DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Cisco 300-715 SISE Sample Questions | Real Exam Questions & Answers

Preparing for the Cisco 300-715 SISE exam requires a strong understanding of identity services and network security. Our comprehensive exam questions and answers provide candidates with a realistic look at what to expect on the actual test. With carefully crafted test questions and answers, you can improve your knowledge and readiness by practicing with authentic exam practice questions that mirror the format of the real exam. These practice exams are designed to enhance your confidence and performance, ensuring you're well-prepared for exam day. By using our certification practice tests and exam preparation materials, you can identify weak areas and solidify your understanding of Cisco Identity Services Engine (ISE) concepts. Start studying today with our trusted resources, and increase your chances of passing the Cisco 300-715 SISE exam with ease!

Take other online exams
Question #1
An administrator is configuring posture assessment in Cisco ISE for the first time. Which two components must be uploaded to Cisco ISE to use Secure Client for the agent configuration in a client provisioning policy?
A. ecure Client network visibility module
B. ecure Client compliance module
C. ecureClientProfile
D. ecure Client agent image
E. ecureClientProfile
View answer
Correct Answer: BD
Question #2
An engineer wants to learn more about Cisco ISE and deployed a new lab with two nodes. Which two persona configurations allow the engineer to successfully test redundancy of a failed node?
A. onfigure both nodes with the PAN, MnT, and PSN personas
B. onfigure one of the Cisco ISE nodes as the primary PAN and PSN personas and the other as the secondary
C. onfigure one of the Cisco ISE nodes as the primary PAN and MnT personas and the other as the secondary
D. onfigure both nodes with the PAN and MnT personas only
E. onfigure one of the Cisco ISE nodes as the Health Check node
View answer
Correct Answer: AC
Question #3
An administrator is troubleshooting an endpoint that is supposed to bypass 802.1X and use MAB. The endpoint is bypassing 802.1X and successfully getting network access using MAB, however the endpoint cannot communicate because it cannot obtain an IP address. What is the problem?
A. n ACL on the port is blocking HTTP traffic
B. he endpoint is using the wrong protocol to authenticate with Cisco ISE
C. he 802
D. he DHCP probe for Cisco ISE is not working as expected
View answer
Correct Answer: C
Question #4
An administrator is configuring a Cisco WLC for web authentication. Which two client profiling methods are enabled by default if the Apply Cisco ISE Default Settings check box has been selected?
A. HCP
B. DP
C. NMP
D. LDP
E. TT
View answer
Correct Answer: AE
Question #5
An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants. Which portal must the security engineer configure to accomplish this task?
A. y Devices
B. DM
C. lient Provisioning
D. YO
View answer
Correct Answer: A
Question #6
Which two authentication protocols are supported by RADIUS but not by TACACS+?
A. SCHAPv2
B. HAP
C. SCHAPv1
D. AP
E. A
View answer
Correct Answer: AE
Question #7
An engineer is deploying Cisco ISE to use 802.1x authentication for controlling access to the company's wired network. The request from company management is to minimize the impact on users during the rollout of 802.1x on the company switches. Which mode must be used first in a phased 802.1X deployment to fulfill this request?
A. ow-Impact
B. losed
C. pen
D. onito
View answer
Correct Answer: C
Question #8
An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords. Which two features must be configured to allow for this?
A. otspot guest portal
B. entral WebAuth
C. elf-registered guest portal
D. evice registration WebAuth
E. ocal WebAut
View answer
Correct Answer: AD
Question #9
Which two probes provide IP-to-MAC address binding information to the ARP cache in Cisco ISE?
A. HCP
B. TTP
C. NS
D. etFlow
E. ADIU
View answer
Correct Answer: AE
Question #10
An engineer must configure an HTTP probe on a Cisco ISE virtual appliance running on VMWare using a dedicated interface for profiling. The interface is assigned to the VM Network port group. The engineer is logged into the hypervisor with a user account that only provides access to the Cisco ISE VM and the network settings for the VM. Which security setting must be changed for this interface to accept SPAN traffic?
A. et Promiscuous mode to Accept in the Switch properties
B. et Promiscuous mode to Inherit from Switch in the Port Group properties
C. et Promiscuous mode to Inherit from Port Group in the Switch properties
D. et Promiscuous mode to Accept in the Port Group properties
View answer
Correct Answer: A
Question #11
An organization wants to enable web-based guest access for both employees and visitors. The goal is to use a single portal for both user types. Which two authentication methods should be used to meet this requirement?
A. ertificate-based
B. AC-based
C. OCAL
D. DAP
E. 02
View answer
Correct Answer: CD
Question #12
An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the default guest types. How should this configuration change be made without disrupting the other guest services currently offering three or more guest devices per user?
A. reate a new sponsor group and adjust the settings to limit the devices for each guest
B. reate an LDAP login for each guest and tag that in the guest portal for authentication
C. reate a new guest type and set the maximum number of devices sponsored guests can register
D. reate an ISE identity group to add users to and limit the number of logins via the group configuration
View answer
Correct Answer: C
Question #13
An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured, in addition to Active Directory groups, to achieve this goal?
A. ibrary Condition for External Identity: External Groups
B. DAP External Identity Sources
C. ibrary Condition for Identity Group: User Identity Group
D. dentity Source Sequences
E. ctive Directory External Identity Source
View answer
Correct Answer: AE
Question #14
A network administrator is configuring a secondary Cisco ISE node from the backup configuration of the primary Cisco ISE node to create a high availability pair. The Cisco ISE CA certificates and keys must be manually backed up from the primary Cisco ISE and copied into the secondary Cisco ISE. Which command must be issued for this to work?
A. pplication configure ise
B. ertificate configure ise
C. opy certificate ise
D. mport certificate is
View answer
Correct Answer: A
Question #15
Due to a recent network incident, all access to network devices must be centrally logged and tracked in Cisco ISE. On which nodes must the Device Admin service be enabled?
A. ach PSN
B. ach PAN
C. ne PSN
D. ne PA
View answer
Correct Answer: A
Question #16
An administrator is configuring an AD domain to be used with authentication for endpoints and users within Cisco ISE. Which two steps are required to configure this to be used as an external identity store?
A. onfigure Active Directory Schema
B. dd an Authentication Joint Point
C. onfigure Authentication Domains
D. dd an Active Directory Join Point
E. onfigure Active Directory Domain
View answer
Correct Answer: DE
Question #17
To configure BYOD using Cisco ISE, an administrator is considering issuing certificates to the devices connecting to provide a better user experience. Extemal CA servers cannot be used for this purpose because everything must be local to the Cisco ISE. What must be done to accomplish this?
A. onfigure the Cisco ISE Internal CA to issue certificates to each endpoint connecting to the BYOD network
B. se ISE as a sub CA for the BYOD portal and redirect users to the Root CA for certificate issuance
C. onfigure MS SCEP so that endpoints can query their local AD server for the correct certificate
D. se the captive portal network assistant to issue certificates to the endpoints as they authenticate
View answer
Correct Answer: A
Question #18
A network engineer is configuring a new certificate template on the internal CA within Cisco ISE to provision certificates to BYOD devices that must be enrolled in the network. What must be configured in the SAN field of the certificate to identify the devices after enrollment?
A. ser principal name
B. AC address
C. ommon name
D. mail addres
View answer
Correct Answer: B
Question #19
An engineer tests Cisco ISE posture services on the network and must configure the compliance module to automatically download and install on endpoints. Which action accomplishes this task for VPN users?
A. ush the compliance module from Cisco FTD prior to attempting posture
B. reate a Cisco AnyConnect configuration and Client Provisioning policy within Cisco ISE
C. se a compound posture condition to check for the compliance module and download, if needed
D. onfigure the compliance module to be downloaded from within the posture policy
View answer
Correct Answer: B
Question #20
A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network. Which EAP type must be configured by the network administrator to complete this task?
A. AP-PEAP-MSCHAPv2
B. AP-TLS
C. AP-TTLS
D. AP-FAS
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.