Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps

An engineer wants to ease the management of endpoint identity groups from the Cisco ISE GUI. From the Identity Management menu in Cisco ISE, the engineer must be able to list the endpoint identity groups with a name that contains Android.
Which task must the engineer perform?

  1. Create and save a quick filter with name equals Android as the criteria.
  2. Create an identity group named Android and set the parent group to profiled.
  3. Create and save an advanced filter with name equals Android as the criteria.
  4. Create an identity group named Android and populate the group with Android devices only.

Answer(s): C


Reference:

https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ ise10_man_identities.html#wp1288285



A network administrator is configuring a new access switch to use with Cisco ISE for network access control. There is a need to use a centralized server for the reauthentication timers.
What must be configured in order to accomplish this task?

  1. Issue the authentication timer reauthenticate server command on the switch.
  2. Configure Cisco ISE to block access after a certain period of time.
  3. Configure Cisco ISE to replace the switch configuration with new timers.
  4. Issue the authentication periodic command on the switch.

Answer(s): A



A network engineer must configure a centralized Cisco ISE solution for wireless guest access with users in different time zones. The guest account activation time must be independent of the user time zone, and the guest account must be enabled automatically when the user self-registers on the guest portal.
Which option in the time profile settings must be selected to meet the requirement?

  1. Select FromFirstLogin from the Account Type dropdown.
  2. Select FromCreation from the Account Type dropdown.
  3. Set the Maximum Account Duration to 1 Day.
  4. Set the Duration field to 24:00:00.

Answer(s): A


Reference:

https://community.cisco.com/t5/network-access-control/ise-guest-portal-time-profiles/td-p/2196028



Which nodes are supported in a distributed Cisco ISE deployment?

  1. Monitoring nodes for PxGrid services
  2. Policy Service nodes for session failover
  3. Policy Service nodes for automatic failover
  4. Administration nodes for session failover

Answer(s): B

Explanation:

In a distributed Cisco Identity Services Engine (ISE) deployment, the following types of nodes are supported:
1. Administration Nodes (PANs): These are responsible for configuration, administration, and reporting.
2. Policy Service Nodes (PSNs): These handle the policy evaluation, including authentication, authorization, and accounting (AAA).
3. Monitoring Nodes (MnT): These store logs and provide reporting services.
Policy Service nodes are essential for session failover in a distributed environment.
When multiple PSNs are deployed, if one PSN fails, session traffic can automatically reroute to another PSN. This ensures high availability and session continuity.
However, automatic failover for policy services is a misnomer since failover requires session traffic to be directed manually or through load balancing mechanisms. Administration nodes and monitoring nodes do not manage session failover.






Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Exam Discussions & Posts