1. Home
  2. Cisco
  3. 300-715

Implementing and Configuring Cisco Identity Services Engine (SISE)

Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :404 Q&As
  • Last Updated
    :Apr 14, 2025

Cisco CCNP Security 300-715 Questions & Answers

  • Question 191:

    An administrator is configuring cisco ISE lo authenticate users logging into network devices live logs. Which action ensures the users are able to log into the network devices?

    A. Enable the device administration service in the Administration persona

    B. Enable the session services in the administration persona.

    C. Enable the service sessions in the PSN persona.

    D. Enable the device administration service in the PSN persona.

  • Question 192:

    An engineer is configuring a dedicated SSID for onboarding devices. Which SSID type accomplishes this configuration?

    A. dual

    B. hidden

    C. broadcast

    D. guest

  • Question 193:

    An organization wants to split their Cisco ISE deployment to separate the device administration functionalities from the mam deployment. For this to work, the administrator must deregister any nodes that will become a part of the new deployment, but the button for this option is grayed out

    Which configuration is causing this behavior?

    A. One of the nodes is an active PSN.

    B. One of the nodes is the Primary PAN

    C. All of the nodes participate in the PAN auto failover.

    D. All of the nodes are actively being synched.

  • Question 194:

    An administrator for a small network is configuring Cisco ISE to provide dynamic network access to users. Management needs Cisco ISE to not automatically trigger a CoA whenever a profile change is detected. Instead, the administrator needs to verify the new profile and manually trigger a CoA What must be configuring in the profiler to accomplish this goal?

    A. Port Bounce

    B. No CoA

    C. Session Query

    D. Reauth

  • Question 195:

    A customer wants to set up the Sponsor portal and delegate the authentication flow to a third party for added security while using Kerberos. Which database should be used to accomplish this goal?

    A. RSA Token Server

    B. Active Directory

    C. Local Database

    D. LDAP

  • Question 196:

    An administrator is configuring a Cisco ISE posture agent in the client provisioning policy and needs to ensure that the posture policies that interact with clients are monitored, and end users are required to comply with network usage rules Which two resources must be added in Cisco ISE to accomplish this goal? (Choose two)

    A. AnyConnect

    B. Supplicant

    C. Cisco ISE NAC

    D. PEAP

    E. Posture Agent

  • Question 197:

    Refer to the exhibit

    Which switch configuration change will allow only one voice and one data endpoint on each port?

    A. Multi-auth to multi-domain

    B. Mab to dot1x

    C. Auto to manual

    D. Multi-auth to single-auth

  • Question 198:

    An administrator needs to give the same level of access to the network devices when users are logging into them using TACACS+ However, the administrator must restrict certain commands based on one of three user roles that require different commands

    How is this accomplished without creating too many objects using Cisco ISE?

    A. Create one shell profile and multiple command sets.

    B. Create multiple shell profiles and multiple command sets.

    C. Create one shell profile and one command set.

    D. Create multiple shell profiles and one command set

  • Question 199:

    A Cisco ISE administrator needs to ensure that guest endpoint registrations are only valid for one day When testing the guest policy flow, the administrator sees that the Cisco ISE does not delete the endpoint in the Guest Endpoints identity store after one day and allows access to the guest network after that period. Which configuration is causing this problem?

    A. The Endpoint Purge Policy is set to 30 days for guest devices

    B. The RADIUS policy set for guest access is set to allow repeated authentication of the same device

    C. The length of access is set to 7 days in the Guest Portal Settings

    D. The Guest Account Purge Policy is set to 15 days

  • Question 200:

    A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices Where in the Layer 2 frame should this be verified?

    A. CMD filed

    B. 802.1Q filed

    C. Payload

    D. 802.1 AE header

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.