1. Home
  2. Cisco
  3. 300-715

Implementing and Configuring Cisco Identity Services Engine (SISE)

Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP
  • Vendor
    :Cisco
  • Total Questions
    :371 Q&As
  • Last Updated
    :Nov 14, 2024

Cisco CCNP 300-715 Questions & Answers

  • Question 1:

    DRAG DROP

    Refer to the exhibit. An engineer must create a web authentication access policy in Cisco ISE that matches the exhibit. Drag and drop the configuration steps from the left into sequence on the right to accomplish this task.

    Select and Place:

  • Question 2:

    DRAG DROP

    Drag and drop the configuration steps from the left into the sequence on the right to install two Cisco ISE nodes in a distributed deployment.

    Select and Place:

  • Question 3:

    DRAG DROP

    An engineer needs to configure a compliance policy on Cisco ISE to ensure that the latest encryption software is running on the C drive of all endpoints. Drag and drop the configuration steps from the left into the sequence on the right to accomplish this task.

    Select and Place:

  • Question 4:

    DRAG DROP

    An engineer needs to export a file in CSV format, encrypted with the password C1$c0438563935, and contains users currently configured in Cisco ISE. Drag and drop the steps from the left into the sequence on the right to complete this task.

    Select and Place:

  • Question 5:

    A network administrator is configuring a new access switch to use with Cisco ISE for network access control. There is a need to use a centralized server for the reauthentication timers. What must be configured in order to accomplish this task?

    A. Issue the authentication timer reauthenticate server command on the switch.

    B. Configure Cisco ISE to block access after a certain period of time.

    C. Configure Cisco ISE to replace the switch configuration with new timers.

    D. Issue the authentication periodic command on the switch.

  • Question 6:

    An engineer must use Cisco ISE profiler services to provide network access to Cisco IP phones that cannot support 802.1X. Cisco ISE is configured to use the access switch device sensor information system-description and platform-type to profile Cisco IP phones and allow access. Which two protocols must be configured on the switch to complete the configuration? (Choose two.)

    A. SNMP

    B. EAPOL

    C. LLDP

    D. STP

    E. CDP

  • Question 7:

    Which controller option allows a user to switch from the provisioning SSID to the employee SSID after registration?

    A. User Idle Timeout

    B. AAA Override

    C. Fast SSID Change

    D. AP SSID Fallback

  • Question 8:

    An engineer configured posture assessment for their network access control with the goal of using an agent that supports using service conditions for the assessment. The agent should run as a background process to avoid user interruption, but the user can see it when it is run. What is the problem?

    A. The selected posture agent does not support the engineer's goal.

    B. The posture module was deployed using the headend instead of installing it with SCCM.

    C. The proper permissions were not given to the temporal agent to conduct the assessment.

    D. The user required remediation so the agent appeared in the notifications.

  • Question 9:

    To configure BYOD using Cisco ISE. an administrator is considering issuing certificates to the devices connecting to provide a better user experience. External CA servers cannot be used for this purpose because everything must be local to the Cisco ISE. What must be done to accomplish this?

    A. Use the captive portal network assistant to issue certificates to the endpoints as they authenticate.

    B. Use ISE as a sub CA for the BYOD portal and redirect users to the Root CA for certificate issuance.

    C. Configure the Cisco ISE Internal CA to issue certificates to each endpoint connecting to the BYOD network.

    D. Configure MS SCEP so that endpoints can query their local AD server for the correct certificate.

  • Question 10:

    An administrator is configuring endpoint profiling and needs to enable CoA for devices that change profiles. Which two actions must be taken to accomplish this goal? (Choose two.)

    A. Ensure that the firewall is not blocking port 1700

    B. Define "reauth" in the default CoA action to be used

    C. Use an API to detect when profile changes occur and send instructions to ISE to provide a CoA

    D. Modify the RADIUS endpoint attribute filters to send CoA actions as the profiles change

    E. Enable the CoA policy and create rules for each type

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.