Certification Exam Prep Questions For (300-208) 14-Day Official CCNP Security + CCNA Security Dual-Certification Boot Camp SISAS

Name: Practice Exam - 14-Day Official CCNP Security+CCNA Security
SKU: Practice Exam - 14-Day Official CCNP Security+CCNA Security
Price: 99 USD
Availability: InStock

QuickStart is now offering assessment questions for 14-Day Official CCNP Security + CCNA Security Dual-Certification Boot Camp (SISAS) (300-208). Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for 14-Day Official CCNP Security + CCNA Security Dual-Certification Boot Camp (SISAS) (300-208).

A network administrator must implement a service which allows granular control regarding IOS commands to be executed. For this, which AAA method of authentication needs to be selected?

A. TACACS+: Correct!

B. Windows Active Directory: Incorrect.

C. RADIUS: Incorrect.

D. Generic LDAP: Incorrect.

Based on user groups of Microsoft Active Directory, which attribute an administrator has the power to leverage in order to assign privileges?

A. Member of group or;: Correct!

B. class person: Incorrect.

The phasing of Cisco 802.1X allows flexible deployments by using low-impact, open and closed modes. Mention the unique characteristic of the highest secure mode?

A. Granular ACLs applied before authentication: Incorrect.

B. Only EAPoL traffic allowed before authentication: Correct!

C. Per-user dACLs applied just after positive authentication: Incorrect.

D. Adjustable 802.1X timers to allow positive authentication: Incorrect.

A network administrator should allow which protocol extension to make use of EAP-Chaining?

A. EAP-FAST: Correct!

B. MSCHAPv2: Incorrect.

C. EAP-TLS: Incorrect.

D. PEAP: Incorrect.

Considering the ‘aaa authentication default group tacacs local’ command, how would you define the word ‘default’?

A. Command set: Incorrect.

B. Method list: Correct!

C. Group name: Incorrect.

D. Login type: Incorrect.

Modifications are made during troubleshooting to the ISE server, but now every wireless certificate authentication is failing. As per Logs, there is an EAP failure. Mention the most probable cause of this problem?

A. EAP-TLS is not checked in the list of Allowed Protocols: Correct!

B. MS-CHAPv2- is not checked in the list of Allowed Protocols: Incorrect.

C. In the Identity Store, Certificate authentication profile is not configured: Incorrect.

D. The default rule is denying complete traffic: Incorrect.

The NAC Agent utilize which protocol and port to deliver discovery packets towards the ISE Policy Service Node?

A. tcp/8905: Incorrect.

B. htp/80: Incorrect.

C. udp/8905: Correct!

D. htps///4: Incorrect.

Name the two conditions that remain valid while configuring ISE for the purpose of posturing? (Select two)

A. Dictionary: Incorrect.

B. Profile status: Incorrect.

C. member Of: Incorrect.

D. Service: Correct!

E. File: Correct!

In AAA, mention the function performed by authentication?

A. It finds the actions that can be performed on the device by the user: Incorrect.

B. It detects the actions previously taken by the user: Incorrect.

C. It classifies the user, trying to contact a device.: Correct!

D. It finds what the user can access.: Incorrect.

Mention the identity store option that enables you to make changes in the directory services which run on TCP/IP?

A. Lightweight Directory Access Protocol: Correct!

B. RADIUS Active Directory: Incorrect.

C. RSA SecurID server: Incorrect.

Which 3 features are supported by CISCO ISE distributed deployments? (Select three).

A. global application of the profiler service CoA: Correct!

B. configuration to direct system logs to the suitable profiler node: Correct!

C. global employment of the profiler service in Cisco ISE: Incorrect.

D. server-specific probe configuration NetFlow probes: Incorrect.

E. node-specific probe configuration: Correct!

What is the frequency of Profiled Endpoints dashlet for refreshing data?

A. every 40 seconds: Incorrect.

B. every 2 minutes: Incorrect.

C. every 60 seconds: Correct!

D. every 5 minutes: Incorrect.

Name the command of the My Devices Portal that can restore some previously lost device to your network?

A. Reset: Incorrect.

B. Reinstate: Correct!

C. Found: Incorrect.

D. Request: Incorrect.

Name the first step which happens while provisioning some wired device in some BYOD scenario?

A. The smart hub notices that the physically connected endpoint needs configuration and should use MAB in order to authenticate.: Correct!

B. Cisco ISE authenticates the user and positions the SPW package.: Incorrect.

C. The URL redirects to the Cisco ISE Guest Provisioning portal.: Incorrect.

D. Cisco ISE validates the user and deploys the SPW package.: Incorrect.

E. The device user tries to access a network URL.: Incorrect.

Name the 3 features that must be allowed as best practices regarding MAB? (Select three).

A. MD5: Incorrect.

B. DHCP snooping: Correct!

C. IP source guard: Correct!

D. DAI: Correct!

E. storm control: Incorrect.

F. URPF: Incorrect.

When MAB is formed, how frequently are ports re-authenticated - by default?

A. every 60 seconds: Incorrect.

B. every 120 seconds: Incorrect.

C. every 90 seconds: Incorrect.

D. never: Correct!

What is the most needed step when ACL assignments and dynamic VLAN is deployed?

A. Configure the VLAN assignment.: Incorrect.

B. Configure Cisco IOS Software 802.1X authenticator authorization.: Correct!

C. Configure the ACL assignment.: Incorrect.

D. Configure the Cisco IOS Software switch for ACL assignment.: Incorrect.

Name the model that Cisco support in the authorization implementation RADIUS change?

A. Push: Correct!

B. policy: Incorrect.

C. pull: Incorrect.

D. security: Incorrect.

Name the administrative role that has been permitted to allocate Security Group Access Control Lists?

A. System Admin: Incorrect.

B. Policy Admin: Correct!

C. Network Device Admin: Incorrect.

D. Identity Admin: Incorrect.

Excessive log messages are being generated by Wireless client supplicants who are attempting to validate to a wireless network. Mention the 3 WLC authentication settings that must be disabled? (Select three)