Cisco 300-208 Certification Practice Questions & Answers

Question 6 of 256

Changes were made to the ISE server while troubleshooting, and now all wireless certificate authentications are failing. Logs indicate an EAP failure. What is the most likely cause of the problem?

A.

EAP-TLS is not checked in the Allowed Protocols list

B.

Certificate authentication profile is not configured in the Identity Store

C.

MS-CHAPv2-is not checked in the Allowed Protocols list

D.

Default rule denies all traffic

E.

Client root certificate is not included in the Certificate Store

Question 7 of 256

The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?

A.

tcp/8905

B.

udp/8905

C.

http/80

D.

https/443

Question 8 of 256

Which two conditions are valid when configuring ISE for posturing? (Choose two.)

Question 9 of 256

Refer to the exhibit.
Exam 300-208: Question 9 - Image 1

Which three statements about the given configuration are true? (Choose three.)

A.

TACACS+ authentication configuration is complete.

B.

TACACS+ authentication configuration is incomplete.

C.

TACACS+ server hosts are configured correctly.

D.

TACACS+ server hosts are misconfigured.

E.

The TACACS+ server key is encrypted.

F.

The TACACS+ server key is unencrypted.

Question 10 of 256

In AAA, what function does authentication perform?

A.

It identifies the actions that the user can perform on the device.

B.

It identifies the user who is trying to access a device.

C.

It identifies the actions that a user has previously taken.

D.

It identifies what the user can access.