Latest Practical Questions and answers for 300-208 CCNP Security Page 3 -- Infibee

Feedback

Home

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Networking
CCNP Security 300-208

11.

Which of the following is true?

A.
The authenticator decides whether the supplicant is allowed on the network.
B.
The EAP communication occurs between the supplicant and the authentication server.
C.
The supplicant uses RADIUS to communicate the user ’s identity to the authentication server.
D.
The authenticator uses EAP to send the user ’s credentials to the authentication server.

Answer & Explanation
Report

Answer : [B]
Explanation :

EAP communication occurs between the supplicant and the authentication server. The authenticator acts as a middleman and encapsulates the unmodified EAP frames within the RADIUS communication to the authentication server.

Report

Name

12.

Which supplicant(s) is capable of EAP chaining?

A.
Windows Native Supplicant
B.
Cisco AnyConnect NAM
C.
Cisco Secure Services Client (CSSC)
D.
Odyssey Client

Answer & Explanation
Report

Answer : [B]
Explanation :

Only Cisco AnyConnect NAM 3.1 and newer are capable of running EAP chaining as of the date this book was published.

Report

Name

13.

What is the purpose of an outer identity?

A.
The outer identity is used for dual-factor authentications such as a username/password combined with a one-time password (OTP).
B.
The outer identity provides a mechanism to modify the actual identity of the end user or device to allow for identity spoofing.
C.
The outer identity provides a mechanism to authenticate the identity of the endpoint during the tunnel establishment phase.
D.
The outer identity represents the machine, whereas the inner identity represents the user during EAP chaining.

Answer & Explanation
Report

Answer : [C]
Explanation :

The outer identity provides a mechanism to authenticate the identity of the endpoint during the tunnel establishment phase.

Report

Name

14.

True or False? IEEE 802.1X may use TACACS+ to communicate the EAP identity to the authentication server.

A.
True
B.
False

Answer & Explanation
Report

Answer : [B]
Explanation :

IEEE 802.1X must use RADIUS or DIAMETER. Note: DIAMETER is out of scope of the exam blueprint.

Report

Name

15.

True or False? The supplicant is required to trust the certificate of the authentication server before it will form the TLS tunnel within which the EAP transaction will occur.

A.
True
B.
False

Answer & Explanation
Report

Answer : [B]
Explanation :

Supplicants have the option to not authenticate the server certificate. Additionally, EAP-FAST offers the ability to use PAC files instead of certificates for tunnel establishment.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

Sitemap