Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

300-208 by Cisco - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

Which Cisco ISE 1.x protocol can be used to control admin access to network access devices?

A TACACS+
B RADIUS
C EAP
D Kerberos

Question 4

Which identity store option allows you to modify the directory services that run on TCP/IP?

A Lightweight Directory Access Protocol
B RSA SecurID server
C RADIUS
D Active Directory

Question 5

Which two profile attributes can be collected by a Cisco Catalyst Switch that supports Device Sensor? (Choose two.)

A LLDP agent information
B user agent
C DHCP options
D open ports
E operating system
F trunk ports

Question 6

Which protocol sends authentication and accounting in different requests?

A RADIUS
B TACACS+
C EAP-Chaining
D PEAP
E EAP-TLS

Question 7

Which feature of Cisco ASA allows VPN users to be postured against Cisco ISE without requiring an inline posture node?

A RADIUS Change of Authorization
B device tracking
C DHCP snooping
D VLAN hopping

Question 8

Which functionality does the Cisco ISE self-provisioning flow provide?

A It provides support for native supplicants, allowing users to connect devices directly to the network.
B It provides the My Devices portal, allowing users to add devices to the network.
C It provides support for users to install the Cisco NAC agent on enterprise devices.
D It provides self-registration functionality to allow guest users to access the network.

Question 9

What is the function of the SGACL policy matrix on a Cisco TrustSec domain with SGT Assignment?

A It determines which access policy to apply to the endpoint.
B It determines which switches are trusted within the TrustSec domain.
C It determines the path the SGT of the packet takes when entering the Cisco TrustSec domain.
D It lists all servers that are permitted to participate in the TrustSec domain.
E It lists all hosts that are permitted to participate in the TrustSec domain.

Question 10

Which three host modes support MACsec? (Choose three.)

A multidomain authentication host mode
B multihost mode
C multi-MAC host mode
D single-host mode
E dual-host mode
F multi-auth host mode

Question 11

When you select Centralized Web Auth in the ISE Authorization Profile, which two components host the web authentication portal? (Choose two.)

A ISE
B the WLC
C the access point
D the switch
E the endpoints

Question 12

What is the default posture status for non-agent capable devices, such as Linux and iDevices?

A Unknown
B Validated
C Default
D Compliant

Question 13

Which statement about a distributed Cisco ISE deployment is true?

A It can support up to two monitoring Cisco ISE nodes for high availability.
B It can support up to three load-balanced Administration ISE nodes.
C Policy Service ISE nodes can be configured in a redundant failover configuration.
D The Active Directory servers of Cisco ISE can be configured in a load-balanced configuration.

Question 14

Which three features should be enabled as best practices for MAB? (Choose three.)

A MD5
B IP source guard
C DHCP snooping
D storm control
E DAI
F URPF

Question 15

In this simulation, you are task to examine the various authentication events using the ISE GUI. For example, you should see events like Authentication succeeded. Authentication failed and etc...

Question 16

In this simulation, you are task to examine the various authentication events using the ISE GUI. For example, you should see events like Authentication succeeded. Authentication failed and etc...

Question 17

Which components must be selected for a client provisioning policy to do a Posture check on the Cisco ISE?

A Configuration Wizard, Wizard Profile
B Agent, Profile, Compliance Module
C Operating System, Posture Requirements
D Remediation Actions, Posture Requirements

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 4 • Questions 1-25 of 82

1 2 3 4

→

Know a question that should be here? Contribute to this exam

Which EAP method uses a modified version of the MS-CHAP authentication protocol?

A EAP-POTP
B EAP-TLS
C LEAP
D EAP-MD5

Under which circumstance would an inline posture node be deployed?

A When the NAD does not support CoA
B When the NAD cannot support the number of connected endpoints
C When a PSN is overloaded
D To provide redundancy for a PSN

Which four statements are correct regarding the event that occurred at 2014-05-07 00:19:07.004? (Choose four.)

A The IT_Corp authorization profile were applied.
B The it1 user was matched to the IT_Corp authorization policy.
C The it1 user supplicant used the PEAP (EAP-MSCHAPv2) authentication method.
D The it1 user was authenticated using MAB.
E The it1 user was successfully authenticated against AD1 identity store.
F The it1 user machine has been profiled as a Microsoft-Workstation.
G The it1 user machine has passed all the posture assessement tests.

Which two statements are correct regarding the event that occurred at 2014-05-07 00:16:55.393? (Choose two.)

A The failure reason was user entered the wrong username.
B The supplicant used the PAP authentication method.
C The username entered was it1.
D The user was authenticated against the Active Directory then also against the ISE interal user database and both fails.
E The NAS switch port where the user connected to has a MAC address of 44:03:A7:62:41:7F
F The user is being authenticated using 802.1X.
G The user failed the MAB.
H The supplicant stopped responding to ISE which caused the failure.