Best October Special Limited Time 50% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4s50disc

300-715 PDF

$51.25

$102.5

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

300-715 PDF + Testing Engine

$70

$139.99

3 Months Free Update

  • Exam Name: Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Last Update: Oct 20, 2021
  • Questions and Answers: 150
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

300-715 Engine

$57.5

$114.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

300-715 Implementing and Configuring Cisco Identity Services Engine (SISE) Questions and Answers

Question # 4

Which RADIUS attribute is used to dynamically assign the Inactivity active timer for MAB users from the Cisco ISE node?

A.

session timeout

B.

idle timeout

C.

radius-server timeout

D.

termination-action

Full Access
Question # 5

An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication. Which access will be denied in this?

A.

HTTP

B.

DNS

C.

EAP

D.

DHCP

Full Access
Question # 6

Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two.)

A.

hotspot

B.

new AD user 802 1X authentication

C.

posture

D.

BYOD

E.

guest AUP

Full Access
Question # 7

Which three default endpoint identity groups does cisco ISE create? (Choose three)

A.

Unknown

B.

whitelist

C.

end point

D.

profiled

E.

blacklist

Full Access
Question # 8

An organization wants to split their Cisco ISE deployment to separate the device administration functionalities from the mam deployment. For this to work, the administrator must deregister any nodes that will become a part of the new deployment, but the button for this option is grayed out Which configuration is causing this behavior?

A.

One of the nodes is an active PSN.

B.

One of the nodes is the Primary PAN

C.

All of the nodes participate in the PAN auto failover.

D.

All of the nodes are actively being synched.

Full Access
Question # 9

An engineer is implementing network access control using Cisco ISE and needs to separate the traffic based on the network device ID and use the IOS device sensor capability. Which probe must be used to accomplish this task?

A.

HTTP probe

B.

NetFlow probe

C.

network scan probe

D.

RADIUS probe

Full Access
Question # 10

Which two endpoint compliance statuses are possible? (Choose two.)

A.

unknown

B.

known

C.

invalid

D.

compliant

E.

valid

Full Access
Question # 11

An engineer is designing a new distributed deployment for Cisco ISE in the network and is considering failover options for the admin nodes. There is a need to ensure that an admin node is available for configuration of policies at all times. What is the requirement to enable this feature?

A.

one primary admin and one secondary admin node in the deployment

B.

one policy services node and one secondary admin node

C.

one policy services node and one monitoring and troubleshooting node

D.

one primary admin node and one monitoring and troubleshooting node

Full Access
Question # 12

An engineer is tasked with placing a guest access anchor controller in the DMZ. Which two ports or port sets must be opened up on the firewall to accomplish this task? (Choose two.)

A.

UDP port 1812 RADIUS

B.

TCP port 161

C.

TCP port 514

D.

UDP port 79

E.

UDP port 16666

Full Access
Question # 13

A company is attempting to improve their BYOD policies and restrict access based on certain criteria. The company's subnets are organized by building. Which attribute should be used in order to gain access based on location?

A.

static group assignment

B.

IP address

C.

device registration status

D.

MAC address

Full Access
Question # 14

What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two)

A.

updates

B.

remediation actions

C.

Client Provisioning portal

D.

conditions

E.

access policy

Full Access
Question # 15

An engineer is configuring a dedicated SSID for onboarding devices. Which SSID type accomplishes this configuration?

A.

dual

B.

hidden

C.

broadcast

D.

guest

Full Access
Question # 16

An engineer is configuring web authentication using non-standard ports and needs the switch to redirect traffic to the correct port. Which command should be used to accomplish this task?

A.

permit tcp any any eq

B.

aaa group server radius proxy

C.

ip http port

D.

aaa group server radius

Full Access
Question # 17

If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?

A.

Client Provisioning

B.

Guest

C.

BYOD

D.

Blacklist

Full Access
Question # 18

An organization wants to implement 802.1X and is debating whether to use PEAP-MSCHAPv2 or PEAP-EAP-TLS for authentication. Drag the characteristics on the left to the corresponding protocol on the right.

Full Access
Question # 19

Which two probes must be enabled for the ARP cache to function in the Cisco ISE profile service so that a user can reliably bind the IP address and MAC addresses of endpoints? (Choose two.)

A.

NetFlow

B.

SNMP

C.

HTTP

D.

DHCP

E.

RADIUS

Full Access
Question # 20

An administrator is configuring RADIUS on a Cisco switch with a key set to Cisc403012128 but is receiving the error “Authentication failed: 22040 Wrong password or invalid shared secret. “what must be done to address this issue?

A.

Add the network device as a NAD inside Cisco ISE using the existing key.

B.

Configure the key on the Cisco ISE instead of the Cisco switch.

C.

Use a key that is between eight and ten characters.

D.

Validate that the key is correct on both the Cisco switch as well as Cisco ISE.

Full Access
Question # 21

Which protocol must be allowed for a BYOD device to access the BYOD portal?

A.

HTTP

B.

SMTP

C.

HTTPS

D.

SSH

Full Access