Which AAA authentication method should be selected?

A network administrator needs to implement a service that enables granular control of IOS
commands that can be executed. Which AAA authentication method should be selected?

A network administrator needs to implement a service that enables granular control of IOS
commands that can be executed. Which AAA authentication method should be selected?

A.
TACACS+

B.
RADIUS

C.
Windows Active Directory

D.
Generic LDAP

Explanation:

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

adam lambert

adam lambert

If you want to prepare for 300-208 exam in shortest time, with minimum effort but for most effective result, you can use this 300-208 dump which simulates the actual testing environment and allows you to focus on various sections of 300-208 exam. Best of luck!

QUESTION 226
During BYOD flow, where does a Microsoft Windows 8.1 PC download the Network Setup Assistant from?

A. from Cisco App Store
B. from Cisco ISE directly
C. from Microsoft App Store
D. It uses the native OTA functionality.

Answer: B

QUESTION 227
Which two attributes are delivered by the DHCP probe to the Cisco ISE? (Choose two.)

A. dhcp-client-identifier
B. framed-IP-address
C. host-name
D. calling-station-ID
E. MAC address

Answer: AC

QUESTION 228
Which option is the correct redirect-ACL for Wired-CWA, with 10.201.228.76 being the Cisco ISE IP address?

A. ip access-l ex ACL-WEBAUTH-REDIRECT
deny udp any any eq domain
deny ip any host 10.201.228.76
permit tcp any any eq 80
permit tcp any any eq 443
B. ip access-l ex ACL-WEBAUTH-REDIRECT
permit udp any any eq domain
permit ip any host 10.201.228.76
deny tcp any any eq 80
permit tcp any any eq 443
C. ip access-l ex ACL-WEBAUTH-REDIRECT
deny udp any any eq domain
permit tcp any host 10.201.228.76 eq 8443
deny ip any host 10.201.228.76
permit tcp any any eq 80
permit tcp any any eq 443
D. ip access-l ex ACL-WEBAUTH-REDIRECT
permit udp any any eq domain
deny ip any host 10.201.228.76
permit tcp any any eq 80
permit tcp any any eq 443

Answer: B

QUESTION 229
In Cisco ISE 1.3 and above, which two operations are allowed on Endpoint Certificates pages for issued endpoint certificates on the admin portal? (Choose two.)

A. unrevoke
B. delete
C. view
D. export
E. revoke

Answer: CE

QUESTION 230
Which statement about the CAK is true?

A. It is the master key that generates the other keys that MACsec requires.
B. Failed MACsec connections fall back to MAB by default.
C. It is the key that is used to discover MACsec peers and perform key negotiation between the peers.
D. It is the secret key that encrypts traffic during the connection.
E. It is the key that is used to negotiate session encryption keys.

Answer: A

QUESTION 231
Which remediation type ensures that Automatic Updates configuration is turned on Windows clients per security policy to remediate Windows clients for posture compliance?

A. AS Remediation
B. File Remediation
C. Launch Program Remediation
D. Windows Update Remediation
E. Windows Server Update Services Remediation

Answer: D

QUESTION 232
Which command on the switch ensures that the Service-Type attribute is sent with all RADIUS authentication request?

A. radius-server attribute 8 include-in-access-req
B. radius-server attribute 25 access-request include
C. radius-server attribute 6 on-for-login-auth
D. radius-server attribute 31 send nas-port-detail

Answer: C

QUESTION 233
Which protocol is EAP encapsulated in for communications between the authenticator and the authentication server?

A. EAP-MD5
B. IPsec
C. EAPOL
D. RADIUS

Answer: D

QUESTION 234
……

More questions are on my blog: http://www.passpmp.net/?s=300-208
Hope it can help u a lot!

Reply