CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 41)

Page 41 of 81
PDF with 320 Questions

A network administrator is currently using Cisco ISE to authenticate devices and users via 802.1X. There is now a need to also authorize devices and users using
EAP-TLS.
Which two additional components must be configured in Cisco ISE to accomplish this? (Choose two.)

  1. Certificate Authentication Profile
  2. EAP Authorization Profile
  3. Network Device Group
  4. Common Name attribute that maps to an identity store
  5. Serial Number attribute that maps to a CA Server

Answer(s): A,B



Refer to the exhibit. An engineer is configuring the remote access VPN to use Cisco ISE for AAA and needs to conduct posture checks on the connecting endpoints. After the endpoint connects, it receives its initial authorization result and continues onto the compliance scan.
What must be done for this AAA configuration to allow compliant access to the network?

  1. Ensure that authorization only mode is not enabled.
  2. Enable dynamic authorization within the AAA server group.
  3. Fix the CoA port number.
  4. Configure the posture authorization so it defaults to unknown status

Answer(s): B



Refer to the exhibit. An engineer is configuring Cisco ISE for guest services. They would like to have any unregistered guests redirected to the guest portal for authentication, then have a CoA provide them with full access to the network that is segmented via firewalls.
Why is the given configuration failing to accomplish this goal?

  1. The Guest Portal and Guest Access policy lines are in the wrong order.
  2. The PermitAccess result is not set to restricted access in its policy line.
  3. The Network_Access_Authentication_Passed condition will not work with guest services for portal access.
  4. The Guest_Flow condition is not in the line that gives access to the guest portal.

Answer(s): A



show authentication sessions
Refer to the exhibit. An engineer is configuring a client but cannot authenticate to Cisco ISE. During troubleshooting, the command was issued to display the authentication status of each port.
Which command gives additional information to help identify the problem with the authentication?

  1. show authentication sessions
  2. show authentication sessions output
  3. show authentication sessions interface Gi1/0/1 output
  4. show authentication sessions interface Gi1/0/1 details

Answer(s): D



Page 41 of 81



Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Qorban commented on April 11, 2021
I paid in Derham and the process of payment and download was so fast and easy. The Test Engine called Xengine App came for free. I am stdying from that engine. For now I am not ready yet. But ones I go do my test I come back and write my score here so others can a more informed decision.
UNITED ARAB EMIRATES
upvote