Pass4sure offers free demo for ccnp security sisas 300 208 official cert guide exam. "Implementing Cisco Secure Access Solutions (SISAS)", also known as cisco 300 208 exam, is a Cisco Certification. This set of posts, Passing the Cisco 300 208 sisas exam, will help you answer those questions. The 300 208 sisas Questions & Answers covers all the knowledge points of the real exam. 100% real Cisco 300 208 dumps exams and revised by experts!
Q1. What is a requirement for posture administration services in Cisco ISE?
A. at least one Cisco router to store Cisco ISE profiling policies
B. Cisco NAC Agents that communicate with the Cisco ISE server
C. an ACL that points traffic to the Cisco ISE deployment
D. the advanced license package must be installed
Answer: D
Q2. Under which circumstance would an inline posture node be deployed?
A. When the NAD does not support CoA
B. When the NAD cannot support the number of connected endpoints
C. When a PSN is overloaded
D. To provide redundancy for a PSN
Answer: A
Q3. The NAC Agent v4.9.x uses which ports and protocols to communicate with an ISE Policy Service Node?
A. tcp/8905, http/80, ftp/21
B. tcp/8905, http/80, https/443
C. udp/8905, telnet/23, https/443
D. udp/8906, http/80, https/443
Answer: B
Q4. Which two switchport commands enable MAB and allow non-802.1X capable devices to immediately run through the MAB process? (Choose two.)
A. authentication order mab dot1x
B. authentication order dot1x mab
C. no authentication timer
D. dot1x timeout tx-period
E. authentication open
F. mab
Answer: A,F
Q5. What is the effect of the ip http secure-server command on a Cisco ISE?
A. It enables the HTTP server for users to connect on the command line.
B. It enables the HTTP server for users to connect using Web-based authentication.
C. It enables the HTTPS server for users to connect using Web-based authentication.
D. It enables the HTTPS server for users to connect on the command line.
Answer: C
Q6. A network administrator needs to determine the ability of existing network devices to deliver key BYOD services. Which tool will complete a readiness assessment and outline hardware and software capable and incapable devices?
A. Prime Infrastructure
B. Network Control System
C. Cisco Security Manager
D. Identity Services Engine
Answer: A
Q7. What user rights does an account need to join ISE to a Microsoft Active Directory domain?
A. Create and Delete Computer Objects
B. Domain Admin
C. Join and Leave Domain
D. Create and Delete User Objects
Answer: A
Q8. In an 802.1X authorization process, a network access device provides which three functions? (Choose three.)
A. Filters traffic prior to authentication
B. Passes credentials to authentication server
C. Enforces policy provided by authentication server
D. Hosts a central web authentication page
E. Confirms supplicant protocol compliance
F. Validates authentication credentials
Answer: A,B,C
Q9. The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?
A. tcp/8905
B. udp/8905
C. http/80
D. https/443
Answer: B
Q10. Which two statements about administrative access to the ACS Solution Engine are true? (Choose two.)
A. The ACS Solution Engine supports command-line connections through a serial-port connection.
B. For GUI access, an administrative GUI user must be created with the add-guiadmin command.
C. The ACS Solution Engine supports command-line connections through an Ethernet interface.
D. An ACL-based policy must be configured to allow administrative-user access.
E. GUI access to the ACS Solution Engine is not supported.
Answer: B,D