Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 48)

Page 47 of 93
PDF with 367 Questions

An administrator is configuring a new profiling policy within Cisco ISE. The organization has several endpoints that are the same device type, and all have the same Block ID in their MAC address. The profiler does not currently have a profiling policy created to categorize these endpoints, therefore a custom profiling policy must be created.
Which condition must the administrator use in order to properly profile an ACME AI Connector endpoint for network access with MAC address 01:41:14:65:50:AB?

  1. CDP_cdpCacheDeviceID_CONTAINS_<MAC ADDRESS>
  2. MAC_MACAddress_CONTAINS_<MAC ADDRESS>
  3. Radius_Called_Station-ID_STARTSWITH_<MAC ADDRESS>
  4. MAC_OUI_STARTSWITH_<MAC ADDRESS>

Answer(s): D



Users in an organization report issues about having to remember multiple usernames and passwords. The network administrator wants the existing Cisco ISE deployment to utilize an external identity source to alleviate this issue.
Which two requirements must be met to implement this change? (Choose two.)

  1. Establish access to one Global Catalog server
  2. Ensure that the NAT address is properly configured
  3. Provide domain administrator access to Active Directory
  4. Configure a secure LDAP connection
  5. Enable IPC access over port 80

Answer(s): A,C



An administrator enables the profiling service for Cisco ISE to use for authorization policies while in closed mode.
When the endpoints connect, they receive limited access so that the profiling probes can gather information and Cisco ISE can assign the correct profiles. They are using the default values within Cisco ISE,
but the devices do not change their access due to the new profile.
What is the problem?

  1. The default profiler configuration is set to No CoA for the reauthentication setting.
  2. In closed mode, profiling does not work unless CDP is enabled.
  3. The profiler feed is not downloading new information, so the profiler is inactive.
  4. The profiling probes are not able to collect enough information to change the device profile.

Answer(s): A



An administrator made changes in Cisco ISE and needs to apply new permissions for endpoints that have already been authenticated by sending a CoA packet to the network devices.
Which IOS command must be configured on the devices to accomplish this goal?

  1. aaa server radius dynamic-author
  2. authentication command bounce-port
  3. authentication command disable-port
  4. aaa nas port extended

Answer(s): A


Reference:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-16-10/sec-usr- aaa-xe-16-10-book/sec-rad-coa.pdf






Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

Exam Discussions & Posts