cisco 300-715 practice test

implementing and configuring cisco identity services engine (300-715 sise)

Last exam update: Dec 05 ,2024
Page 1 out of 28. Viewing questions 1-10 out of 275

Question 1

Which two values are compared by the binary comparison function in authentication that is based on Active Directory?

  • A. user-presented certificate and a certificate stored in Active Directory
  • B. MS-CHAPv2 provided machine credentials and credentials stored in Active Directory
  • C. user-presented password hash and a hash stored in Active Directory
  • D. subject alternative name and the common name
Answer:

d


Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/ISE-ADIntegrationDoc/b_ISE-ADIntegration.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

An engineer must create an authentication policy in Cisco ISE to allow wired printers that lack support for 802.1X onto the network. What must the RadiusFlowType be set to in the policy to meet the requirement?

  • A. MAB
  • B. Wired_MAB
  • C. Compliant_Devices
  • D. Compliance_Unknown_Devices
Answer:

b

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

A technician must configure MAB on an access switch. Due to a protocol error, the engineer discovers that MAB cannot authenticate. For MAB to function, which protocol must be enabled in the authorized protocol lists?

  • A. EAP-TLS
  • B. MS-CHAPv2
  • C. Process Host Lookup
  • D. CHAP
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which type of identity store allows for creating single-use access credentials in Cisco ISE?

  • A. OpenLDAP
  • B. Local
  • C. PKI
  • D. RSA SecurID
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which two probes must be enabled for the ARP cache to function in the Cisco ISE profiling service so that a user can reliably bind the IP addresses and MAC addresses of endpoints? (Choose two.)

  • A. SNMP
  • B. HTTP
  • C. RADIUS
  • D. DHCP
  • E. NetFlow
Answer:

cd


Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010100.html

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 6

An administrator needs to add a new third party network device to be used with Cisco ISE for Guest and BYOD authorizations. Which two features must be configured under Network Device Profile to achieve this? (Choose two.)

  • A. TACACS
  • B. SNMP community
  • C. CoA Type
  • D. dACL
  • E. URL Redirect
Answer:

ce

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 7

A network administrator notices that after a company-wide shut down, many users cannot connect their laptops to the corporate SSID.
What must be done to permit access in a timely manner?

  • A. Connect this system as a guest user and then redirect the web auth protocol to log in to the network.
  • B. Allow authentication for expired certificates within the EAP-TLS section under the allowed protocols.
  • C. Add a certificate issue from the CA server, revoke the expired certificate, and add the new certificate in system.
  • D. Authenticate the user's system to the secondary Cisco ISE node and move this user to the primary with the renewed certificate.
Answer:

d

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which two probes provide IP-to-MAC address binding information to the ARP cache in Cisco ISE? (Choose two.)

  • A. HTTP
  • B. RADIUS
  • C. DHCP
  • D. DNS
  • E. NetFlow
Answer:

bc

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 9

An administrator enables the profiling service for Cisco ISE to use for authorization policies while in closed mode. When the endpoints connect, they receive limited access so that the profiling probes can gather information and Cisco ISE can assign the correct profiles. They are using the default values within Cisco ISE, but the devices do not change their access due to the new profile. What is the problem?

  • A. The default profiler configuration is set to No CoA for the reauthentication setting.
  • B. In closed mode, profiling does not work unless CDP is enabled.
  • C. The profiler feed is not downloading new information, so the profiler is inactive.
  • D. The profiling probes are not able to collect enough information to change the device profile.
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

An engineer is configuring Cisco ISE to reprofile endpoints based only on new requests of INIT-REBOOT and SELECTING message types.
Which probe should be used to accomplish this task?

  • A. DHCP
  • B. DNS
  • C. NMAP
  • D. RADIUS
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2