CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 38)

Page 38 of 81
PDF with 320 Questions

Refer to the exhibit. An engineer is creating a new TACACS+ command set and cannot use any show commands after logging into the device with this command set authorization.
Which configuration is causing this issue?

  1. The command set is allowing all commands that are not in the command list.
  2. The wildcard command listed is in the wrong format.
  3. The command set is working like an ACL and denying every command.
  4. Question marks are not allowed as wildcards for command sets.

Answer(s): B


Reference:

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_0100010.html



An administrator is migrating device administration access to Cisco ISE from the legacy TACACS+ solution that used only privilege 1 and 15 access levels. The organization requires more granular controls of the privileges and wants to customize access levels 2-5 to correspond with different roles and access needs.
Besides defining a new shell profile in Cisco ISE, what must be done to accomplish this configuration?

  1. Enable the privilege levels in Cisco ISE.
  2. Enable the privilege levels in the IOS devices.
  3. Define the command privileges for levels 2-5 in Cisco ISE.
  4. Define the command privileges for levels 2-5 in the IOS devices.

Answer(s): C



An administrator is configuring RADIUS on a Cisco switch with a key set to Cisc407294634 but is receiving the error `Authentication failed: 22040 Wrong password or invalid shared secret.`
What must be done to address this issue?

  1. Add the network device as a NAD inside Cisco ISE using the existing key.
  2. Configure the key on the Cisco ISE instead of the Cisco switch.
  3. Validate that the key is correct on both the Cisco switch as well as Cisco ISE.
  4. Use a key that is between eight and ten characters.

Answer(s): C


Reference:

https://community.cisco.com/t5/network-access-control/authentication-failed/td-p/2224342



An administrator needs to give the same level of access to the network devices when users are logging into them using TACACS+. However, the administrator must restrict certain commands based on one of three user roles that require different commands.
How is this accomplished without creating too many objects using Cisco ISE?

  1. Create one shell profile and one command set.
  2. Create multiple shell profiles and one command set.
  3. Create multiple shell profiles and multiple command sets.
  4. Create one shell profile and multiple command sets.

Answer(s): D


Reference:

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_0100010.html



Page 38 of 81



Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Qorban commented on April 11, 2021
I paid in Derham and the process of payment and download was so fast and easy. The Test Engine called Xengine App came for free. I am stdying from that engine. For now I am not ready yet. But ones I go do my test I come back and write my score here so others can a more informed decision.
UNITED ARAB EMIRATES
upvote