Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Cisco 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

Cisco 300-715 Premium Access     Download Demo    
Page: 5 / 8
Total 243 questions

An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords. Which two features must be configured to allow for this? (Choose two.)

A.

hotspot guest portal

B.

device registration WebAuth

C.

central WebAuth

D.

local WebAuth

E.

self-registered guest portal

An engineer needs to configure Cisco ISE Profiling Services to authorize network access for IP speakers that require access to the intercom system. This traffic needs to be identified if the ToS bit is set to 5 and the destination IP address is the intercom system. What must be configured to accomplish this goal?

A.

NMAP

B.

NETFLOW

C.

pxGrid

D.

RADIUS

A network engineer must enforce access control using special tags, without re-engineering the network design. Which feature should be configured to achieve this in a scalable manner?

A.

SGT

B.

dACL

C.

VLAN

D.

RBAC

A network administrator notices that after a company-wide shut down, many users cannot connect their laptops to the corporate SSID. What must be done to permit access in a timely manner?

A.

Authenticate the user's system to the secondary Cisco ISE node and move this user to the primary with the renewed certificate.

B.

Connect this system as a guest user and then redirect the web auth protocol to log in to the network.

C.

Add a certificate issue from the CA server, revoke the expired certificate, and add the new certificate in system.

D.

Allow authentication for expired certificates within the EAP-TLS section under the allowed protocols.

An administrator is configuring posture assessment in Cisco ISE for the first time. Which two components must be uploaded to Cisco ISE to use Anyconnect for the agent configuration in a client provisioning policy? (Choose two.)

A.

Anyconnect network visibility module

B.

Anyconnect compliance module

C.

AnyConnectProfile.xml file

D.

AnyConnectProfile.xsd file

E.

Anyconnect agent image

An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured, in addition to Active Directory groups, to achieve this goat? (Choose two )

A.

Active Directory External Identity Sources

B.

Library Condition for External Identity. External Groups

C.

Identity Source Sequences

D.

LDAP External Identity Sources

E Library Condition for Identity Group: User Identity Group

What are two requirements of generating a single signing in Cisco ISE by using a certificate provisioning portal, without generating a certificate request? (Choose two )

A.

Location the CSV file for the device MAC

B.

Select the certificate template

C.

Choose the hashing method

D.

Enter the common name

E.

Enter the IP address of the device

There are several devices on a network that are considered critical and need to be placed into the ISE database and a policy used for them. The organization does not want to use profiling. What must be done to accomplish this goal?

A.

Enter the MAC address in the correct Endpoint Identity Group.

B.

Enter the MAC address in the correct Logical Profile.

C.

Enter the IP address in the correct Logical Profile.

D.

Enter the IP address in the correct Endpoint Identity Group.

An administrator made changes in Cisco ISE and needs to apply new permissions for endpoints that have already been authenticated by sending a CoA packet to the network devices. Which IOS command must be configured on the devices to accomplish this goal?

A.

aaa server radius dynamic-author

B.

authentication command bounce-port

C.

authentication command disable-port

D.

aaa nas port extended

An engineer is implementing network access control using Cisco ISE and needs to separate the traffic based on the network device ID and use the IOS device sensor capability. Which probe must be used to accomplish this task?

A.

HTTP probe

B.

NetFlow probe

C.

network scan probe

D.

RADIUS probe