2018 Updated Lead2pass Cisco 300-208 Exam Questions:
https://www.lead2pass.com/300-208.html
QUESTION 21
Which two EAP types require server side certificates? (Choose two.)
A. EAP-TLS
B. EAP-PEAP
C. EAP-MD5
D. LEAP
E. EAP-FAST
F. MSCHAPv2
Answer: AB
QUESTION 22
Where is client traffic decrypted in a controller-based wireless network protected with WPA2 Security?
A. Access Point
B. Switch
C. Wireless LAN Controller
D. Authentication Server
Answer: A
QUESTION 23
Which setting provides the best security for a WLAN and authenticates users against a centralized directory store?
A. WPA2 AES-CCMP and 801.X authentication
B. WPA2 AES-CCMP and PSK authentication
C. WPA2 TKIP and PSK authentication
D. WPA2 TKIP and 802.1X authentication
Answer: A
QUESTION 24
What is a feature of Cisco WLC and IPS synchronization?
A. Cisco WLC populates the ACLs to prevent repeat intruder attacks.
B. The IPS automatically send shuns to Cisco WLC for an active host block.
C. Cisco WLC and IPS synchronization enables faster wireless access.
D. IPS synchronization uses network access points to provide reliable monitoring.
Answer: B
QUESTION 25
Which two components are required to connect to a WLAN network that is secured by EAP-TLS authentication? (Choose two.)
A. Kerberos authentication server
B. AAA/RADIUS server
C. PSKs
D. CA server
Answer: BD
QUESTION 26
Which statement about Cisco Management Frame Protection is true?
A. It enables stations to remain in power-save mode, except at specified intervals to receive data
from the access point.
B. It detects spoofed MAC addresses.
C. It identifies potential RF jamming attacks.
D. It protects against frame and device spoofing.
Answer: D
QUESTION 27
Which three statements about the Cisco wireless IPS solution are true? (Choose three.)
A. It enables stations to remain in power-save mode, except at specified intervals to receive data from
the access point.
B. It detects spoofed MAC addresses.
C. It identifies potential RF jamming attacks.
D. It protects against frame and device spoofing.
E. It allows the WLC to failover because of congestion.
Answer: BCD
QUESTION 28
In a basic ACS deployment consisting of two servers, for which three tasks is the primary server responsible? (Choose three.)
A. configuration
B. authentication
C. sensing
D. policy requirements
E. monitoring
F. repudiation
Answer: ABD
QUESTION 29
In a split ACS deployment with primary and secondary servers, which three statements about AAA load handling are true? (Choose three.)
A. During normal operations, each server processes the full workload of both servers.
B. If a AAA connectivity problem occurs, the servers split the full load of authentication requests.
C. If a AAA connectivity problem occurs, each server processes the full workload of both servers.
D. During normal operations, the servers split the full load of authentication requests.
E. During normal operations, each server is used for specific operations, such as device administration
and network admission.
F. The primary servers are used to distribute policy information to other servers in the enterprise.
Answer: CDE
QUESTION 30
Which three personas can a Cisco ISE assume in a deployment? (Choose three.)
A. connection
B. authentication
C. administration
D. testing
E. policy service
F. monitoring
Answer: CEF
300-208 dumps full version (PDF&VCE): https://www.lead2pass.com/300-208.html
Large amount of free 300-208 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDMXlWOHdFVkZmREU
You may also need:
300-206 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDQ0xqNGttYzZGYk0
300-209 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDYnF5Vk16OS1tc1E
300-210 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDRF9kSExjc1FqREU