Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

Cisco 300-715 Premium Access     Download Demo    
Page: 9 / 9
Total 299 questions

An administrator made changes in Cisco ISE and needs to apply new permissions for endpoints that have already been authenticated by sending a CoA packet to the network devices. Which IOS command must be configured on the devices to accomplish this goal?

A.

aaa server radius dynamic-author

B.

authentication command bounce-port

C.

authentication command disable-port

D.

aaa nas port extended

A network engineer must create a guest portal for wireless guests on Cisco ISE. The guest users must not be able to create accounts; however, the portal should require a username and password to connect. Which portal type must be created in Cisco ISE to meet the requirements?

A.

Sponsored Guest Access

B.

Self Registered Guest Access

C.

Custom Guest Portal

D.

Hotspot Guest Access

Which nodes are supported in a distributed Cisco ISE deployment?

A.

Policy Service nodes for session failover

B.

Monitoring nodes for PxGrid services

C.

Administration nodes for session failover

D.

Policy Service nodes for automatic failover

An administrator plans to use Cisco ISE to deploy posture policies to assess Microsoft Windows endpoints that run Cisco Secure Client. The administrator wants to minimize the occurrence of messages related to unknown posture profiles if Cisco ISE fails to determine the posture of the endpoint. Secure Client is deployed to all the endpoints. and all the required Cisco ISE authentication, authorization, and posture policy configurations were performed. Which action must be taken next to complete the configuration?

A.

Install the latest version of the Secure Client client on the endpoints.

B.

Enable Cisco ISE posture on Secure Client configuration.

C.

Configure a native supplicant on the endpoints to support the posture policies.

D.

Install the compliance module on the endpoints.

A Cisco ISE administrator needs to ensure that guest endpoint registrations are only valid for 1 day. When testing the guest policy flow, the administrator sees that the Cisco ISE does not delete the endpoint in the Guest Endpoints identity store after one day and allows access to the guest network after that period. Which configuration is causing this problem?

A.

The RADIUS policy set for guest access is set to allow repeated authentication of the same device.

B.

The length of access is set to 7 days in the Guest Portal Settings.

C.

The Endpoint Purge Policy is set to 30 days for guest devices.

D.

The Guest Account Purge Policy is set to 15 days.

What is the Microsoft security policy recommendation (or fast user switching in Cisco ISE?

A.

Disable BYOD posture agent.

B.

Enable fast user switching.

C.

Disable fast user switching.

D.

Enable Cisco Secure Client posture agent.

While configuring Cisco TrustSec on Cisco IOS devices the engineer must set the CTS device ID and password in order for the devices to authenticate with each other. However after this is complete the devices are not able to property authenticate What issue would cause this to happen even if the device ID and passwords are correct?

A.

The device aliases are not matching

B.

The 5GT mappings have not been defined

C.

The devices are missing the configuration cts credentials trustsec verify 1

D.

EAP-FAST is not enabled

Which Cisco ISE deployment model provides redundancy by having every node in the deployment configured with the Administration. Policy Service, and Monitoring personas to protect from a complete node failure?

A.

distributed

B.

dispersed

C.

two-node

D.

hybrid

A network administrator must configura endpoints using an 802 1X authentication method with EAP identity certificates that are provided by the Cisco ISE When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network Which EAP type must be configured by the network administrator to complete this task?

A.

EAP-PEAP-MSCHAPv2

B.

EAP-TTLS

C.

EAP-FAST

D.

EAP-TLS