Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 28)

Page 27 of 93
PDF with 367 Questions

An organization has a SGACL locally configured on a switch port, but when a user in the Executives group connects to the network, they receive a different level of network access than expected.
When Cisco ISE pushes SGACLs to the switch after the authorization phase, how does the switch decide which access to grant the user?

  1. Dynamically downloaded policies override local policies in all cases.
  2. Local policies override dynamically downloaded policies in all cases.
  3. The policies are merged, but local policies receive priority.
  4. The policies are merged, but dynamically downloaded policies receive priority.

Answer(s): A



An administrator is configuring an AD domain to be used with authentication for endpoints and users within Cisco ISE.
Which two steps are required to configure this to be used as an external identity store? (Choose two.)

  1. Add an Authentication Joint Point.
  2. Configure Authentication Domains.
  3. Configure Active Directory Schema.
  4. Configure Active Directory Domains.
  5. Add an Active Directory Join Point.

Answer(s): D,E



An engineer is configuring Central Web Authentication in Cisco ISE to provide guest access.
When an authentication rule is configured in the Default Policy Set for the Wired_MAB or Wireless_MAB conditions, what must be selected for the “if user not found” setting?

  1. ACCEPT
  2. DROP
  3. REJECT
  4. CONTINUE

Answer(s): D

Explanation:

Selecting CONTINUE as the "if user not found" setting means that if the user is not found or authenticated by the MAB (MAC Authentication Bypass) process, the authentication flow will continue to the next rule or policy in the sequence. This allows for further authentication methods or conditions to be evaluated, such as web authentication for guest access.
The other options, ACCEPT (option A), DROP (option B), and REJECT (option C), do not provide the desired behavior in this context. ACCEPT would immediately grant access, which is not appropriate if the user is not found. DROP would block or terminate the connection, and REJECT would reject the connection outright. Both DROP and REJECT options would prevent further evaluation of subsequent rules or policies, potentially denying guest access. Therefore, the correct choice is CONTINUE to allow the authentication flow to proceed.



How is policy services node redundancy achieved in a deployment?

  1. by creating a node group
  2. by deploying both primary and secondary node
  3. by enabling VIP
  4. by utilizing RADIUS server list on the NAD

Answer(s): A






Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Exam Discussions & Posts