Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Cisco 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

Cisco 300-715 Premium Access     Download Demo    
Page: 6 / 9
Total 303 questions

An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones The phones do not have the ability to authenticate via 802 1X Which command is needed on each switch port for authentication?

A.

dot1x system-auth-control

B.

enable bypass-mac

C.

enable network-authentication

D.

mab

An administrator is adding network devices for a new medical building into Cisco ISE. These devices must be in a network device group that is identifying them as "Medical Switch" so that the policies can be made separately for the endpoints connecting through them. Which configuration item must be changed in the network device within Cisco ISE to accomplish this goal?

A.

Change the device type to Medical Switch.

B.

Change the device profile to Medical Switch.

C.

Change the model name to Medical Switch.

D.

Change the device location to Medical Switch.

A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group. Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?

A.

Keep track of guest user activities

B.

Configure authorization settings for guest users

C.

Create and manage guest user accounts

D.

Authenticate guest users to Cisco ISE

An administrator enables the profiling service for Cisco ISE to use for authorization policies while in closed mode. When the endpoints connect, they receive limited access so that the profiling probes can gather information and Cisco ISE can assign the correct profiles. They are using the default values within Cisco ISE. but the devices do not change their access due to the new profile. What is the problem'?

A.

In closed mode, profiling does not work unless CDP is enabled.

B.

The profiling probes are not able to collect enough information to change the device profile

C.

The profiler feed is not downloading new information so the profiler is inactive

D.

The default profiler configuration is set to No CoA for the reauthentication setting

An engineer wants to use certificate authentication for endpoints that connect to a wired network integrated with Cisco ISE. The engineer needs to define the certificate field used as the principal username. Which component would be needed to complete the configuration?

A.

Authorization rule

B.

Authorization profile

C.

Authentication policy

D.

Authentication profile

A network engineer is configuring guest access and notices that when a guest user registers a second device for access, the first device loses access What must be done to ensure that both devices for a particular user are able to access the guest network simultaneously?

A.

Configure the sponsor group to increase the number of logins.

B.

Use a custom portal to increase the number of logins

C.

Modify the guest type to increase the number of maximum devices

D.

Create an Adaptive Network Control policy to increase the number of devices

Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two.)

A.

hotspot

B.

new AD user 802 1X authentication

C.

posture

D.

BYOD

E.

guest AUP

Refer to the exhibit.

An engineer is configuring a client but cannot authenticate to Cisco ISE During troubleshooting, the show authentication sessions command was issued to display the authentication status of each port Which command gives additional information to help identify the problem with the authentication?

A.

show authentication sessions

B.

show authentication sessions Interface Gil/0/1 output

C.

show authentication sessions interface Gi1/0/1 details

D.

show authentication sessions output

An engineer is configuring 802.1X and is testing out their policy sets. After authentication, some endpoints are given an access-reject message but are still allowed onto the network. What is causing this issue to occur?

A.

The switch port is configured with authentication event server dead action authorize vlan.

B.

The authorization results for the endpoints include a dACL allowing access.

C.

The authorization results for the endpoints include the Trusted security group tag.

D.

The switch port is configured with authentication open.

An administrator is configuring new probes to use with Cisco ISE and wants to use metadata to help profile the endpoints. The metadata must contain traffic information relating to the endpoints instead of industry-standard protocol information Which probe should be enabled to meet these requirements?

A.

NetFlow probe

B.

DNS probe

C.

DHCP probe

D.

SNMP query probe