[Q74-Q93] Verified 300-715 dumps Q&As - Pass Guarantee Exam Dumps Test Engine [2021]

Verified 300-715 dumps Q&As - Pass Guarantee Exam Dumps Test Engine [2021]

300-715 dumps and 153 unique questions

Cisco 300-715 Exam Syllabus Topics:

Topic	Details
Topic 1	Configure Cisco ISE Posture Agents And Operational Modes Configure Wired/Wireless 802.1X Network Access
Topic 2	Configure Policies Including Authentication And Authorization Profiles Configure Sponsor And Guest Portals
Topic 3	Describe Endpoint Compliance, Posture Services, And Client Provisioning Configure 802.1X Phasing Deployment
Topic 4	Network Access Device Administration Configure Native AD And LDAP
Topic 5	Configure Endpoint Identity Management Configure Guest Access Services
Topic 6	Configure Posture Conditions And Policy, And Client Provisioning Describe Identity Store Options
Topic 7	Configure Certificates For BYOD Implement Profiler Services
Topic 8	Configure BYOD Device On-Boarding Using Internal CA With Cisco Switches And Cisco Wireless LAN Controllers
Topic 9	Web Auth And Guest Services Configure Cisco Trustsec
Topic 10	Configure TACACS+ Device Administration And Command Authorization Architecture And Deployment
Topic 11	Describe Supplicant, Supplicant Options, Authenticator, And Server Describe Deployment Options
Topic 12	Configure Blacklist/Whitelist Describe Cisco BYOD Functionality Configure Web Authentication
Topic 13	Configure The Compliance Module Configure Network Access Devices

 

NEW QUESTION 74
What is a valid guest portal type?

• A. Captive-Guest
• B. Sponsor
• C. My Devices
• D. Sponsored-Guest

Answer: D

 

NEW QUESTION 75
What is a characteristic of the UDP protocol?

• A. UDP can detect when a server is down.
• B. UDP offers information about a non-existent server
• C. UDP can detect when a server is slow
• D. UDP offers best-effort delivery

Answer: D

Explanation:
https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/13838-10.html

 

NEW QUESTION 76
During BYOD flow, from where does a Microsoft Windows PC download the Network Setup Assistant?

• A. Cisco App Store
• B. Cisco ISE directly
• C. Microsoft App Store
• D. Native OTA functionality

Answer: A

 

NEW QUESTION 77
An administrator for a small network is configuring Cisco ISE to provide dynamic network access to users. Management needs Cisco ISE to not automatically trigger a CoA whenever a profile change is detected. Instead, the administrator needs to verify the new profile and manually trigger a CoA.
What must be configuring in the profiler to accomplish this goal?

• A. No CoA
• B. Session Query
• C. Reauth
• D. Port Bounce

Answer: A

Explanation:
Reference:
https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-profiling-policies

 

NEW QUESTION 78
An organization is hosting a conference and must make guest accounts for several of the speakers attending. The conference ended two days early but the guest accounts are still being used to access the network. What must be configured to correct this?

• A. Create an authorization rule denying sponsored guest access.
• B. Navigate to the Guest Portal and delete the guest accounts.
• C. Navigate to the Sponsor Portal and suspend the guest accounts.
• D. Create an authorization rule denying guest access.

Answer: D

 

NEW QUESTION 79
An administrator is configuring a Cisco ISE posture agent in the client provisioning policy and needs to ensure that the posture policies that interact with clients are monitored, and end users are required to comply with network usage rules Which two resources must be added in Cisco ISE to accomplish this goal? (Choose two)

• A. AnyConnect
• B. Posture Agent
• C. Cisco ISE NAC
• D. PEAP
• E. Supplicant

Answer: A,B

Explanation:
https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/guide/b_AnyConnect_Administrator_Guide_4-0/configure-posture.html
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/m_configure_client_provisioning.html#task_D1C2E8ECE1D54D259C01BCBF0A5822F1

 

NEW QUESTION 80
In a standalone Cisco ISE deployment, which two personas are configured on a node? (Choose two )

• A. administration
• B. primary
• C. publisher
• D. policy service
• E. subscriber

Answer: A,D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/admin_guide/b_ise_admin_guide_20/b_ise_admin_guide_20_chapter_010.html

 

NEW QUESTION 81

Refer to the exhibit Which switch configuration change will allow only one voice and one data endpoint on each port?

• A. Multi-auth to single-auth
• B. Mab to dot1x
• C. Auto to manual
• D. Multi-auth to multi-domain

Answer: D

Explanation:
Explanation
https://community.cisco.com/t5/network-access-control/cisco-ise-multi-auth-or-multi-host/m-p/3750907

 

NEW QUESTION 82
An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network They have multiple vendors' firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this What should be done to enable this type of posture check?

• A. Use a compound condition to look for the Windows or Mac native firewall applications.
• B. Enable the default firewall condition to check for any vendor firewall application.
• C. Enable the default application condition to identify the applications installed and validade the firewall app.
• D. Use the file registry condition to ensure that the firewal is installed and running appropriately.

Answer: B

Explanation:
https://www.youtube.com/watch?v=6Kj8P8Hn7dY&t=109s&ab_channel=CiscoISE-IdentityServicesEngine

 

NEW QUESTION 83
An engineer is testing Cisco ISE policies in a lab environment with no support for a deployment server. In order to push supplicant profiles to the workstations for testing, firewall ports will need to be opened. From which Cisco ISE persona should this traffic be originating?

• A. authentication
• B. policy service
• C. administration
• D. monitoring

Answer: A

 

NEW QUESTION 84
Refer to the exhibit.

A network engineers configuring the switch to accept downloadable ACLs from a Cisco ISC server Which two commands should be run to complete the configuration? (Choose two)

• A. ip device tracking
• B. aaa authorization auth-proxy default group radius
• C. radius-server attribute 8 include-in-access-req
• D. radius server vsa sand authentication
• E. dot1x system-auth-control

Answer: C,D

 

NEW QUESTION 85
A network administrator is configuring authorization policies on Cisco ISE There is a requirement to use AD group assignments to control access to network resources After a recent power failure and Cisco ISE rebooting itself, the AD group assignments no longer work What is the cause of this issue?

• A. The certificate checks are not being conducted.
• B. The AD join point is no longer connected.
• C. The AD DNS response is slow.
• D. The network devices ports are shut down.

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/ise_active_directory_integration/b_ISE_AD_integration_2x.html#ID612

 

NEW QUESTION 86
A company is attempting to improve their BYOD policies and restrict access based on certain criteri a. The company's subnets are organized by building. Which attribute should be used in order to gain access based on location?

• A. device registration status
• B. IP address
• C. static group assignment
• D. MAC address

Answer: A

 

NEW QUESTION 87
Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two.)

• A. BYOD
• B. hotspot
• C. new AD user 802 1X authentication
• D. posture
• E. guest AUP

Answer: C,D

 

NEW QUESTION 88
What is the minimum certainty factor when creating a profiler policy?

• A. the minimum number that a device certainty factor must reach to become a member of the profile
• B. the minimum number that a predefined condition provides
• C. the maximum number that a device certainty factor must reach to become a member of the profile
• D. the maximum number that a predefined condition provides

Answer: A

Explanation:
Section: Profiler
Explanation/Reference:

 

NEW QUESTION 89
Which two roles are taken on by the administration person within a Cisco ISE distributed environment?
(Choose two.)

• A. active
• B. standby
• C. backup
• D. primary
• E. secondary

Answer: D,E

 

NEW QUESTION 90
Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles? (Choose two.)

• A. Firepower
• B. Shell
• C. WLC
• D. IOS
• E. ASA

Answer: B,C

Explanation:
Section: Network Access Device Administration
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2--1/admin_guide/b_ise_admin_guide_21/ b_ise_admin_guide_20_chapter_0100010.html

 

NEW QUESTION 91
An organization wants to implement 802.1X and is debating whether to use PEAP-MSCHAPv2 or PEAP-EAP-TLS for authentication. Drag the characteristics on the left to the corresponding protocol on the right.

Answer:

Explanation:

 

NEW QUESTION 92
Which two ports do network devices typically use for CoA? (Choose two )

• A. 0
• B. 1
• C. 2
• D. 3
• E. 4

Answer: D,E

 

NEW QUESTION 93
......

300-715 Dumps for Pass Guaranteed - Pass 300-715 Exam: https://www.pass4training.com/300-715-pass-exam-training.html

300-715 Exam Dumps - Try Best 300-715 Exam Questions: https://drive.google.com/open?id=1_ztGavl4JEmtq_SziQcW6npb5OedftTD