1. Home
  2. Cisco
  3. 300-715

Implementing and Configuring Cisco Identity Services Engine (SISE)

Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :404 Q&As
  • Last Updated
    :Apr 14, 2025

Cisco CCNP Security 300-715 Questions & Answers

  • Question 261:

    An engineer is working on a switch and must tag packets with SGT values such that it learns via SXP. Which command must be entered to meet this requirement?

    A. ip source guard

    B. ip arp inspection

    C. ip device tracking maximum

    D. ip dhcp snooping

  • Question 262:

    Which platform does a Windows-based device download the Network Assistant from?

    A. Microsoft app store

    B. Cisco ISE

    C. native OS

    D. Cisco download site

  • Question 263:

    Guest users report repeated prompts to authenticate with the portal when connecting to a wireless network. An administrator must configure Cisco ISE to reduce the number of prompts. The solution must meet the requirements:

    1.

    Users must be authenticated once.

    2.

    When reconnecting to the visitor network, users do not need to be redirected to the login page.

    Which action completes the configuration?

    A. Configure an authorization profile to send a redirection access control list only for unauthenticated users.

    B. Configure the Wi-Fi Guest Access policy to allow the GuestEndpoint group.

    C. Configure an authorization rule for guest flow to bypass authenticated MAC address.

    D. Configure an authentication rule for MAC Authentication Bypass users to add an authenticated MAC address in an identity group.

  • Question 264:

    A network security administrator needs a web authentication configuration when a guest user connects to the network with a wireless connection using these steps:

    1.

    An initial MAB request is sent to the Cisco ISE node.

    2.

    Cisco ISE responds with a URL redirection authorization profile if the user's MAC address is unknown in the endpoint identity store.

    3.

    The URL redirection presents the user with an AUP acceptance page when the user attempts to go to any URL.

    Which authentication must the administrator configure on Cisco ISE?

    A. wired NAD with local WebAuth

    B. WLC with local WebAuth

    C. NAD with central WebAuth D. device registration WebAuth

  • Question 265:

    A network engineer is implementing cisco ISE and needs to configure 802.1x. the ports settings are configured for port-based authentication. Which command should be used to complete this configuration?

    A. aaa authentication dot1x default group radius

    B. dot1x system-auth-control

    C. authentication port-control auto

    D. dot1x pae authenticator

  • Question 266:

    Refer to the exhibit.

    A network engineers configuring the switch to accept downloadable ACLs from a Cisco ISC server.

    Which two commands should be run to complete the configuration? (Choose two)

    A. AAA authorization auth-proxy default group radius

    B. radius server vsa sand authentication

    C. radius-server attribute 8 include-in-access-req

    D. IP device tracking

    E. dot1x system-auth-control

  • Question 267:

    An administrator is adding a switch to the network that is running cisco ISE and is only for IP phones. the phones do not have the ability to authenticate via 802.1x. Which command is needed on each switch port for authentication?

    A. dot1x system-auth-control

    B. enable bypass-mac

    C. enable network-authentication

    D. mab

  • Question 268:

    An engineer is configuring a guest password policy and needs to ensure that the password complexity requirements are set to mitigate brute force attacks. Which two requirements complete this policy? (Choose two.)

    A. minimum password length

    B. active username limit

    C. access code control

    D. password expiration period

    E. username expiration date

  • Question 269:

    An engineer is using Cisco ISE and configuring guest services to allow wireless devices to access the network. Which action should accomplish this task?

    A. Create the redirect ACL on the WLC and add it to the WLC policy

    B. Create the redirect ACL on the WLC and add it to the Cisco ISE policy.

    C. Create the redirect ACL on Cisco ISE and add it to the WLC policy

    D. Create the redirect ACL on Cisco ISE and add it to the Cisco ISE Policy

  • Question 270:

    A network engineer needs to ensure that the access credentials are not exposed during the 802.1x authentication among components. Which two protocols should complete this task? (Choose two.)

    A. PEAP

    B. EAP-MD5

    C. LEAP

    D. EAP-TLS

    E. EAP-TTLS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.