Table of Contents
The higher-level Cisco certification exam is one that many applicants aspire to take. SPOTO thus makes available some 300-715 exam samples. You can try it if you want to know how difficult the exam is. You can receive more test details by getting in touch with us directly. We provide a variety of certification exam samples.
QUESTION 1
An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants. Which portal must the security engineer configure to accomplish this task?
- A. My Devices
- B. MDM
- C. Client Provisioning
- D. BYOD
Correct Answer: A
QUESTION 2
An organization wants to enable web-based guest access for both employees and visitors. The goal is to use a single portal for both user types. Which two authentication methods should be used to meet this requirement? (Choose two.)
- A. Certificate-based
- B. MAC-based
- C. LOCAL
- D. LDAP
- E. 802.1X
Correct Answer: CD
QUESTION 3
A network administrator is configuring a secondary Cisco ISE node from the backup configuration of the primary Cisco ISE node to create a high availability pair. The Cisco ISE CA certificates and keys must be manually backed up from the primary Cisco ISE and copied into the secondary Cisco ISE. Which command must be issued for this to work?
- A. application configure ise
- B. certificate configure ise
- C. copy certificate ise
- D. import certificate ise
Correct Answer: A
QUESTION 4
An administrator is troubleshooting an endpoint that is supposed to bypass 802.1X and use MAB. The endpoint is bypassing 802.1X and successfully getting network access using MAB, however the endpoint cannot communicate because it cannot obtain an IP address. What is the problem?
- A. An ACL on the port is blocking HTTP traffic.
- B. The endpoint is using the wrong protocol to authenticate with Cisco ISE.
- C. The 802.1X timeout period is too long.
- D. The DHCP probe for Cisco ISE is not working as expected.
Correct Answer: C
QUESTION 5
An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured, in addition to Active Directory groups, to achieve this goal? (Choose two.)
- A. Library Condition for External Identity: External Groups
- B. LDAP External Identity Sources
- C. Library Condition for Identity Group: User Identity Group
- D. Identity Source Sequences
- E. Active Directory External Identity Sources
Correct Answer: AE
QUESTION 6
An engineer tests Cisco ISE posture services on the network and must configure the compliance module to automatically download and install on endpoints. Which action accomplishes this task for VPN users?
- A. Push the compliance module from Cisco FTD prior to attempting posture.
- B. Create a Cisco AnyConnect configuration and Client Provisioning policy within Cisco ISE.
- C. Use a compound posture condition to check for the compliance module and download, if needed.
- D. Configure the compliance module to be downloaded from within the posture policy.
Correct Answer: B
QUESTION 7
An administrator is configuring a Cisco WLC for web authentication. Which two client profiling methods are enabled by default if the Apply Cisco ISE Default Settings check box has been selected? (Choose two.)
- A. DHCP
- B. CDP
- C. SNMP
- D. LLDP
- E. HTTP
Correct Answer: AE
QUESTION 8
An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the default guest types. How should this configuration change be made without disrupting the other guest services currently offering three or more guest devices per user?
- A. Create a new sponsor group and adjust the settings to limit the devices for each guest.
- B. Create an LDAP login for each guest and tag that in the guest portal for authentication.
- C. Create a new guest type and set the maximum number of devices sponsored guests can register.
- D. Create an ISE identity group to add users to and limit the number of logins via the group configuration.
Correct Answer: C
QUESTION 9
An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords. Which two features must be configured to allow for this? (Choose two.)
- A. hotspot guest portal
- B. central WebAuth
- C. self-registered guest portal
- D. device registration WebAuth
- E. local WebAuth
Correct Answer: AD
QUESTION 10
A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network. Which EAP type must be configured by the network administrator to complete this task?
- A. EAP-PEAP-MSCHAPv2
- B. EAP-TLS
- C. EAP-TTLS
- D. EAP-FAST
Correct Answer: B
SPOTO is the market leader and is regarded as the best in the field when it comes to offering candidates for Cisco Certification training materials that are both current and up-to-date to prepare for the 300-715 test. To stay current with the most recent industry trends and best practices, real, trained specialists continually revise and update the Cisco training materials. In order to keep the Cisco certification current, this is done. You will gain first-hand exposure with the most pertinent Cisco concepts and technologies that are now accessible to ensure that you are completely prepared for the test.