CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-715

Free 300-715 Exam Braindumps (page: 13)

Page 12 of 81
PDF with 320 Questions

A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices.
Where in the Layer 2 frame should this be verified?

  1. payload
  2. 802.1 AE header
  3. CMD field
  4. 802.1Q field

Answer(s): C


Reference:

https://www.cisco.com/c/dam/en/us/solutions/collateral/borderless-networks/trustsec/C07-730151-00_overview_of_trustSec_og.pdf



A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network.
Which EAP type must be configured by the network administrator to complete this task?

  1. EAP-TTLS
  2. EAP-TLS
  3. EAP-FAST
  4. EAP-PEAP-MSCHAPv2

Answer(s): B


Reference:

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/214975-configure-eap-tls-authentication-with-is.html



An organization wants to standardize the 802.1X configuration on their switches and remove static ACLs on the switch ports while allowing Cisco ISE to communicate to the switch what access to provide.
What must be configured to accomplish this task?

  1. dynamic access list within the authorization profile
  2. extended access-list on the switch for the client
  3. security group tag within the authorization policy
  4. port security on the switch based on the client's information

Answer(s): A



Refer to the exhibit.
In which scenario does this switch configuration apply?

  1. when allowing a hub with multiple clients connected
  2. when allowing multiple IP phones to be connected
  3. when preventing users with hypervisor
  4. when bypassing IP phone authentication

Answer(s): A


Reference:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_8021x/configuration/xe-3se/5700/sec-user-8021x-xe-3se-5700-book/sec-ieee-802x-multi- auth.html






Post your Comments and Discuss Cisco® 300-715 exam with other Community members:

300-715 Discussions & Posts