You Can Read More 300-715 Free Dumps (Part 3, Q81-Q120) Today to Verify the 300-715 Exam Dumps (V21.02) Again

1. Refer to the exhibit.

A network engineers configuring the switch to accept downloadable ACLs from a Cisco ISC server.

Which two commands should be run to complete the configuration? (Choose two)

2. An organization wants to standardize the 802 1X configuration on their switches and remove static ACLs on the switch ports while allowing Cisco ISE to communicate to the switch what access to provide.

What must be configured to accomplish this task?

3. Refer to the exhibit.

An organization recently implemented network device administration using Cisco ISE. Upon testing the ability to access all of the required devices, a user in the Cisco ISE group IT Admins is attempting to login to a device in their organization's finance department but is unable to.

What is the problem?

4. A policy is being created in order to provide device administration access to the switches on a network. There is a requirement to ensure that if the session is not actively being used, after 10 minutes, it will be disconnected.

Which task must be configured in order to meet this requirement?

5. What are two requirements of generating a single signing in Cisco ISE by using a certificate provisioning portal, without generating a certificate request? (Choose two)

6. Which two probes must be enabled for the ARP cache to function in the Cisco ISE profile service so that a user can reliably bind the IP address and MAC addresses of endpoints? (Choose two.)

7. What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?

8. What happens when an internal user is configured with an external identity store for authentication, but an engineer uses the Cisco ISE admin portal to select an internal identity store as the identity source?

9. Which two actions occur when a Cisco ISE server device administrator logs in to a device? (Choose two)

10. Which port does Cisco ISE use for native supplicant provisioning of a Windows laptop?

11. An administrator is configuring posture with Cisco ISE and wants to check that specific services are present on the workstations that are attempting to access the network.

What must be configured to accomplish this goal?

12. Which statement about configuring certificates for BYOD is true?

13. Refer to the exhibit:

Which command is typed within the CU of a switch to view the troubleshooting output?

14. A company is attempting to improve their BYOD policies and restrict access based on certain criteria. The company's subnets are organized by building.

Which attribute should be used in order to gain access based on location?

15. An engineer is working with a distributed deployment of Cisco ISE and needs to configure various network probes to collect a set of attributes from the used to accomplish this task?

16. When setting up profiling in an environment using Cisco ISE for network access control, an organization must use non-proprietary protocols for collecting the information at layer 2.

Which two probes will provide this information without forwarding SPAN packets to Cisco ISE? {Choose two.)

17. Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles? (Choose two.)

18. What allows an endpoint to obtain a digital certificate from Cisco ISE during a BYOD flow?

19. What service can be enabled on the Cisco ISE node to identity the types of devices connecting to a network?

20. Which Cisco ISE service allows an engineer to check the compliance of endpoints before connecting to the network?

21. An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication.

Which access will be denied in this?

22. A network administrator is setting up wireless guest access and has been unsuccessful in testing client access. The endpoint is able to connect to the SSID but is unable to grant access to the guest network through the guest portal.

What must be done to identify the problem?

23. An engineer is using Cisco ISE and configuring guest services to allow wireless devices to access the network.

Which action should accomplish this task?

24. An organization is hosting a conference and must make guest accounts for several of the speakers attending. The conference ended two days early but the guest accounts are still being used to access

the network.

What must be configured to correct this?

25. An engineer is configuring 802.1X and wants it to be transparent from the users' point of view. The implementation should provide open authentication on the switch ports while providing strong levels of security for non-authenticated devices.

Which deployment mode should be used to achieve this?

26. DRAG DROP

An organization wants to implement 802.1X and is debating whether to use PEAP-MSCHAPv2 or PEAP-EAP-TLS for authentication.

Drag the characteristics on the left to the corresponding protocol on the right.

27. A network engineer is configuring guest access and notices that when a guest user registers a second device for access, the first device loses access.

What must be done to ensure that both devices for a particular user are able to access the guest network simultaneously?

28. Which use case validates a change of authorization?

29. When creating a policy within Cisco ISE for network access control, the administrator wants to allow different access restrictions based upon the wireless SSID to which the device is connecting.

Which policy condition must be used in order to accomplish this?

30. Which two ports do network devices typically use for CoA? (Choose two)

31. What are two benefits of TACACS+ versus RADIUS for device administration? (Choose two)

32. An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network They have multiple vendors’ firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this.

What should be done to enable this type of posture check?

33. Which two features must be used on Cisco ISE to enable the TACACS. feature? (Choose two)

34. Which portal is used to customize the settings for a user to log in and download the compliance module?

35. Refer to the exhibit

In which scenario does this switch configuration apply?

36. An administrator is adding network devices for a new medical building into Cisco ISE. These devices must be in a network device group that is identifying them as "Medical Switch" so that the policies can be made separately for the endpoints connecting through them.

Which configuration item must be changed in the network device within Cisco ISE to accomplish this goal?

37. An engineer is tasked with placing a guest access anchor controller in the DMZ.

Which two ports or port sets must be opened up on the firewall to accomplish this task? (Choose two.)

38. What is a characteristic of the UDP protocol?

39. An engineer is designing a new distributed deployment for Cisco ISE in the network and is considering failover options for the admin nodes. There is a need to ensure that an admin node is available for configuration of policies at all times.

What is the requirement to enable this feature?

40. An engineer is configuring Cisco ISE to reprofile endpoints based only on new requests of INIT-REBOOT and SELECTING message types.

Which probe should be used to accomplish this task?