CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 39)

Page 39 of 81
PDF with 320 Questions

An engineer builds a five-node distributed Cisco ISE deployment. The first two deployed nodes are responsible for the primary and secondary administration and monitoring personas.
Which persona configuration is necessary to have the remaining three Cisco ISE nodes serve as dedicated nodes in the Cisco ISE cube that is responsible only for handling the RADIUS and TACACS+ authentication requests, identity lookups, and policy evaluation?





Answer(s): B



What are two differences between the RADIUS and TACACS+ protocols? (Choose two.)

  1. RADIUS offers multiprotocol support, whereas TACACS+ does not.
  2. RADIUS is a Cisco proprietary protocol, whereas TACACS+ is an open standard protocol.
  3. RADIUS enables encryption of all the packets, whereas with TACACS+, only the password is encrypted.
  4. RADIUS combines authentication and authorization, whereas TACACS+ does not.
  5. TACACS+ uses TCP port 49, whereas RADIUS uses UDP ports 1812 and 1813.

Answer(s): D,E



An administrator adds a new network device to the Cisco ISE configuration to authenticate endpoints to the network. The RADIUS test fails after the administrator configures all of the settings in Cisco ISE and adds the proper configurations to the switch.
What is the issue?

  1. The endpoint profile is showing as ''unknown"
  2. The endpoint does not have the appropriate credentials for network access
  3. The certificate on the switch is self-signed, not a CA-provided certificate
  4. The shared secret is incorrect on the switch or on Cisco ISE

Answer(s): D



An administrator enables the profiling service for Cisco ISE to use for authorization policies while in closed mode.
When the endpoints connect, they receive limited access so that the profiling probes can gather information and Cisco ISE can assign the correct profiles. They are using the default values within Cisco ISE, but the devices do not change their access due to the new profile.
What is the problem?

  1. The default profiler configuration is set to No CoA for the reauthentication setting.
  2. In closed mode, profiling does not work unless CDP is enabled.
  3. The profiler feed is not downloading new information, so the profiler is inactive.
  4. The profiling probes are not able to collect enough information to change the device profile.

Answer(s): A



Page 39 of 81



Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Qorban commented on April 11, 2021
I paid in Derham and the process of payment and download was so fast and easy. The Test Engine called Xengine App came for free. I am stdying from that engine. For now I am not ready yet. But ones I go do my test I come back and write my score here so others can a more informed decision.
UNITED ARAB EMIRATES
upvote