Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Cisco 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

Cisco 300-715 Premium Access     Download Demo    
Page: 4 / 9
Total 295 questions

What gives Cisco ISE an option to scan endpoints for vulnerabilities?

A.

authorization policy

B.

authentication policy

C.

authentication profile

D.

authorization profile

A user reports that the RADIUS accounting packets are not being seen on the Cisco ISE server.

Which command is the user missing in the switch’s configuration?

A.

radius-server vsa send accounting

B.

aaa accounting network default start-stop group radius

C.

aaa accounting resource default start-stop group radius

D.

aaa accounting exec default start-stop group radios

Which type of identity store allows for creating single-use access credentials in Cisco ISE?

A.

OpenLDAP

B.

Local

C.

PKI

D.

RSA SecurID

An engineer must use Cisco ISE to provide network access to endpoints that cannot support 802.1X. The endpoint MAC addresses must be allowlisted by configuring an endpoint identity group. These configurations were performed:

• configured an identity group named allowlist

• configured the endpoints to use the MAC address of incompatible 802.1X devices

• added the endpoints to the allowlist identity group

• configured an authentication policy for MAB users

What must be configured?

A.

authorization profile that has the PermitAccess permission and matches the allowlist identity group

B.

logical profile that matches the allowlist identity group based on the configured policy

C.

authentication profile that has the PermitAccess permission and matches the allowlist identity group authorization policy that has the PermitAccess permission and matches the allowlist identity group

D.

authorization policy that has the PermitAccess permission and matches the allowtist identity group

What does the dot1x system-auth-control command do?

A.

causes a network access switch not to track 802.1x sessions

B.

globally enables 802.1x

C.

enables 802.1x on a network access device interface

D.

causes a network access switch to track 802.1x sessions

Which profiling probe collects the user-agent string?

A.

DHCP

B.

AD

C.

HTTP

D.

NMAP

What is a valid guest portal type?

A.

Sponsored-Guest

B.

My Devices

C.

Sponsor

D.

Captive-Guest

An engineer is working on a switch and must tag packets with SGT values such that it learns via SXP. Which command must be entered to meet this requirement?

A.

ip source guard

B.

ip dhcp snooping

C.

ip device tracking maximum

D.

ip arp inspection

If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?

A.

Client Provisioning

B.

Guest

C.

BYOD

D.

Blacklist

Refer to the exhibit.

Which two configurations are needed on a catalyst switch for it to be added as a network access device in a Cisco ISE that is being used for 802 1X authentications? (Choose two )

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E