CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 42)

Page 42 of 81
PDF with 320 Questions

An administrator has added a new Cisco ISE PSN to their distributed deployment.
Which two features must the administrator enable to accept authentication requests and profile the endpoints correctly, and add them to their respective endpoint identity groups? (Choose two.)

  1. Session Services
  2. Profiling Services
  3. Radius Service
  4. Posture Services
  5. Endpoint Attribute Filter

Answer(s): A,B



While configuring Cisco TrustSec on Cisco IOS devices, the engineer must set the CTS device ID and password in order for the devices to authenticate with each other. However, after this is complete, the devices are not able to properly authenticate.
What issue would cause this to happen even if the device ID and passwords are correct?

  1. EAP-FAST is not enabled.
  2. The SGT mappings have not been defined.
  3. The device aliases are not matching.
  4. The devices are missing the configuration cts credentials trustsec verify 1.

Answer(s): A



An engineer is configuring Cisco ISE policies to support MAB for devices that do not have 802.1X capabilities. The engineer is configuring new endpoint identity groups as conditions to be used in the AuthZ policies, but noticed that the endpoints are not hitting the correct policies.
What must be done in order to get the devices into the right policies?

  1. Create an AuthZ policy to identify Unknown devices and provide partial network access prior to profiling.
  2. Add an identity policy to dynamically add the IP address of the devices to their endpoint identity groups.
  3. Identify the non 802.1X supported device types and create custom profiles for them to profile into.
  4. Manually add the MAC addresses of the devices to endpoint ID groups in the context visibility database.

Answer(s): D



An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the default guest types. How should this configuration change be made without disrupting the other guest services currently offering three or more guest devices per user?

  1. Create a Cisco ISE identity group to add users to and limit the number of logins via the group configuration.
  2. Create an LDAP login for each guest and tag that in the guest portal for authentication.
  3. Create a new sponsor group and adjust the settings to limit the devices for each guest.
  4. Create a new guest type and set the maximum number of devices sponsored guests can register.

Answer(s): D



Page 42 of 81



Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Qorban commented on April 11, 2021
I paid in Derham and the process of payment and download was so fast and easy. The Test Engine called Xengine App came for free. I am stdying from that engine. For now I am not ready yet. But ones I go do my test I come back and write my score here so others can a more informed decision.
UNITED ARAB EMIRATES
upvote