3. Endpoint ID

  4. Identity

Correct Answer: A

Question No.10

In a multi-node ISE deployment, backups are not working on the MnT node. Which ISE CLI option would help mitigate this issue?

  1. repository

  2. ftp-url

  3. application-bundle

  4. collector

Correct Answer: A

Get Full Version of the Exam
300-208 Dumps
300-208 VCE and PDF

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com