Vendor Name: Cisco
Exam code: 300-208
Exam Name: Implementing Cisco Secure Access Solutions (SISAS)
Click the link below to get full version
http://www.certifyguide.com/exam/300-208/
|
Question: 1
|
A network administrator needs
to implement a service that enables granular control of IOS commands that can
be executed. Which AAA authentication method should be selected?
A. TACACS+
B. RADIUS
C. Windows Active Directory
D. Generic LDAP
|
Answer: A
|
|
Question: 2
|
An administrator can leverage
which attribute to assign privileges based on Microsoft Active Directory user
groups?
A. member of
B. group
C. class
D. person
|
Answer: A
|
|
Question: 3
|
Cisco 802.1X phasing enables
flexible deployments through the use of open, low-impact, and closed modes.
What is a unique characteristic of the most secure mode?
A. Granular ACLs applied prior
to authentication
B. Per user dACLs applied
after successful authentication
C. Only EAPoL traffic allowed
prior to authentication
D. Adjustable 802.1X timers to
enable successful authentication
|
Answer: C
|
|
Question: 4
|
A network administrator must
enable which protocol extension to utilize EAP-Chaining?
A. EAP-FAST
B. EAP-TLS
C. MSCHAPv2
D. PEAP
|
Answer: A
|
|
Question: 5
|
In the command 'aaa
authentication default group tacacs local', how is the word 'default' defined?
A. Command set
B. Group name
C. Method list
D. Login type
|
Answer: C
|
|
Question: 6
|
Changes were made to the ISE
server while troubleshooting, and now all wireless certificate authentications
are failing. Logs indicate an EAP failure. What is the most likely cause of the
problem?
A. EAP-TLS is not checked in
the Allowed Protocols list
B. Certificate authentication
profile is not configured in the Identity Store
C. MS-CHAPv2-is not checked in
the Allowed Protocols list
D. Default rule denies all
traffic
E. Client root certificate is
not included in the Certificate Store
|
Answer: A
|
No comments:
Post a Comment