P.S. Free 300-208 prep are available on Google Drive, GET MORE: https://drive.google.com/open?id=1DWWCaNkhxkRc9eJbUhO1wkyzF9H1ehlb
New Cisco 300-208 Exam Dumps Collection (Question 12 - Question 21)
Question No: 12
You have configured a Cisco ISE 1.2 deployment for self-registration of guest users. What two options can you select from to determine when the account duration timer begins? (Choose two.)
A. CreateTime
B. FirstLogin
C. BeginLogin
D. StartTime
Answer: A,B
Question No: 13
You are installing Cisco ISE on nodes that will be used in a distributed deployment. After the initial bootstrap process, what state will the Cisco ISE nodes be in?
A. Remote
B. Policy service
C. Administration
D. Standalone
Answer: D
Question No: 14
Which 2 options are functional components of the posture service?
A. Quarantined policy
B. Posture policy
C. Client provisioning
D. Network provisioning
Answer: B,C
Question No: 15
Which two statements about administrative access to the ACS Solution Engine are true? (Choose two.)
A. The ACS Solution Engine supports command-line connections through a serial-port connection.
B. For GUI access, an administrative GUI user must be created with the add-guiadmin command.
C. The ACS Solution Engine supports command-line connections through an Ethernet interface.
D. An ACL-based policy must be configured to allow administrative-user access.
E. GUI access to the ACS Solution Engine is not supported.
Answer: A,B
Explanation: who possess the proper administrative credentials. The CLI administrator does not have access to the ACS web GUI.
To create an initial GUI administrator account that allows web access to the ACS SE GUI, use the add-guiadmin command to create a GUI account.
add-guiadmin :
Adds a GUI account that allows access to the SE using the ACS web GUI.
Question No: 16
CORRECT TEXT
if the user in non-compliant state and want to Get out of quarantine ?
Answer:
download posture
Question No: 17
An organization has recently deployed ISE with the latest models of Cisco switches, and it plans to deploy Trustsec to secure its infrastructure. The company also wants to allow different network access policies for different user groups (e.g., administrators). Which solution is needed to achieve these goals?
A. Cisco Security Group Access Policies in order to use SGACLs to control access based on SGTs assigned to different users
B. MACsec in Multiple-Host Mode in order to open or close a port based on a single authentication
C. Identity-based ACLs on the switches with user identities provided by ISE
D. Cisco Threat Defense for user group control by leveraging Netflow exported from the switches and login information from ISE
Answer: A
Question No: 18
Refer to the exhibit.
In a distributed deployment of Cisco ISE, which column in Figure 1 is used to fill in the Host Name field in Figure 2 to collect captures on Cisco ISE while authenticating the specific
endpoint?
A. Server
B. Network Device
C. Endpoint ID
D. Identity
Answer: A
Question No: 19
Which advanced option within a WLAN must be enabled to trigger central web authentication for wireless users?
A. AAA override
B. Static IP tunnelling
C. Diagnostic channel
D. DHCP server
Answer: A
Question No: 20
Which remediation type ensures that Automatic Updates configuration is turned on Windows clients per security policy to remediate Windows clients for posture compliance?
A. AS Remediation
B. File Remediation
C. Launch Program Remediation
D. Windows Update Remediation
E. Windows Server Update Services Remediation
Answer: D
Question No: 21
Which CoA type does a Cisco ISE PSN send to a network access device when a NAG agent reports the OS patch status of a noncompliant endpoint?
A. CoA-Terminate
B. CoA-PortBounce
C. CoA-Reauth
D. CoA-Remediate
Answer: C
Explanation: If an endpoint is marked noncompliant during that download, a CoA is sent and the device is forced to reauthenticate, providing a different result (such as quarantine).
Recommend!! Get the Free 300-208 dumps in VCE and PDF From 2passeasy, Welcome to download: https://www.2passeasy.com/dumps/300-208/ (New 310 Q&As Version)