Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Cisco
  3. CCNP Security
  4. 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

300-715 Exam Dumps - Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE)

Go to page:
Question # 65

What happens when an internal user is configured with an external identity store for authentication, but an engineer uses the Cisco ISE admin portal to select an internal identity store as the identity source?

A.

Authentication is redirected to the internal identity source.

B.

Authentication is redirected to the external identity source.

C.

Authentication is granted.

D.

Authentication fails.

Full Access
Question # 66

An engineer wants to learn more about Cisco ISE and deployed a new lab with two nodes. Which two persona configurations allow the engineer to successfully test redundancy of a failed node? (Choose two.)

A.

Configure one of the Cisco ISE nodes as the Health Check node.

B.

Configure both nodes with the PAN and MnT personas only.

C.

Configure one of the Cisco ISE nodes as the primary PAN and MnT personas and the other as the secondary.

D.

Configure both nodes with the PAN, MnT, and PSN personas.

E.

Configure one of the Cisco ISE nodes as the primary PAN and PSN personas and the other as the secondary.

Full Access
Question # 67

An administrator needs to give the same level of access to the network devices when users are logging into them using TACACS+ However, the administrator must restrict certain commands based on one of three user roles that require different commands How is this accomplished without creating too many objects using Cisco ISE?

A.

Create one shell profile and multiple command sets.

B.

Create multiple shell profiles and multiple command sets.

C.

Create one shell profile and one command set.

D.

Create multiple shell profiles and one command set

Full Access
Question # 68

An engineer is configuring 802.1X and is testing out their policy sets. After authentication, some endpoints are given an access-reject message but are still allowed onto the network. What is causing this issue to occur?

A.

The switch port is configured with authentication event server dead action authorize vlan.

B.

The authorization results for the endpoints include a dACL allowing access.

C.

The authorization results for the endpoints include the Trusted security group tag.

D.

The switch port is configured with authentication open.

Full Access
Question # 69

An engineer is configuring web authentication using non-standard ports and needs the switch to redirect traffic to the correct port. Which command should be used to accomplish this task?

A.

permit tcp any any eq

B.

aaa group server radius proxy

C.

ip http port

D.

aaa group server radius

Full Access
Question # 70

The Cisco Wireless LAN Controller and guest portal must be set up in Cisco ISE. These configurations were performed:

• configured all the required Cisco Wireless LAN Controller configurations

• added the wireless controller to Cisco ISE network devices

• created an endpoint identity group

• configured credentials to be sent by email

• configured the SMTP server

• configured an authorization profile with redirection to the guest portal and redirected the access control list

• configured an authentication policy for MAB users

• created an authorization policy

Which two components would be required to complete the configuration? (Choose two.)

A.

sponsor group

B.

hotspot guest portal

C.

sponsor portal

D.

self-registered guest portal

E.

guest type

Full Access
Question # 71

An administrator is configuring a switch port for use with 802 1X What must be done so that the port will allow voice and multiple data endpoints?

A.

Configure the port with the authentication host-mode multi-auth command

B.

Connect the data devices to the port, then attach the phone behind them.

C.

Use the command authentication host-mode multi-domain on the port

D.

Connect a hub to the switch port to allow multiple devices access after authentication

Full Access
Question # 72

An engineer is testing Cisco ISE policies in a lab environment with no support for a deployment server. In order to push supplicant profiles to the workstations for testing, firewall ports will need to be opened. From which Cisco ISE persona should this traffic be originating?

A.

monitoring

B.

policy service

C.

administration

D.

authentication

Full Access
Go to page:

Hot Exams

350-701 Dumps