B085A2DC8B0CE81559A954729F6B20E1

Cisco 300-208 Certification Exam Questions and Answers 2022

300-208 Cisco Exam Info and Free Practice Test

These Cisco Certified Network Professional Security (SISAS) sample questions and demo exam help you in removing these doubts and prepare you to take the test

Cisco 300-208 Certification Exam Questions and Answers 2022


Question #1Topic 1

A network administrator needs to implement a service that enables granular control of IOS commands that can be executed. Which AAA authentication method should be selected?

  • A. TACACS+
  • B. RADIUS
  • C. Windows Active Directory
  • D. Generic LDAP

Correct Answer: A ðŸ—³️

Question #2Topic 1

An administrator can leverage which attribute to assign privileges based on Microsoft Active Directory user groups?

  • A. member of
  • B. group
  • C. class
  • D. person

Correct Answer: A ðŸ—³️

Question #3Topic 1

Cisco 802.1X phasing enables flexible deployments through the use of open, low-impact, and closed modes. What is a unique characteristic of the most secure mode?

  • A. Granular ACLs applied prior to authentication
  • B. Per user dACLs applied after successful authentication
  • C. Only EAPoL traffic allowed prior to authentication
  • D. Adjustable 802.1X timers to enable successful authentication

Correct Answer: C ðŸ—³️

Question #4Topic 1

A network administrator must enable which protocol extension to utilize EAP-Chaining?

  • A. EAP-FAST
  • B. EAP-TLS
  • C. MSCHAPv2
  • D. PEAP

Correct Answer: A ðŸ—³️

Question #5Topic 1

In the command 'aaa authentication default group tacacs local', how is the word 'default' defined?

  • A. Command set
  • B. Group name
  • C. Method list
  • D. Login type

Correct Answer: C ðŸ—³️

Question #6Topic 1

Changes were made to the ISE server while troubleshooting, and now all wireless certificate authentications are failing. Logs indicate an EAP failure. What is the most likely cause of the problem?

  • A. EAP-TLS is not checked in the Allowed Protocols list
  • B. Certificate authentication profile is not configured in the Identity Store
  • C. MS-CHAPv2-is not checked in the Allowed Protocols list
  • D. Default rule denies all traffic
  • E. Client root certificate is not included in the Certificate Store

Correct Answer: A ðŸ—³️

Question #7Topic 1

The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?

  • A. tcp/8905
  • B. udp/8905
  • C. http/80
  • D. https/443

Correct Answer: B ðŸ—³️

Question #8Topic 1

Which two conditions are valid when configuring ISE for posturing? (Choose two.)

  • A. Dictionary
  • B. member Of
  • C. Profile status
  • D. File
  • E. Service

Correct Answer: DE ðŸ—³️

Question #9Topic 1

Refer to the exhibit.

Which three statements about the given configuration are true? (Choose three.)

  • A. TACACS+ authentication configuration is complete.
  • B. TACACS+ authentication configuration is incomplete.
  • C. TACACS+ server hosts are configured correctly.
  • D. TACACS+ server hosts are misconfigured.
  • E. The TACACS+ server key is encrypted.
  • F. The TACACS+ server key is unencrypted.

Correct Answer: BCF 

Question #10Topic 1

In AAA, what function does authentication perform?

  • A. It identifies the actions that the user can perform on the device.
  • B. It identifies the user who is trying to access a device.
  • C. It identifies the actions that a user has previously taken.
  • D. It identifies what the user can access.

Correct Answer: B ðŸ—³️

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.