300-715 Guide

Free Cisco 300-715 Exam Price Online

Exam Code: 300-715 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing and Configuring Cisco Identity Services Engine (SISE)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-715 Exam.

Cisco 300-715 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
What is the minimum certainty factor when creating a profiler policy?

  • A. the minimum number that a predefined condition provides
  • B. the maximum number that a predefined condition provides
  • C. the minimum number that a device certainty factor must reach to become a member of the profile
  • D. the maximum number that a device certainty factor must reach to become a member of the profile

Answer: C

NEW QUESTION 2
What are two benefits of TACACS+ versus RADIUS for device administration? (Choose two.)

  • A. TACACS+ has command authorization, and RADIUS does not.
  • B. TACACS+ uses UDP, and RADIUS uses TCP.
  • C. TACACS+ supports 802.1X, and RADIUS supports MAB.
  • D. TACACS+ provides the service type, and RADIUS does not.
  • E. TACACS+ encrypts the whole payload, and RADIUS encrypts only the password.

Answer: AE

NEW QUESTION 3
What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two.)

  • A. Client Provisioning portal
  • B. remediation actions
  • C. updates
  • D. access policy
  • E. conditions

Answer: BE

NEW QUESTION 4
Which two features must be used on Cisco ISE to enable the TACACS+ feature? (Choose two.)

  • A. Command Sets
  • B. Server Sequence
  • C. Device Administration License
  • D. External TACACS Servers
  • E. Device Admin Service

Answer: CE

NEW QUESTION 5
What are two requirements of generating a single certificate in Cisco ISE by using a certificate provisioning portal, without generating a certificate signing request? (Choose two.)

  • A. Enter the IP address of the device.
  • B. Enter the common name.
  • C. Choose the hashing method.
  • D. Locate the CSV file for the device MAC.
  • E. Select the certificate template.

Answer: BE

Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200534-ISE-2-0-Certificate-Provisioning-Portal.html

NEW QUESTION 6
Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two.)

  • A. new AD user 802.1X authentication
  • B. hotspot
  • C. posture
  • D. guest AUP
  • E. BYOD

Answer: BD

NEW QUESTION 7
Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles? (Choose two.)

  • A. ASA
  • B. Firepower
  • C. Shell
  • D. WLC
  • E. IOS

Answer: CD

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2--1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_0100010.html

NEW QUESTION 8
What gives Cisco ISE an option to scan endpoints for vulnerabilities?

  • A. authentication policy
  • B. authorization profile
  • C. authentication profile
  • D. authorization policy

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_010100.html

NEW QUESTION 9
What occurs when a Cisco ISE distributed deployment has two nodes and the secondary node is deregistered?

  • A. The secondary node restarts.
  • B. The primary node restarts.
  • C. Both nodes restart.
  • D. The primary node becomes standalone.

Answer: C

NEW QUESTION 10
Which supplicant(s) and server(s) are capable of supporting EAP-CHAINING?

  • A. Cisco Secure Services Client and Cisco Access Control Server
  • B. Cisco AnyConnect NAM and Cisco Identity Service Engine
  • C. Cisco AnyConnect NAM and Cisco Access Control Server
  • D. Windows Native Supplicant and Cisco Identity Service Engine

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/eap-fast/200322-Understanding-EAP-FAST-and-Chaining-imp.html

NEW QUESTION 11
Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two.)

  • A. TCP 80
  • B. TCP 8905
  • C. TCP 8443
  • D. TCP 8906
  • E. TCP 443

Answer: BC

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/installation_guide/b_ise_InstallationGuide20/Cisco_SNS_3400_Series_Appliance_Ports_Reference.html

NEW QUESTION 12
What is a method for transporting security group tags throughout the network?

  • A. by embedding the security group tag in the 802.1Q header
  • B. by the Security Group Tag Exchange Protocol
  • C. by enabling 802.1AE on every network device
  • D. by embedding the security group tag in the IP header

Answer: B

NEW QUESTION 13
What is a valid guest portal type?

  • A. Sponsor
  • B. Sponsored-Guest
  • C. Captive-Guest
  • D. My Devices

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_01111.html

NEW QUESTION 14
Which two responses from the RADIUS server to NAS are valid during the authentication process? (Choose two.)

  • A. access-challenge
  • B. access-accept
  • C. access-request
  • D. access-reserved
  • E. access-response

Answer: AB

NEW QUESTION 15
What is the purpose of the ip http server
command on a switch?

  • A. It enables the https server for users for web authentication.
  • B. It enables dot1x authentication on the switch.
  • C. It enables MAB authentication on the switch.
  • D. It enables the switch to redirect users for web authentication.

Answer: C

NEW QUESTION 16
Which configuration is required in the Cisco ISE authentication policy to allow Central Web Authentication?

  • A. MAB and if user not found, continue
  • B. MAB and if authentication failed, continue
  • C. Dot1x and if authentication failed, continue
  • D. Dot1x and if user not found, continue

Answer: A

NEW QUESTION 17
Which are two characteristics of TACACS+? (Choose two.)

  • A. It separates authorization and authentication functions.
  • B. It combines authorization and authentication functions.
  • C. It uses UDP port 49.
  • D. It encrypts the password only.
  • E. It uses TCP port 49.

Answer: AE

Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/13838-10.html

NEW QUESTION 18
Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of?

  • A. blacklist
  • B. unknown
  • C. whitelist
  • D. profiled
  • E. endpoint

Answer: B

Explanation:
Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html

NEW QUESTION 19
Which two probes must be enabled for the ARP cache to function in the Cisco ISE profiling service so that a user can reliably bind the IP addresses and MAC addresses of endpoints? (Choose two.)

  • A. SNMP
  • B. HTTP
  • C. RADIUS
  • D. DHCP
  • E. NetFlow

Answer: CD

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010100.html

NEW QUESTION 20
Which statement about configuring certificates for BYOD is true?

  • A. The SAN field is populated with the end user name.
  • B. The CN field is populated with the endpoint host name.
  • C. An endpoint certificate is mandatory for the Cisco ISE BYOD.
  • D. An Android endpoint uses EST, whereas other operating systems use SCEP for enrollment.

Answer: C

NEW QUESTION 21
Which port does Cisco ISE use for native supplicant provisioning of a Windows laptop?

  • A. TCP 8905
  • B. TCP 8909
  • C. TCP 443
  • D. UDP 1812

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010101.html

NEW QUESTION 22
......

P.S. Easily pass 300-715 Exam with 60 Q&As Dumps-hub.com Dumps & pdf Version, Welcome to Download the Newest Dumps-hub.com 300-715 Dumps: https://www.dumps-hub.com/300-715-dumps.html (60 New Questions)


To know more about the 300-715, click here.

Tagged as : Cisco 300-715 Dumps, Download 300-715 pdf, 300-715 VCE, 300-715 pass4sure, examcollection 300-715