Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 24)

Page 23 of 93
PDF with 367 Questions

A network administrator is currently using Cisco ISE to authenticate devices and users via 802.1X. There is now a need to also authorize devices and users using EAP-TLS.
Which two additional components must be configured in Cisco ISE to accomplish this? (Choose two.)

  1. Certificate Authentication Profile
  2. EAP Authorization Profile
  3. Network Device Group
  4. Common Name attribute that maps to an identity store
  5. Serial Number attribute that maps to a CA Server

Answer(s): A,B



An engineer is configuring Cisco ISE policies to support MAB for devices that do not have 802.1X capabilities. The engineer is configuring new endpoint identity groups as conditions to be used in the AuthZ policies, but noticed that the endpoints are not hitting the correct policies.
What must be done in order to get the devices into the right policies?

  1. Create an AuthZ policy to identify Unknown devices and provide partial network access prior to profiling.
  2. Add an identity policy to dynamically add the IP address of the devices to their endpoint identity groups.
  3. Identify the non 802.1X supported device types and create custom profiles for them to profile into.
  4. Manually add the MAC addresses of the devices to endpoint ID groups in the context visibility database.

Answer(s): D



During an 802.1X deployment, an engineer must identify failed authentications without causing problems for the connected endpoint.
Which command will successfully achieve this?

  1. authentication open
  2. dot1x pae authenticator
  3. authentication port-control auto
  4. dot1x system-auth-control

Answer(s): A



An engineer is creating a new authorization policy to give the endpoints access to VLAN 310 upon successful authentication. The administrator tests the 802.1X authentication for the endpoint and sees that it is authenticating successful.
What must be done to ensure that the endpoint is placed into the correct VLAN?

  1. Configure the switchport access vlan 310 command on the switch port.
  2. Add VLAN 310 in the common tasks of the authorization profile.
  3. Ensure that the endpoint is using the correct policy set.
  4. Ensure that the security group is not preventing the endpoint from being in VLAN 310.

Answer(s): B






Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Exam Discussions & Posts