CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 33)

Page 33 of 81
PDF with 320 Questions

What must match between Cisco ISE and the network access device to successfully authenticate endpoints?

  1. shared secret
  2. profile
  3. certificate
  4. SNMP version

Answer(s): A


Reference:

https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_network_devices.html



When planning for the deployment of Cisco ISE, an organization's security policy dictates that they must use network access authentication via RADIUS. It also states that the deployment needs to provide an adequate amount of security and visibility for the hosts on the network.
Why should the engineer configure MAB in this situation?

  1. The Cisco switches only support MAB.
  2. MAB provides the strongest form of authentication available.
  3. MAB provides user authentication.
  4. The devices in the network do not have a supplicant.

Answer(s): D



An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network. They have multiple vendors' firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this.
What should be done to enable this type of posture check?

  1. Enable the default application condition to identify the applications installed and validate the firewall app.
  2. Enable the default firewall condition to check for any vendor firewall application.
  3. Use a compound condition to look for the Windows or Mac native firewall applications.
  4. Use the file registry condition to ensure that the firewall is installed and running appropriately.

Answer(s): B



An administrator is configuring posture with Cisco ISE and wants to check that specific services are present on the workstations that are attempting to access the network.
What must be configured to accomplish this goal?

  1. Create a compound posture condition using a OPSWAT API version.
  2. Create an application posture condition using a OPSWAT API version.
  3. Create a registry posture condition using a non-OPSWAT API version.
  4. Create a service posture condition using a non-OPSWAT API version.

Answer(s): D


Reference:

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010001.html



Page 33 of 81



Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Qorban commented on April 11, 2021
I paid in Derham and the process of payment and download was so fast and easy. The Test Engine called Xengine App came for free. I am stdying from that engine. For now I am not ready yet. But ones I go do my test I come back and write my score here so others can a more informed decision.
UNITED ARAB EMIRATES
upvote