Browse Exams Pricing

Exams300-715Questions

300-715 Exam Questions

419 real 300-715 exam questions with expert-verified answers and explanations. Page 4 of 9.

Question #151Endpoint Compliance
An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the netw...
Cisco ISE PostureEndpoint CompliancePosture ConditionsHost-based Firewall
Question #152Architecture and Deployment
An organization wants to split their Cisco ISE deployment to separate the device administration functionalities from the mam deployment. For this to work, the administrator must de...
Cisco ISENode ManagementPrimary PANDeployment Architecture
Question #153Profiler
An organization is adding new profiling probes to the system to improve profiling on Oseo ISE. The probes must support a common network management protocol to receive information a...
Cisco ISE ProfilingSNMPNetwork Device IntegrationEndpoint Visibility
Question #154Architecture and Deployment
A network administrator is configuring a secondary cisco ISE node from the backup configuration of the primary cisco ISE node to create a high availability pair. The Cisco ISE CA c...
Cisco ISEHigh Availability (HA)Node ConfigurationCertificate Management
Question #155BYOD
An employee logs on to the My Devices portal and marks a currently on-boarded device as `Lost'. Which option is correct?
BYOD Device ManagementMy Devices PortalEndpoint RegistrationCertificate Revocation
Question #156Policy Enforcement
An administrator connects an HP printer to a dot1x enable port, but the printer in not accessible. Which feature must the administrator enable to access the printer?
MAC Authentication Bypass802.1XNetwork Access ControlDevice Authentication
Question #157Policy Enforcement
A new employee just connected their workstation to a Cisco IP phone. The network administrator wants to ensure that the Cisco IP phone remains online when the user disconnects thei...
CoA802.1XMulti-domain authenticationSession Management
Question #158Network Access Device Administration
An administrator is configuring cisco ISE lo authenticate users logging into network devices using. Which action ensures the users are able to log into the network devices?
Cisco ISEDevice AdministrationPSN PersonaTACACS+
Question #159Endpoint Compliance
A network administrator must use Cisco ISE to check whether endpoints have the correct version of antivirus installed. Which action must be taken to allow this capability?
Endpoint PostureAntivirus CheckCisco AnyConnectCompliance Module
Question #160Policy Enforcement
A network administrator must configura endpoints using an 802 1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents...
802.1XEAP-TLSCertificate-based authenticationCisco ISE
Question #161Network Access Device Administration
Refer to the exhibit. An engineer is creating a new TACACS+ command set and cannot use any show commands after logging into the device with this command set authorization. Which co...
TACACS+Command AuthorizationWildcard SyntaxCisco ISE
Question #162Web Auth and Guest Services
An organization is migrating its current guest network to Cisco ISE and has 1000 guest users in the current database. There are no resources to enter this information into the Cisc...
Guest accountsData importCisco ISEUser migration
Question #163Endpoint Compliance
MacOS users are complaining about having to read through wordy instructions when remediating their workstations to gam access to the network. Which alternate method should be used...
Endpoint RemediationUser ExperienceInstruction DeliveryNetwork Access Control
Question #164Policy Enforcement
Refer to the exhibit. Which component must be configured to apply the SGACL?
SGACLTrustSecPolicy EnforcementNetwork Devices
Question #165Architecture and Deployment
What does a fully distributed Cisco ISE deployment include?
Cisco ISEDeployment ArchitectureDistributed DeploymentISE Personas
Question #166Web Auth and Guest Services
A network engineer has been tasked with enabling a switch to support standard web authentication for Cisco ISE. This must include the ability to provision for URL redirection on au...
Web AuthenticationCisco ISESwitch ConfigurationURL Redirection
Question #167Web Auth and Guest Services
An engineer is configuring a dedicated SSID for onboarding devices. Which SSID type accomplishes this configuration?
Guest SSIDDevice OnboardingWeb AuthenticationCisco ISE Guest Services
Question #168Profiler
An engineer is implementing network access control using Cisco ISE and needs to separate the traffic based on the network device ID and use the IOS device sensor capability. Which...
Cisco ISE ProfilingIOS Device SensorRADIUS ProbesEndpoint Identification
Question #169Profiler
An administrator is trying to collect metadata information about the traffic going across the network to gam added visibility into the hosts. This Information will be used to creat...
ISE ProfilingDHCP ProbeEndpoint IdentificationNetwork Device Visibility
Question #170Policy Enforcement
A laptop was stolen and a network engineer added it to the block list endpoint identity group. What must be done on a new Cisco ISE deployment to redirect the laptop and restrict a...
Cisco ISEAuthorization PolicyPortal RedirectionBlocked Endpoints
Question #171Network Access Device Administration
An administrator is migrating device administration access to Cisco ISE from the legacy TACACS+ solution that used only privilege 1 and 15 access levels. The organization requires...
TACACS+Device AdministrationCisco ISECommand Authorization
Question #172Network Access Device Administration
An administrator is configuring RADIUS on a Cisco switch with a key set to Cisc403012128 but is receiving the error "Authentication failed: 22040 Wrong password or invalid shared s...
RADIUS Shared SecretNAD ConfigurationCisco ISE Troubleshooting
Question #173Architecture and Deployment
Drag and Drop Question Drag the descriptions on the left onto the components of 802.1X on the right. Answer:
802.1XNetwork Access ControlAuthentication ProtocolsAccess Control Architecture
Question #174Architecture and Deployment
An engineer builds a five-node distributed Cisco ISE deployment. The first two deployed nodes are responsible for the primary and secondary administration and monitoring personas....
Cisco ISE deploymentCisco ISE personasPolicy Service Node (PSN)Authentication
Question #175Network Access Device Administration
What are two differences between the RADIUS and TACACS+ protocols? (Choose two.)
RADIUSTACACS+AAA protocolsProtocol differences
Question #176Network Access Device Administration
An administrator adds a new network device to the Cisco ISE configuration to authenticate endpoints to the network. The RADIUS test fails after the administrator configures all of...
RADIUS authenticationISE configurationNetwork device setupTroubleshooting
Question #177Profiler
An administrator is configuring a new profiling policy within Cisco ISE. The organization has several endpoints that are the same device type and all have the same Block ID in thei...
Cisco ISE ProfilingMAC OUICustom Profiling PolicyEndpoint Identification
Question #178BYOD
A network administrator is configuring client provisioning resource policies for client machines and must ensure that an agent pop-up is presented to the client when attempting to...
Client ProvisioningAuthorization PolicyAgent OnboardingURL Redirection
Question #179Architecture and Deployment
A network administrator must configure Cisco SE Personas in the company to share session information via syslog. Which Cisco ISE personas must be added to syslog receivers to accom...
Cisco ISEPersonasSyslogSession InformationMonitoring
Question #180Policy Enforcement
A network administrator notices that after a company-wide shut down, many users cannot connect their laptops to the corporate SSID. What must be done to permit access in a timely m...
EAP-TLS authenticationCertificate expiryNetwork access issuesTemporary access solutions
Question #181Architecture and Deployment
What is the maximum number of PSN nodes supported in a medium-sized deployment?
Cisco ISEPSN nodesdeployment sizingarchitecture
Question #182Endpoint Compliance
An engineer tests Cisco ISE posture services on the network and must configure the compliance module to automatically download and install on endpoints. Which action accomplishes t...
Cisco ISEPosture ServicesClient ProvisioningAnyConnect VPN
Question #183Architecture and Deployment
Users in an organization report issues about having to remember multiple usernames and passwords. The network administrator wants the existing Cisco ISE deployment to utilize an ex...
ISE AD IntegrationExternal Identity SourcesDirectory ServicesDeployment Prerequisites
Question #184Policy Enforcement
Which two external identity stores support EAP-TLS and PEAP-TLS? (Choose two.)
EAP-TLSPEAP-TLSExternal Identity StoresAuthentication Protocols
Question #185Endpoint Compliance
What is a function of client provisioning?
Client ProvisioningPosture AgentEndpoint ComplianceCisco ISE
Question #186Policy Enforcement
An administrator is troubleshooting an endpoint that is supposed to bypass 802.1X and use MAB. The endpoint is bypassing 802.1X and successfully getting network access using MAB. H...
MAB802.1X FallbackDHCP TroubleshootingAuthentication Timing
Question #187Policy Enforcement
A Cisco ISE administrator must restrict specific endpoints from accessing the network while in closed mode. The requirement is to have Cisco ISE centrally store the endpoints to re...
Cisco ISEAuthorization PolicyIdentity GroupsEndpoint Restriction
Question #188Architecture and Deployment
An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy. Which two components must be configured,...
Cisco ISEActive Directory IntegrationExternal Identity SourceAuthorization Policy
Question #189Architecture and Deployment
An engineer is working with a distributed deployment of Cisco ISE and needs to configure various network probes to collect a set of attributes from the endpoints on the network. Wh...
Cisco ISEDistributed DeploymentPSNEndpoint Profiling
Question #190Network Access Device Administration
An engineer is configuring TACACS+ within Cisco ISE for use with a non-Cisco network device. They need to send special attributes in the Access-Accept response to ensure that the u...
TACACS+ISE Shell ProfilesDevice AdministrationCustom Attributes
Question #191Policy Enforcement
An engineer is configuring Cisco ISE policies to support MAB for devices that do not have 802.1X capabilities. The engineer is configuring new endpoint identity groups as condition...
Cisco ISEMABAuthorization PoliciesEndpoint Identity Groups
Question #192Profiler
An administrator is configuring a Cisco WLC for web authentication. Which two client profiling methods are enabled by default if the Apply Cisco ISE Default Settings check box has...
Client ProfilingCisco WLCCisco ISE IntegrationWeb Authentication
Question #193Web Auth and Guest Services
An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords. Which two features must be configured to allow for this? (C...
Guest AccessHotspot PortalWeb AuthenticationDevice Registration
Question #194Profiler
An engineer is enabling a newly configured wireless SSID for tablets and needs visibility into which other types of devices are connecting to it. What must be done on the Cisco WLC...
Cisco WLC ConfigurationCisco ISE ProfilingMAC AuthenticationNetwork Access Control
Question #195Policy Enforcement
A network administrator is currently using Cisco ISE to authenticate devices and users via 802.1X. There is now a need to also authorize devices and users using EAP-TLS. Which two...
Cisco ISEEAP-TLSAuthentication ProfilesAuthorization Profiles
Question #196Web Auth and Guest Services
An engineer is configuring sponsored guest access and needs to limit each sponsored guest to a maximum of two devices. There are other guest services in production that rely on the...
Guest AccessSponsored GuestGuest TypeDevice Limit
Question #197Web Auth and Guest Services
A Cisco ISE administrator needs to ensure that guest endpoint registrations are only valid for 1 day. When testing the guest policy flow, the administrator sees that the Cisco ISE...
Cisco ISE Guest ServicesEndpoint Purge PolicyGuest Portal ConfigurationIdentity Stores
Question #198BYOD
An employee must access the internet through the corporate network from a new mobile device that does not support native supplicant provisioning provided by Cisco ISE. Which portal...
Cisco ISEBYODDevice ProvisioningMy Devices Portal
Question #199Architecture and Deployment
An organization has a fully distributed Cisco ISE deployment. When implementing probes, an administrator must scan for unknown endpoints to learn the IP-to-MAC address bindings. Th...
Distributed DeploymentEndpoint ProfilingData SynchronizationPSN Roles
Question #200Profiler
An administrator is configuring a new profiling policy in Cisco ISE for a printer type that is missing from the profiler feed. The logical profile Printers must be used in the auth...
Cisco ISEProfilingLogical ProfilesAuthorization Policies

PreviousPage 4 of 9Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.