1. Home
  2. Cisco
  3. 300-715

Implementing and Configuring Cisco Identity Services Engine (SISE)

Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :404 Q&As
  • Last Updated
    :Apr 14, 2025

Cisco CCNP Security 300-715 Questions & Answers

  • Question 171:

    A network administrator must use Cisco ISE to check whether endpoints have the correct version of antivirus installed Which action must be taken to allow this capability?

    A. Configure a native supplicant profile to be used for checking the antivirus version

    B. Configure Cisco ISE to push the HostScan package to the endpoints to check for the antivirus version.

    C. Create a Cisco AnyConnect Network Visibility Module configuration profile to send the antivirus information of the endpoints to Cisco ISE.

    D. Create a Cisco AnyConnect configuration within Cisco ISE for the Compliance Module and associated configuration files

  • Question 172:

    A network administrator must configura endpoints using an 802 1X authentication method with EAP identity certificates that are provided by the Cisco ISE When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network

    Which EAP type must be configured by the network administrator to complete this task?

    A. EAP-PEAP-MSCHAPv2

    B. EAP-TTLS

    C. EAP-FAST

    D. EAP-TLS

  • Question 173:

    Which two events trigger a CoA for an endpoint when CoA is enabled globally for ReAuth? (Choose two.)

    A. endpoint marked as lost in My Devices Portal

    B. addition of endpoint to My Devices Portal

    C. endpoint profile transition from Apple-Device to Apple-iPhone

    D. endpoint profile transition from Unknown to Windows 10-Workstation

    E. updating of endpoint dACL.

  • Question 174:

    An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication. Which access will be denied in this?

    A. HTTP

    B. DNS

    C. EAP

    D. DHCP

  • Question 175:

    An administrator is configuring RADIUS on a Cisco switch with a key set to Cisc403012128 but is receiving the error "Authentication failed: 22040 Wrong password or invalid shared secret. "

    What must be done to address this issue?

    A. Add the network device as a NAD inside Cisco ISE using the existing key.

    B. Configure the key on the Cisco ISE instead of the Cisco switch.

    C. Use a key that is between eight and ten characters.

    D. Validate that the key is correct on both the Cisco switch as well as Cisco ISE.

  • Question 176:

    An administrator connects an HP printer to a dot1x enable port, but the printer in not accessible Which feature must the administrator enable to access the printer?

    A. MAC authentication bypass

    B. change of authorization

    C. TACACS authentication

    D. RADIUS authentication

  • Question 177:

    A network engineer has been tasked with enabling a switch to support standard web authentication for Cisco ISE. This must include the ability to provision for URL redirection on authentication Which two commands must be entered to meet this requirement? (Choose two)

    A. Ip http secure-authentication

    B. Ip http server

    C. Ip http redirection

    D. Ip http secure-server

    E. Ip http authentication

  • Question 178:

    An administrator is trying to collect metadata information about the traffic going across the network to gam added visibility into the hosts. This Information will be used to create profiling policies for devices us mg Cisco ISE so that network access policies can be used.

    What must be done to accomplish this task?

    A. Configure the RADIUS profiling probe within Cisco ISE

    B. Configure NetFlow to be sent to me Cisco ISE appliance.

    C. Configure SNMP to be used with the Cisco ISE appliance

    D. Configure the DHCP probe within Cisco ISE

  • Question 179:

    Refer to the exhibit.

    Which component must be configured to apply the SGACL?

    A. egress router

    B. host

    C. secure server

    D. ingress router

  • Question 180:

    An engineer is creating a new TACACS* command set and cannot use any show commands after togging into the device with this command set authorization. Which configuration is causing this issue?

    A. Question marks are not allowed as wildcards for command sets.

    B. The command set is allowing all commands that are not in the command list

    C. The wildcard command listed is in the wrong format

    D. The command set is working like an ACL and denying every command.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.