how often are ports reauthenticated by default?

grassman

Enabling Reauthentication on a Port
By default, ports are not automatically reauthenticated. You can enable automatic reauthentication and
specify how often reauthentication attempts are made.

http://www9.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-s/sec-usr-aaa-15-s-book/sec-config-mab.pdf

Brandon

2017/Aug New Updated 300-208 Exam Questions:
QUESTION 288
An engineer must ensure that all client operating systems have the AnyConnect Agent for an upcoming posture implementation.
Which two versions of OS does the AnyConnect posture agent support? (Choose two.)

A. Google Android
B. Ubuntu
C. Apple Mac OS X
D. Microsoft Windows
E. Red Hat Enterprise Linux

Answer: C

QUESTION 289
Which command would be used in order to maintain a single open connection between a network access device and a tacacs server?

A. tacacs-server host timeout
B. tacacs-server host single-connection
C. tacacs-server host
D. tacacs-server host single-connection

Answer: D

QUESTION 290
Refer to the exhibit. Which authentication method is being used?

A. PEAP-MSCHAP
B. EAP-GTC
C. EAP-TLS
D. PEAP-TLS

Answer: C

QUESTION 291
A security engineer has a new TrustSec project and must create a few static security group tag classifications as a proof of concept.
Which two classifications can the tags be mapped to? (Choose two.)

A. VLAN
B. user ID
C. interface
D. switch ID
E. MAC address

Answer: AC

QUESTION 293
Which CoA type does a Cisco ISE PSN send to a network access device when a NAG agent reports the OS patch status of a noncompliant endpoint?

A. CoA-Terminate
B. CoA-PortBounce
C. CoA-Reauth
D. CoA-Remediate

Answer: B

More new 300-208 exam questions:https://drive.google.com/folderview?id=0B272WrTALRHcbTlPUnl0Q1JTTjQ&usp=sharing

Pance

2018/January/6 new 300-208 Exam Questions:

QUESTION
Which functionality does the Cisco ISE self-provisioning flow provide?

A. It provides support for native supplicants, allowing users to connect devices directly to the network.
B. It provides the My Devices portal, allowing users to add devices to the network.
C. It provides support for users to install the Cisco NAC agent on enterprise devices.
D. It provides self-registration functionality to allow guest users to access the network.

Answer: A

QUESTION
During client provisioning on a Mac OS X system, the client system fails to renew its IP address. Which change can you make to the agent profile to correct the problem?

A. Enable the Agent IP Refresh feature.
B. Enable the Enable VLAN Detect Without UI feature.
C. Enable CRL checking.
D. Edit the Discovery Host parameter to use an IP address instead of an FQDN.

Answer: A

QUESTION
Where is dynamic SGT classification configured?

A. Cisco ISE
B. NAD
C. supplicant
D. RADIUS proxy

Answer: A

QUESTION
What is the function of the SGACL policy matrix on a Cisco TrustSec domain with SGT Assignment?

A. It determines which access policy to apply to the endpoint.
B. It determines which switches are trusted within the TrustSec domain.
C. It determines the path the SGT of the packet takes when entering the Cisco TrustSec domain.
D. It lists all servers that are permitted to participate in the TrustSec domain.
E. It lists all hosts that are permitted to participate in the TrustSec domain.

Answer: A

QUESTION
You are configuring SGA on a network device that is unable to perform SGT tagging. How can the device propagate SGT information?

A. The device can use SXP to pass IP-address-to-SGT mappings to a TrustSec-capable hardware peer.
B. The device can use SXP to pass MAC-address-to-STG mappings to a TrustSec-capable hardware peer.
C. The device can use SXP to pass MAC-address-to-IP mappings to a TrustSec-capable hardware peer.
D. The device can propagate SGT information in an encapsulated security payload.
E. The device can use a GRE tunnel to pass the SGT information to a TrustSec-capable hardware peer.

Answer: A

More: http://www.examcollections.info/?s=300-208