New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Cisco
  3. CCNP Security
  4. 300-715
  5. Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) Questions and Answers

Pass the Cisco CCNP Security 300-715 Questions and answers with CertsForce

 Cisco Exams      Go to Exam Detail      Get Premium Access
Viewing page 9 out of 9 pages
Viewing questions 81-90 out of questions
Questions # 81:

An administrator is configuring RADIUS on a Cisco switch with a key set to Cisc403012128 but is receiving the error “Authentication failed: 22040 Wrong password or invalid shared secret. “what must be done to address this issue?

Options:
A.

Add the network device as a NAD inside Cisco ISE using the existing key.

B.

Configure the key on the Cisco ISE instead of the Cisco switch.

C.

Use a key that is between eight and ten characters.

D.

Validate that the key is correct on both the Cisco switch as well as Cisco ISE.

Expert Solution
Questions # 82:

A laptop was stolen and a network engineer added it to the block list endpoint identity group What must be done on a new Cisco ISE deployment to redirect the laptop and restrict access?

Options:
A.

Select DenyAccess within the authorization policy.

B.

Ensure that access to port 8443 is allowed within the ACL.

C.

Ensure that access to port 8444 is allowed within the ACL.

D.

Select DROP under If Auth fail within the authentication policy.

Expert Solution
Questions # 83:

Drag and drop the description from the left onto the protocol on the right that is used to carry out system authentication, authentication, and accounting.

Question # 83

Expert Solution
Questions # 84:

Which protocol must be allowed for a BYOD device to access the BYOD portal?

Options:
A.

HTTP

B.

SMTP

C.

HTTPS

D.

SSH

Expert Solution
Questions # 85:

An employee must access the internet through the corporate network from a new mobile device that does not support native supplicant provisioning provided by Cisco ISE. Which portal must the employee use to provision to the device?

Options:
A.

BYOD

B.

Personal Device

C.

My Devices

D.

Client Provisioning

Expert Solution
Questions # 86:

An administrator enables the profiling service for Cisco ISE to use for authorization policies while in closed mode. When the endpoints connect, they receive limited access so that the profiling probes can gather information and Cisco ISE can assign the correct profiles. They are using the default values within Cisco ISE. but the devices do not change their access due to the new profile. What is the problem'?

Options:
A.

In closed mode, profiling does not work unless CDP is enabled.

B.

The profiling probes are not able to collect enough information to change the device profile

C.

The profiler feed is not downloading new information so the profiler is inactive

D.

The default profiler configuration is set to No CoA for the reauthentication setting

Expert Solution
Questions # 87:

An engineer is configuring Central Web Authentication in Cisco ISE to provide guest access. When an authentication rule is configured in the Default Policy Set for the Wired_MAB or Wireless_MAB conditions, what must be selected for the "if user not found" setting?

Options:
A.

CONTINUE

B.

REJECT

C.

ACCEPT

D.

DROP

Expert Solution
Questions # 88:

Which action must be taken before configuring the Secure Client Agent profile when creating the Secure Client configuration for ISE posture services?

Options:
A.

Create a posture remediation condition policy for the Agent profile.

B.

Configure the posture policy for Secure Client posturing module.

C.

Create a posture condition that references the Secure Client package.

D.

Upload the Secure Client packages and the Secure Client compliance modules.

Expert Solution
Questions # 89:

NO: 184

An engineer builds a five-node distributed Cisco ISE deployment The first two deployed nodes are responsible for the primary and secondary administration and monitoring personas Which persona configuration is necessary to have the remaining three Cisco ISE nodes serve as dedicated nodes in the Cisco ISE cube that is responsible only for handling the RADIUS and TACACS+ authentication requests, identity lookups, and policy evaluation?

A)

Question # 89

B)

C)

D)

Options:
A.

Option A

B.

Option B

C.

Option C

D.

Option D

Expert Solution
Viewing page 9 out of 9 pages
Viewing questions 81-90 out of questions