★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
300-715 Product Description:
Exam Number/Code: 300-715 vce
Exam name: Implementing and Configuring Cisco Identity Services Engine (SISE)
n questions with full explanations
Certification: Cisco Certification
Last updated on Global synchronizing
Want to know Testking 300-715 Exam practice test features? Want to lear more about Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) certification experience? Study Precise Cisco 300-715 answers to Abreast of the times 300-715 questions at Testking. Gat a success with an absolute guarantee to pass Cisco 300-715 (Implementing and Configuring Cisco Identity Services Engine (SISE)) test on your first attempt.
Online 300-715 free questions and answers of New Version:
NEW QUESTION 1
Which two features must be used on Cisco ISE to enable the TACACS+ feature? (Choose two.)
- A. Command Sets
- B. Server Sequence
- C. Device Administration License
- D. External TACACS Servers
- E. Device Admin Service
NEW QUESTION 2
What does the dot1x system-auth-control command do?
- A. globally enables 802.1x
- B. causes a network access switch not to track 802.1x sessions
- C. enables 802.1x on a network access device interface
- D. causes a network access switch to track 802.1x sessions
NEW QUESTION 3
Which RADIUS attribute is used to dynamically assign the Inactivity active timer for MAB users from the Cisco ISE node?
- A. session-timeout
- B. termination-action
- C. radius-server timeout
- D. idle-timeout
NEW QUESTION 4
Which profiling probe collects the user-agent string?
- A. DHCP
- B. HTTP
- C. NMAP
- D. AD
NEW QUESTION 5
A user reports that the RADIUS accounting packets are not being seen on the Cisco ISE server. Which command is the user missing in the switch’s configuration?
- A. aaa accounting resource default start-stop group radius
- B. radius-server vsa send accounting
- C. aaa accounting network default start-stop group radius
- D. aaa accounting exec default start-stop group radius
NEW QUESTION 6
Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two.)
- A. new AD user 802.1X authentication
- B. hotspot
- C. posture
- D. guest AUP
- E. BYOD
NEW QUESTION 7
Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two.)
- A. TCP 80
- B. TCP 8905
- C. TCP 8443
- D. TCP 8906
- E. TCP 443
NEW QUESTION 8
What must be configured on the Cisco ISE authentication policy for unknown MAC addresses/identities for successful authentication?
- A. continue
- B. pass
- C. drop
- D. reject
NEW QUESTION 9
Which personas can a Cisco ISE node assume?
- A. policy service, gatekeeping, and monitoring
- B. administration, monitoring, and gatekeeping
- C. administration, policy service, and monitoring
- D. administration, policy service, gatekeeping
NEW QUESTION 10
Which two values are compared by the binary comparison function in authentication that is based on Active Directory?
- A. user-presented certificate and a certificate stored in Active Directory
- B. MS-CHAPv2 provided machine credentials and credentials stored in Active Directory
- C. user-presented password hash and a hash stored in Active Directory
- D. subject alternative name and the common name
NEW QUESTION 11
What are two requirements of generating a single certificate in Cisco ISE by using a certificate provisioning portal, without generating a certificate signing request? (Choose two.)
- A. Enter the IP address of the device.
- B. Enter the common name.
- C. Choose the hashing method.
- D. Locate the CSV file for the device MAC.
- E. Select the certificate template.
NEW QUESTION 12
Which command displays all 802.1X/MAB sessions that are active on the switch ports of a Cisco Catalyst switch?
- A. show authentication sessions interface Gi1/0/x output
- B. show authentication sessions
- C. show authentication sessions output
- D. show authentication sessions interface Gi 1/0/x
NEW QUESTION 13
Which two responses from the RADIUS server to NAS are valid during the authentication process? (Choose two.)
- A. access-challenge
- B. access-accept
- C. access-request
- D. access-reserved
- E. access-response
NEW QUESTION 14
What must match between Cisco ISE and the network access device to successfully authenticate endpoints?
- A. shared secret
- B. profile
- C. certificate
- D. SNMP version
NEW QUESTION 15
What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?
- A. State attribute
- B. Class attribute
- C. Event
- D. Cisco-av-pair
NEW QUESTION 16
What gives Cisco ISE an option to scan endpoints for vulnerabilities?
- A. authentication policy
- B. authorization profile
- C. authentication profile
- D. authorization policy
NEW QUESTION 17
What is a method for transporting security group tags throughout the network?
- A. by embedding the security group tag in the 802.1Q header
- B. by the Security Group Tag Exchange Protocol
- C. by enabling 802.1AE on every network device
- D. by embedding the security group tag in the IP header
NEW QUESTION 18
What is the minimum certainty factor when creating a profiler policy?
- A. the minimum number that a predefined condition provides
- B. the maximum number that a predefined condition provides
- C. the minimum number that a device certainty factor must reach to become a member of the profile
- D. the maximum number that a device certainty factor must reach to become a member of the profile
NEW QUESTION 19
Which two probes must be enabled for the ARP cache to function in the Cisco ISE profiling service so that a user can reliably bind the IP addresses and MAC addresses of endpoints? (Choose two.)
- A. SNMP
- B. HTTP
- C. RADIUS
- D. DHCP
- E. NetFlow
NEW QUESTION 20
Which permission is common to the Active Directory Join and Leave operations?
- A. Remove the Cisco ISE machine account from the domain.
- B. Search Active Directory to see if a Cisco ISE machine account already exists.
- C. Set attributes on the Cisco ISE machine account.
- D. Create a Cisco ISE machine account in the domain if the machine account does not already exist.
NEW QUESTION 21
Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of?
- A. blacklist
- B. unknown
- C. whitelist
- D. profiled
- E. endpoint
NEW QUESTION 22
Which protocol must be allowed for a BYOD device to access the BYOD portal?
- A. HTTPS
- B. HTTP
- C. SSH
- D. SMTP
NEW QUESTION 23
Which term refers to an endpoint agent that tries to join an 802.1X- enabled network?
- A. EAP server
- B. authenticator
- C. supplicant
- D. client
NEW QUESTION 24
Which use case validates a change of authorization?
- A. An endpoint that is disconnected from the network is discovered.
- B. Endpoints are created through device registration for the guests.
- C. An endpoint profiling policy is changed for authorization policy.
- D. An authenticated, wired EAP-capable endpoint is discovered.
NEW QUESTION 25
Thanks for reading the newest 300-715 exam dumps! We recommend you to try the PREMIUM 2passeasy 300-715 dumps in VCE and PDF here: https://www.2passeasy.com/dumps/300-715/ (60 Q&As Dumps)