300-715 Premium Bundle

300-715 Premium Bundle

Implementing and Configuring Cisco Identity Services Engine (SISE) Certification Exam

4.5 
(50295 ratings)
0 QuestionsPractice Tests
0 PDFPrint version
November 23, 2024Last update

Introducing The New!

Surepassexam Collection

Get Unlimited Access to all
Surepassexam's PREMIUM files

DOWNLOAD NOW
Download Quality. Itexamlabs.com Certified
  1. Home
  2. Cisco
  3. 300-715 Exam

Cisco 300-715 Free Practice Questions

Act now and download your Cisco 300-715 test today! Do not waste time for the worthless Cisco 300-715 tutorials. Download Far out Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) exam with real questions and answers and begin to learn Cisco 300-715 with a classic professional.

Free 300-715 Demo Online For Cisco Certifitcation:

NEW QUESTION 1
Which interface-level command is needed to turn on 802.1X authentication?

  • A. dot1x system-auth-control
  • B. dot1x pae authenticator
  • C. aaa server radius dynamic-author
  • D. authentication host-mode single- host

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sg/configuration/guide/conf/dot1x.html

NEW QUESTION 2
What occurs when a Cisco ISE distributed deployment has two nodes and the secondary node is deregistered?

  • A. The secondary node restarts.
  • B. The primary node restarts.
  • C. Both nodes restart.
  • D. The primary node becomes standalone.

Answer: C

NEW QUESTION 3
What are two benefits of TACACS+ versus RADIUS for device administration? (Choose two.)

  • A. TACACS+ has command authorization, and RADIUS does not.
  • B. TACACS+ uses UDP, and RADIUS uses TCP.
  • C. TACACS+ supports 802.1X, and RADIUS supports MAB.
  • D. TACACS+ provides the service type, and RADIUS does not.
  • E. TACACS+ encrypts the whole payload, and RADIUS encrypts only the password.

Answer: AE

NEW QUESTION 4
What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?

  • A. State attribute
  • B. Class attribute
  • C. Event
  • D. Cisco-av-pair

Answer: D

Explanation:
Reference: https://community.cisco.com/t5/network-access-control/ise-airespace-acl-wlc-problem/td-p/2110491

NEW QUESTION 5
What is a characteristic of the UDP protocol?

  • A. UDP can detect when a server is down.
  • B. UDP can detect when a server is slow.
  • C. UDP offers best-effort delivery.
  • D. UDP offers information about a non-existent server.

Answer: C

NEW QUESTION 6
Which two probes must be enabled for the ARP cache to function in the Cisco ISE profiling service so that a user can reliably bind the IP addresses and MAC addresses of endpoints? (Choose two.)

  • A. SNMP
  • B. HTTP
  • C. RADIUS
  • D. DHCP
  • E. NetFlow

Answer: CD

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010100.html

NEW QUESTION 7
Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of?

  • A. blacklist
  • B. unknown
  • C. whitelist
  • D. profiled
  • E. endpoint

Answer: B

Explanation:
Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html

NEW QUESTION 8
How is policy services node redundancy achieved in a deployment?

  • A. by creating a node group
  • B. by deploying both primary and secondary node
  • C. by enabling VIP
  • D. by utilizing RADIUS server list on the NAD

Answer: B

NEW QUESTION 9
Which two responses from the RADIUS server to NAS are valid during the authentication process? (Choose two.)

  • A. access-challenge
  • B. access-accept
  • C. access-request
  • D. access-reserved
  • E. access-response

Answer: AB

NEW QUESTION 10
Which two values are compared by the binary comparison function in authentication that is based on Active Directory?

  • A. user-presented certificate and a certificate stored in Active Directory
  • B. MS-CHAPv2 provided machine credentials and credentials stored in Active Directory
  • C. user-presented password hash and a hash stored in Active Directory
  • D. subject alternative name and the common name

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/ISE-ADIntegrationDoc/b_ISE-ADIntegration.html

NEW QUESTION 11
Which protocol must be allowed for a BYOD device to access the BYOD portal?

  • A. HTTPS
  • B. HTTP
  • C. SSH
  • D. SMTP

Answer: A

NEW QUESTION 12
What gives Cisco ISE an option to scan endpoints for vulnerabilities?

  • A. authentication policy
  • B. authorization profile
  • C. authentication profile
  • D. authorization policy

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_010100.html

NEW QUESTION 13
What allows an endpoint to obtain a digital certificate from Cisco ISE during a BYOD flow?

  • A. Application Visibility and Control
  • B. Supplicant Provisioning Wizard
  • C. My Devices Portal
  • D. Network Access Control

Answer: C

NEW QUESTION 14
Which two features must be used on Cisco ISE to enable the TACACS+ feature? (Choose two.)

  • A. Command Sets
  • B. Server Sequence
  • C. Device Administration License
  • D. External TACACS Servers
  • E. Device Admin Service

Answer: CE

NEW QUESTION 15
What is a method for transporting security group tags throughout the network?

  • A. by embedding the security group tag in the 802.1Q header
  • B. by the Security Group Tag Exchange Protocol
  • C. by enabling 802.1AE on every network device
  • D. by embedding the security group tag in the IP header

Answer: B

NEW QUESTION 16
Which three default endpoint identity groups does Cisco ISE create? (Choose three.)

  • A. endpoint
  • B. unknown
  • C. blacklist
  • D. profiled
  • E. whitelist

Answer: BCD

Explanation:
Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html#wp1203054

NEW QUESTION 17
What must match between Cisco ISE and the network access device to successfully authenticate endpoints?

  • A. shared secret
  • B. profile
  • C. certificate
  • D. SNMP version

Answer: A

Explanation:
Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_network_devices.html

NEW QUESTION 18
What must be configured on the Cisco ISE authentication policy for unknown MAC addresses/identities for successful authentication?

  • A. continue
  • B. pass
  • C. drop
  • D. reject

Answer: A

NEW QUESTION 19
Which two endpoint compliance statuses are possible? (Choose two.)

  • A. compliant
  • B. valid
  • C. unknown
  • D. known
  • E. invalid

Answer: AC

NEW QUESTION 20
Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two.)

  • A. TCP 80
  • B. TCP 8905
  • C. TCP 8443
  • D. TCP 8906
  • E. TCP 443

Answer: BC

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/installation_guide/b_ise_InstallationGuide20/Cisco_SNS_3400_Series_Appliance_Ports_Reference.html

NEW QUESTION 21
When configuring Active Directory groups, what does the Cisco ISE use to resolve ambiguous group names?

  • A. MIB
  • B. SID
  • C. MAB
  • D. TGT

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/ise_active_directory_integration/b_ISE_AD_integration_2x.html

NEW QUESTION 22
Which two components are required for creating a Native Supplicant Profile within a BYOD flow? (Choose two.)

  • A. Redirect ACL
  • B. Connection Type
  • C. Operating System
  • D. Windows Settings
  • E. iOS Settings

Answer: CE

NEW QUESTION 23
......

Recommend!! Get the Full 300-715 dumps in VCE and PDF From DumpSolutions.com, Welcome to Download: https://www.dumpsolutions.com/300-715-dumps/ (New 60 Q&As Version)


START 300-715 EXAM
© All pages Copyright to 2024 by itexamlabs.com. All rights reserved. testpreplab.com certstest.com