Choose 300-715 Exam Dumps (V21.02) for Risk-Free Preparation: 300-715 Free Dumps (Part 2, Q41-Q80) Are Available

1. An engineer is implementing Cisco ISE and needs to configure 802.1X. The port settings are configured for port-based authentication.

Which command should be used to complete this configuration?

2. DRAG DROP

Drag the Cisco ISE node types from the left onto the appropriate purposes on the right.

3. When configuring an authorization policy, an administrator cannot see specific Active Directory groups present in their domain to be used as a policy condition. However, other groups that are in the same domain are seen.

What is causing this issue?

4. What does the dot1x system-auth-control command do?

5. An administrator needs to connect ISE to Active Directory as an external authentication source and allow the proper ports through the firewall.

Which two ports should be opened to accomplish this task? (Choose two)

6. A network engineer needs to ensure that the access credentials are not exposed during the 802.1x authentication among components.

Which two protocols should complete this task?

7. What is a function of client provisioning?

8. What must be configured on the WLC to configure Central Web Authentication using Cisco ISE and a WLC?

9. A network administrator is configuring authorization policies on Cisco ISE There is a requirement to use AD group assignments to control access to network resources After a recent power failure and Cisco ISE rebooting itself, the AD group assignments no longer work.

What is the cause of this issue?

10. There are several devices on a network that are considered critical and need to be placed into the ISE database and a policy used for them. The organization does not want to use profiling.

What must be done to accomplish this goal?

11. Which term refers to an endpoint agent that tries to join an 802 1X-enabled network?

12. Which protocol must be allowed for a BYOD device to access the BYOD portal?

13. There is a need within an organization for a new policy to be created in Cisco ISE. It must validate that a specific anti-virus application is not only installed, but running on a machine before it is allowed access to the network.

Which posture condition should the administrator configure in order for this policy to work?

14. What is a method for transporting security group tags throughout the network?

15. An engineer is migrating users from MAB to 802.1X on the network. This must be done during normal business hours with minimal impact to users.

Which CoA method should be used?

16. A company manager is hosting a conference. Conference participants must connect to an open guest SSID and only use a preassigned code that they enter into the guest portal prior to gaining access to the network.

How should the manager configure Cisco ISE to accomplish this goal?

17. An administrator is configuring TACACS+ on a Cisco switch but cannot authenticate users with Cisco ISE. The configuration contains the correct key of Cisc039712287. but the switch is not receiving a response from the Cisco ISE instance.

What must be done to validate the AAA configuration and identify the problem with the TACACS+ servers?

18. An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic.

Which type of access list should be used for this configuration?

19. A network engineer is configuring a network device that needs to filter traffic based on security group tags using a security policy on a routed into this task?

20. Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two.)

21. Which personas can a Cisco ISE node assume'?

22. Which three default endpoint identity groups does cisco ISE create? (Choose three)

23. An administrator is configuring new probes to use with Cisco ISE and wants to use metadata to help profile the endpoints. The metadata must contain traffic information relating to the endpoints instead of industry-standard protocol information.

Which probe should be enabled to meet these requirements?

24. A network engineer must enforce access control using special tags, without re-engineering the network design.

Which feature should be configured to achieve this in a scalable manner?

25. What should be considered when configuring certificates for BYOD?

26. A network administrator changed a Cisco ISE deployment from pilot to production and noticed that the JVM memory utilization increased significantly. The administrator suspects this is due to replication between the nodes.

What must be configured to minimize performance degradation?

27. Which two methods should a sponsor select to create bulk guest accounts from the sponsor portal? (Choose two)

28. Which configuration is required in the Cisco ISE authentication policy to allow Central Web Authentication?

29. During BYOD flow, from where does a Microsoft Windows PC download the Network Setup Assistant?

30. Which supplicant(s) and server(s) are capable of supporting EAP-CHAINING?

31. If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?

32. When configuring Active Directory groups, what does the Cisco ISE use to resolve ambiguous group names?

33. An engineer is configuring web authentication using non-standard ports and needs the switch to redirect traffic to the correct port.

Which command should be used to accomplish this task?

34. Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of?

35. Which two components are required for creating a Native Supplicant Profile within a BYOD flow? (Choose two)

36. Which two default endpoint identity groups does Cisco ISE create? (Choose two)

37. What occurs when a Cisco ISE distributed deployment has two nodes and the secondary node is deregistered?

38. Which are two characteristics of TACACS+? (Choose two)

39. DRAG DROP

Drag and drop the description from the left onto the protocol on the right that is used to carry out system authentication, authentication, and accounting.

40. An administrator is attempting to replace the built-in self-signed certificates on a Cisco ISE appliance. The CA is requesting some information about the appliance in order to sign the new certificate.

What must be done in order to provide the CA this information?