New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

Cisco 300-715 Premium Access     Download Demo    
Page: 5 / 9
Total 299 questions

An administrator replaced a PSN in the distributed Cisco ISE environment. When endpoints authenticate to it, the devices are not getting the right profiles or attributes and as a result, are not hitting the correct policies. This was working correctly on the previous PSN. Which action must be taken to ensure the endpoints get identified?

A.

Verify that the MnT node is tracking the session.

B.

Verify the shared secret used between the switch and the PSN.

C.

Verify that the profiling service is running on the new PSN.

D.

Verify that the authentication request the PSN is receiving is not malformed.

A user misplaces a personal phone and wants to blacklist the device from accessing the company network. The company uses Cisco ISE for corporate and BYOD device authentication. Which action must the user take in Cisco ISE?

A.

Sign in to the BYOD portal and mark the device as Lost.

B.

Sign in to the My Devices portal and mark the device as Lost.

C.

Sign in to the My Devices portal and mark the device as Irrecoverable.

D.

Sign in to the BYOD portal and mark the device as Irrecoverable.

What is the difference between how RADIUS and TACACS+ handle encryption?

A.

RADIUS encrypts the entire packet, whereas TACACS+ encrypts only the username and password fields.

B.

RADIUS encrypts the entire packet, whereas TACACS+ only encrypts the password field.

C.

RADIUS only encrypts the password field, whereas TACACS+ encrypts the payload of the packet.

D.

RADIUS encrypts only the username and password fields, whereas TACACS+ encrypts the entire packet.

An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords. Which two features must be configured to allow for this? (Choose two.)

A.

hotspot guest portal

B.

device registration WebAuth

C.

central WebAuth

D.

local WebAuth

E.

self-registered guest portal

A network engineer needs to deploy 802.1x using Cisco ISE in a wired network environment where thin clients download their system image upon bootup using PXE. For which mode must the switch ports be configured?

A.

closed

B.

restricted

C.

monitor

D.

low-impact

An engineer is configuring Central Web Authentication in Cisco ISE to provide guest access. When an authentication rule is configured in the Default Policy Set for the Wired_MAB or Wireless_MAB conditions, what must be selected for the "if user not found" setting?

A.

CONTINUE

B.

REJECT

C.

ACCEPT

D.

DROP

An administrator is configuring posture with Cisco ISE and wants to check that specific services are present on the workstations that are attempting to access the network. What must be configured to accomplish this goal?

A.

Create a registry posture condition using a non-OPSWAT API version.

B.

Create an application posture condition using a OPSWAT API version.

C.

Create a compound posture condition using a OPSWAT API version.

D.

Create a service posture condition using a non-OPSWAT API version.

Which two features must be used on Cisco ISE to enable the TACACS. feature? (Choose two)

A.

Device Administration License

B.

Server Sequence

C.

Command Sets

D.

Enable Device Admin Service

E.

External TACACS Servers

An engineer is deploying a new Cisco ISE environment for a company. The company wants the deployment to use TACACS+. The engineer verifies that Cisco ISE has a Device Administration license. What must be configured to enable TACACS+ operations?

A.

Device Administration Work Center

B.

Device Admin service

C.

Device Administration Deployment settings

D.

Device Admin Policy Sets settings

An engineer must use Cisco ISE profiler services to provide network access to Cisco IP phones that cannot support 802.1X. Cisco ISE is configured to use the access switch device sensor information system-description and platform-type to profile Cisco IP phones and allow access. Which two protocols must be configured on the switch to complete the configuration? (Choose two.)

A.

CDP

B.

EAPOL

C.

LLDP

D.

SNMP

E.

STP