Browse Exams Pricing

Exams300-715Questions

300-715 Exam Questions

419 real 300-715 exam questions with expert-verified answers and explanations. Page 2 of 9.

Question #51Architecture and Deployment
An organization is adding nodes to their Cisco ISE deployment and has two nodes designated as primary and secondary PAN and MnT nodes. The organization also has four PSNs. An admin...
Cisco ISE deploymentNode personasDeployment limitationsPSN scaling
Question #52Policy Enforcement
What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?
RADIUS VSAsCisco-av-pairAuthorization ProfilesWeb Redirection
Question #53Policy Enforcement
Which two events trigger a CoA for an endpoint when CoA is enabled globally for ReAuth? (Choose two.)
CoAEndpoint ProfilingReauthorizationISE Policy
Question #54Architecture and Deployment
What is a requirement for Feed Service to work?
Cisco ISEFeed ServiceInternet ConnectivityUpdates
Question #55Web Auth and Guest Services
Which advanced option within a WLAN must be enabled to trigger Central Web Authentication for Wireless users on AireOS controller?
Central Web AuthenticationAireOS ControllerWLAN ConfigurationAAA Override
Question #56Web Auth and Guest Services
What is a valid guest portal type?
Cisco ISEGuest ServicesGuest PortalsSponsored Guest
Question #57Web Auth and Guest Services
What is needed to configure wireless guest access on the network?
Guest AccessWebAuth ACLCaptive PortalRedirection
Question #58Architecture and Deployment
The default Cisco ISE node configuration has which role or roles enabled by default?
Cisco ISE rolesDefault configurationNode deployment
Question #59Policy Enforcement
What does MAB stand for?
MABMAC AuthenticationAuthentication MethodsNetwork Access Control
Question #60Architecture and Deployment
What is the Cisco ISE default admin login name and password?
Cisco ISEAdmin AccountDefault CredentialsInitial Setup
Question #61Policy Enforcement
What is the condition that a Cisco ISE authorization policy cannot match?
Cisco ISEAuthorization PolicyPolicy ConditionsAttribute Matching
Question #62Architecture and Deployment
Which statement is not correct about the Cisco ISE Monitoring node?
Cisco ISE ArchitectureMonitoring NodeLog CollectionDistributed System
Question #63Profiler
The profiling data from network access devices is sent to which Cisco ISE node?
Cisco ISE architectureProfilerPolicy Service Node (PSN)Data flow
Question #64Architecture and Deployment
Drag and Drop Question Drag the Cisco ISE node types from the left onto the appropriate purposes on the right. Answer:
Cisco ISE ArchitectureISE Node TypesDistributed DeploymentPlatform Roles
Question #65Policy Enforcement
Which configuration is required in the Cisco ISE authentication policy to allow Central Web Authentication?
Cisco ISECentral Web Authentication (CWA)Authentication PolicyMAC Authentication Bypass (MAB)
Question #66Endpoint Compliance
Which portal is used to customize the settings for a user to log in and download the compliance module?
Cisco ISEClient Provisioning PortalEndpoint CompliancePosture Module
Question #67Policy Enforcement
Which term refers to an endpoint agent that tries to join an 802.1X-enabled network?
802.1XSupplicantEndpoint AuthenticationNetwork Access Control
Question #68Architecture and Deployment
Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two)
ISE HAPAN FailureDistributed DeploymentService Continuity
Question #69BYOD
Which protocol must be allowed for a BYOD device to access the BYOD portal?
BYODBYOD portalHTTPSWeb access
Question #70Profiler
An administrator enables the profiling service for Cisco ISE to use for authorization policies while in closed mode. When the endpoints connect, they receive limited access so that...
Cisco ISEProfilingChange of Authorization (CoA)Authorization Policies
Question #71Architecture and Deployment
Which types of design are required in the Cisco ISE ATP program?
ISE DesignHigh-level DesignLow-level DesignSecurity Architecture
Question #72Architecture and Deployment
If there is a firewall between Cisco ISE and an Active Directory external identity store, which port does not need to be open?
Cisco ISEActive Directory IntegrationFirewall PortsIdentity Store
Question #73Policy Enforcement
What are the three default behaviors of Cisco ISE with respect to authentication, when a user connects to a switch that is configured for 802.1X, MAB, and WebAuth? (Choose three)
ISE Authentication Flow802.1XMABDefault Policies
Question #74Architecture and Deployment
Which statement is true?
Cisco ISE LicensingLicense StackingBase LicenseAdvanced License
Question #75Profiler
In which scenario does Cisco ISE allocate an Advanced license?
Cisco ISE LicensingAdvanced LicenseDevice Profiling
Question #76Architecture and Deployment
Which Cisco ISE node does not support automatic failover?
Cisco ISENode RolesHigh AvailabilityFailover
Question #77Web Auth and Guest Services
Which scenario does not support Cisco ISE guest services?
Cisco ISE Guest ServicesWeb AuthenticationCentral WebAuthLocal WebAuth
Question #78Policy Enforcement
By default, which traffic does an 802.IX-enabled switch allow before authentication?
802.1XPre-authentication accessSwitch default ACLNetwork access control
Question #79Policy Enforcement
What does MAB leverage a MAC address for?
MABMAC Authentication BypassRADIUSAuthentication
Question #80Endpoint Compliance
Which three conditions can be used for posture checking? (Choose three.)
Posture AssessmentEndpoint ComplianceCisco ISEDevice Health Check
Question #81Policy Enforcement
Which use case validates a change of authorization?
Change of Authorization (CoA)Cisco ISEEndpoint ProfilingAuthorization Policy
Question #82Policy Enforcement
An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones. The phones do not have the ability to authenticate via 802.1X. Which command i...
MAC Authentication Bypass (MAB)IP Phone AuthenticationCisco ISENetwork Access Control
Question #83Policy Enforcement
A network engineer is configuring a network device that needs to filter traffic based on security group tags using a security policy on a routed into this task?
Security Group Tags (SGT)Cisco TrustSec (CTS)Policy EnforcementNAD Configuration
Question #84Profiler
An engineer is working with a distributed deployment of Cisco ISE and needs to configure various network probes to collect a set of attributes from the used to accomplish this task...
ISE ProfilerNetwork ProbesConfiguration ManagementPolicy Administration Node (PAN)
Question #85Profiler
An engineer is configuring Cisco ISE to reprofile endpoints based only on new requests of INIT- REBOOT and SELECTING message types. Which probe should be used to accomplish this ta...
Cisco ISEEndpoint ProfilingDHCP ProbingReprofiling
Question #86Web Auth and Guest Services
An engineer is using Cisco ISE and configuring guest services to allow wireless devices to access the network. Which action should accomplish this task?
Cisco ISEGuest ServicesWLCRedirect ACL
Question #87Web Auth and Guest Services
An engineer is configuring web authentication using non-standard ports and needs the switch to redirect traffic to the correct port. Which command should be used to accomplish this...
Web AuthenticationSwitch ConfigurationHTTP PortTraffic Redirection
Question #88Architecture and Deployment
An administrator needs to connect ISE to Active Directory as an external authentication source and allow the proper ports through the firewall. Which two ports should be opened to...
ISEActive Directory IntegrationNetwork PortsAuthentication Protocols
Question #89Policy Enforcement
Refer to the exhibit. A network engineers configuring the switch to accept downloadable ACLs from a Cisco ISC server. Which two commands should be run to complete the configuration...
Downloadable ACLsNetwork Access Control802.1XSwitch Configuration
Question #90Web Auth and Guest Services
An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication. Which access will be denied in this?
Cisco ISE deployment modesLow-impact modeWeb authenticationPre-authentication access
Question #91Policy Enforcement
A network engineer needs to ensure that the access credentials are not exposed during the 802.1x authentication among components. Which two protocols should complete this task?
802.1x authenticationEAP protocolsCredential protectionNetwork access security
Question #92Web Auth and Guest Services
An engineer is configuring a guest password policy and needs to ensure that the password complexity requirements are set to mitigate brute force attacks. Which two requirement comp...
Guest AccessPassword PolicyBrute Force PreventionSecurity Configuration
Question #93Network Access Device Administration
Which two actions occur when a Cisco ISE server device administrator logs in to a device? (Choose two)
Cisco ISEDevice AdministrationIdentity StoresAuthentication Process
Question #94Architecture and Deployment
When planning for the deployment of Cisco ISE, an organization's security policy dictates that they must use network access authentication via RADIUS. It also states that the deplo...
MABNetwork Access Authentication802.1X SupplicantCisco ISE
Question #95Architecture and Deployment
In a Cisco ISE split deployment model, which load is split between the nodes?
Cisco ISE DeploymentSplit Deployment ModelAAA ServicesPolicy Service Node (PSN)
Question #96Policy Enforcement
An engineer is implementing Cisco ISE and needs to configure 802.1X. The port settings are configured for port-based authentication. Which command should be used to complete this c...
802.1XSwitch configurationPort-based authenticationCisco IOS commands
Question #97Profiler
Which two default endpoint identity groups does Cisco ISE create? (Choose two )
Cisco ISEEndpoint Identity GroupsDefault Profiling GroupsProfiler
Question #98Architecture and Deployment
In a standalone Cisco ISE deployment, which two personas are configured on a node? (Choose two )
Cisco ISEDeployment ModelsISE PersonasStandalone Node
Question #99Policy Enforcement
What happens when an internal user is configured with an external identity store for authentication, but an engineer uses the Cisco ISE admin portal to select an internal identity...
Identity StoreAuthentication PolicyAuthentication FailureAdmin Portal
Question #100Web Auth and Guest Services
An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic. Which type of access list should be used for this configuration?
Web authenticationACL typesDNS trafficExtended ACL

PreviousPage 2 of 9Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.