1. Home
  2. Cisco
  3. 300-715

Implementing and Configuring Cisco Identity Services Engine (SISE)

Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :404 Q&As
  • Last Updated
    :Apr 14, 2025

Cisco CCNP Security 300-715 Questions & Answers

  • Question 201:

    An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants Which portal must the security engineer configure to accomplish this task?

    A. MDM

    B. Client provisioning

    C. My devices

    D. BYOD

  • Question 202:

    A Cisco ISE server sends a CoA to a NAD after a user logs in successfully using CWA Which action does the CoA perform?

    A. It terminates the client session

    B. It applies the downloadable ACL provided in the CoA

    C. It applies new permissions provided in the CoA to the client session.

    D. It triggers the NAD to reauthenticate the client

  • Question 203:

    Refer to the exhibit.

    In which scenario does this switch configuration apply?

    A. when allowing a hub with multiple clients connected

    B. when passing IP phone authentication

    C. when allowing multiple IP phones to be connected

    D. when preventing users with hypervisor

  • Question 204:

    When configuring an authorization policy, an administrator cannot see specific Active Directory groups present in their domain to be used as a policy condition. However, other groups that are in the same domain are seen What is causing this issue?

    A. Cisco ISE only sees the built-in groups, not user created ones

    B. The groups are present but need to be manually typed as conditions

    C. Cisco ISE's connection to the AD join point is failing

    D. The groups are not added to Cisco ISE under the AD join point

  • Question 205:

    A network administrator changed a Cisco ISE deployment from pilot to production and noticed that the JVM memory utilization increased significantly. The administrator suspects this is due to replication between the nodes What must be configured to minimize performance degradation?

    A. Review the profiling policies for any misconfiguration

    B. Enable the endpoint attribute filter

    C. Change the reauthenticate interval.

    D. Ensure that Cisco ISE is updated with the latest profiler feed update

  • Question 206:

    An administrator is configuring new probes to use with Cisco ISE and wants to use metadata to help profile the endpoints. The metadata must contain traffic information relating to the endpoints instead of industry-standard protocol information Which probe should be enabled to meet these requirements?

    A. NetFlow probe

    B. DNS probe

    C. DHCP probe

    D. SNMP query probe

  • Question 207:

    An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones The phones do not have the ability to authenticate via 802 1X

    Which command is needed on each switch port for authentication?

    A. dot1x system-auth-control

    B. enable bypass-mac

    C. enable network-authentication

    D. mab

  • Question 208:

    A network administrator is setting up wireless guest access and has been unsuccessful in testing client access. The endpoint is able to connect to the SSID but is unable to grant access to the guest network through the guest portal. What must be done to identify the problem?

    A. Use context visibility to verify posture status.

    B. Use the endpoint ID to execute a session trace.

    C. Use the identity group to validate the authorization rules.

    D. Use traceroute to ensure connectivity.

  • Question 209:

    An administrator is configuring TACACS+ on a Cisco switch but cannot authenticate users with Cisco ISE. The configuration contains the correct key of Cisc039712287. but the switch is not receiving a response from the Cisco ISE instance What must be done to validate the AAA configuration and identify the problem with the TACACS+ servers?

    A. Check for server reachability using the test aaa group tacacs+ admin legacy command.

    B. Test the user account on the server using the test aaa group radius server CUCS user admin pass legacy command.

    C. Validate that the key value is correct using the test aaa authentication admin legacy command.

    D. Confirm the authorization policies are correct using the test aaa authorization admin drop legacy command.

  • Question 210:

    An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network They have multiple vendors' firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this

    What should be done to enable this type of posture check?

    A. Use the file registry condition to ensure that the firewal is installed and running appropriately.

    B. Use a compound condition to look for the Windows or Mac native firewall applications.

    C. Enable the default firewall condition to check for any vendor firewall application.

    D. Enable the default application condition to identify the applications installed and validade the firewall app.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.