Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Cisco
  3. CCNP Security
  4. 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

300-715 Exam Dumps - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

Go to page:
Question # 41

An engineer is creating a new authorization policy to give the endpoints access to VLAN 310 upon successful authentication The administrator tests the 802.1X authentication for the endpoint and sees that it is authenticating successfully What must be done to ensure that the endpoint is placed into the correct VLAN?

A.

Configure the switchport access vlan 310 command on the switch port

B.

Ensure that the security group is not preventing the endpoint from being in VLAN 310

C.

Add VLAN 310 in the common tasks of the authorization profile

D.

Ensure that the endpoint is using The correct policy set

Full Access
Question # 42

An engineer needs to configure a new certificate template in the Cisco ISE Internal Certificate Authority to prevent BYOD devices from needing to re-enroll when their MAC address changes. Which option must be selected in the Subject Alternative Name field?

A.

Common Name and GUID

B.

MAC Address and GUID

C.

Distinguished Name

D.

Common Name

Full Access
Question # 43

An administrator is configuring TACACS+ on a Cisco switch but cannot authenticate users with Cisco ISE. The configuration contains the correct key of Cisc039712287. but the switch is not receiving a response from the Cisco ISE instance What must be done to validate the AAA configuration and identify the problem with the TACACS+ servers?

A.

Check for server reachability using the test aaa group tacacs+ admin legacy command.

B.

Test the user account on the server using the test aaa group radius server CUCS user admin pass legacy command.

C.

Validate that the key value is correct using the test aaa authentication admin legacy command.

D.

Confirm the authorization policies are correct using the test aaa authorization admin drop legacy command.

Full Access
Question # 44

What is the deployment mode when two Cisco ISE nodes are configured in an environment?

A.

distributed

B.

active

C.

standalone

D.

standard

Full Access
Question # 45

A network security administrator wants to integrate Cisco ISE with Active Directory. Which configuration action must the security administrator take to accomplish the task?

A.

Remove Cisco ISE user account from the domain.

B.

Remove the ISE machine account from the domain.

C.

Join Cisco ISE to the Active Directory domain.

D.

Search Active Directory to see if admin user account exists.

Full Access
Question # 46

An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured, in addition to Active Directory groups, to achieve this goat? (Choose two )

A.

Active Directory External Identity Sources

B.

Library Condition for External Identity. External Groups

C.

Identity Source Sequences

D.

LDAP External Identity Sources

E Library Condition for Identity Group: User Identity Group

Full Access
Question # 47

Refer to the exhibit. In which scenario does this switch configuration apply?

A.

when allowing a hub with multiple clients connected

B.

when passing IP phone authentication

C.

when allowing multiple IP phones to be connected

D.

when preventing users with hypervisor

Full Access
Question # 48

What is a requirement for Feed Service to work?

A.

TCP port 3080 must be opened between Cisco ISE and the feed server

B.

Cisco ISE has a base license.

C.

Cisco ISE has access to an internal server to download feed update

D.

Cisco ISE has Internet access to download feed update

Full Access
Go to page:

Hot Exams

350-701 Dumps