QUESTION 41
Which two statements about administrative access to the ACS Solution Engine are true? (Choose two.)
A. The ACS Solution Engine supports command-line connections through a serial-port connection.
B. For GUI access, an administrative GUI user must be created with the add-guiadmin command.
C. The ACS Solution Engine supports command-line connections through an Ethernet interface.
D. An ACL-based policy must be configured to allow administrative-user access.
E. GUI access to the ACS Solution Engine is not supported.
Answer: BD
QUESTION 42
What is the purpose of the Cisco ISE Guest Service Sponsor Portal?
A. It tracks and stores user activity while connected to the Cisco ISE.
B. It securely authenticates guest users for the Cisco ISE Guest Service.
C. It filters guest users from account holders to the Cisco ISE.
D. It creates and manages Guest User accounts.
Answer: D
QUESTION 43
What is the effect of the ip http secure-server command on a Cisco ISE?
A. It enables the HTTP server for users to connect on the command line.
B. It enables the HTTP server for users to connect using Web-based authentication.
C. It enables the HTTPS server for users to connect using Web-based authentication.
D. It enables the HTTPS server for users to connect on the command line.
Answer: C
QUESTION 44
When RADIUS NAC and AAA Override are enabled for WLC on a Cisco ISE, which two statements about RADIUS NAC are true? (Choose two.)
A. It will return an access-accept and send the redirection URL for all users.
B. It establishes secure connectivity between the RADIUS server and the ISE.
C. It allows the ISE to send a CoA request that indicates when the user is authenticated.
D. It is used for posture assessment, so the ISE changes the user profile based on posture result.
E. It allows multiple users to authenticate at the same time.
Answer: CD
QUESTION 45
What are the initial steps to configure an ACS as a TACACS server?
A. 1. Choose Network Devices and AAA Clients > Network Resources.
2. Click Create.
B. 1. Choose Network Resources > Network Devices and AAA Clients.
2. Click Create.
C. 1. Choose Network Resources > Network Devices and AAA Clients.
2. Click Manage.
D. 1. Choose Network Devices and AAA Clients > Network Resources.
2. Click Install.
Answer: B
QUESTION 46
Which two statements about administrative access to the Cisco Secure ACS SE are true? (Choose two.)
A. The Cisco Secure ACS SE supports command-line connections through a serial-port connection.
B. For GUI access, an administrative GUI user must be created by using the add-guiadmin command.
C. The Cisco Secure ACS SE supports command-line connections through an Ethernet interface.
D. An ACL-based policy must be configured to allow administrative-user access.
E. GUI access to the Cisco Secure ASC SE is not supported.
Answer: BD
QUESTION 47
When RADIUS NAC and AAA Override are enabled for a WLC on a Cisco ISE, which two statements about RADIUS NAC are true? (Choose two.)
A. It returns an access-accept and sends the redirection URL for all users.
B. It establishes secure connectivity between the RADIUS server and the Cisco ISE.
C. It allows the Cisco ISE to send a CoA request that indicates when the user is authenticated.
D. It is used for posture assessment, so the Cisco ISE changes the user profile based on posture result.
E. It allows multiple users to authenticate at the same time.
Answer: CD
QUESTION 48
In the command ‘aaa authentication default group tacacs local’, how is the word ‘default’ defined?
A. Command set
B. Group name
C. Method list
D. Login type
Answer: C
QUESTION 49
In an 802.1X authorization process, a network access device provides which three functions? (Choose three.)
A. Filters traffic prior to authentication
B. Passes credentials to authentication server
C. Enforces policy provided by authentication server
D. Hosts a central web authentication page
E. Confirms supplicant protocol compliance
F. Validates authentication credentials
Answer: ABC
QUESTION 50
Which two switchport commands enable MAB and allow non-802.1X capable devices to immediately run through the MAB process? (Choose two.)
A. authentication order mab dot1x
B. authentication order dot1x mab
C. no authentication timer
D. dot1x timeout tx-period
E. authentication open
F. mab
Answer: AF
If you want to pass Cisco 300-208 successfully, donot missing to read latest lead2pass Cisco 300-208 practice exams.
If you can master all lead2pass questions you will able to pass 100% guaranteed.