Browse Exams Pricing

Exams300-715Questions

300-715 Exam Questions

419 real 300-715 exam questions with expert-verified answers and explanations. Page 7 of 9.

Question #301Network Access Device Administration
An engineer is configuring a new switch to deploy in the campus network. The task is to configure TACACS+ and RADIUS authentication using the new switch and Cisco ISE. What is the...
Cisco ISENAD managementTACACS+RADIUS
Question #302Architecture and Deployment
Which file setup method is supported by ZTP on physical appliances?
ZTPPhysical Appliance DeploymentCisco ISE InstallationImage File Formats
Question #303Policy Enforcement
What is configured to enforce the blocklist permissions and deny access to clients in the blocklist to protect against a lost or stolen device obtaining access to the network?
Authorization PoliciesBlocklist EnforcementDevice Access ControlCisco ISE
Question #304Profiler
An administrator in a health facility must assign a medical device to a static profiling policy. Under which settings group must it be configured?
Cisco ISEProfilingStatic AssignmentPolicy Configuration
Question #305Web Auth and Guest Services
An engineer must configure guest access on Cisco ISE for company visitors. Which step must be taken on the Cisco ISE PSNs before a guest portal is configured?
Guest AccessCisco ISESSL CertificatesGuest Portal
Question #306BYOD
A network engineer is configuring a portal on Cisco ISE for employees. Employees must use this portal when registering personal devices with native supplicants. For onboarding devi...
BYOD PortalDevice OnboardingNative SupplicantCisco ISE
Question #307Web Auth and Guest Services
An engineer must configure web redirection for guests to a portal where no authentication is required and an Acceptable Use Policy must be accepted by the guest before network acce...
Cisco ISEGuest PortalHotspot PortalAUP
Question #308Architecture and Deployment
A network engineer is in the predeployment discovery phase of a Cisco ISE deployment and must discover the network. There is an existing NMS in the network. Which type of probe mus...
Cisco ISENetwork DiscoverySNMPPredeployment
Question #309Profiler
An engineer must organize endpoints in a Cisco ISE identity management store to improve the operational management of IP phone endpoints. The endpoints must meet these requirements...
Endpoint Identity GroupsCisco ISE ProfilingEndpoint ClassificationIdentity Management
Question #310Policy Enforcement
A network engineer must remove a device that has been allowlisted. How should the engineer remove it manually on Cisco ISE?
Endpoint ManagementCisco ISE GUIIdentity GroupsAllowlist Management
Question #311Network Access Device Administration
An engineer is adding a new network device to be used with 802.1X authentication. After configuring the device, the engineer notices that no endpoints that connect to the switch ar...
802.1XSwitch ConfigurationNetwork Access ControlNAD Administration
Question #312BYOD
A user is attempting to register a BYOD device to the Cisco ISE deployment but needs to use the onboarding policy to request a digital certificate and provision the endpoint. What...
BYOD onboardingNative Supplicant ProvisioningDigital CertificateEndpoint Provisioning
Question #313Policy Enforcement
Which platform does a Windows-based device download the Network Assistant from?
Cisco ISEClient ProvisioningNetwork Access EnablerPolicy Enforcement
Question #314Network Access Device Administration
An administrator must provide administrative access to the helpdesk users on production Cisco IOS routers. The solution must meet these requirements: - Authenticate the users again...
Cisco ISEDevice AdministrationTACACS+Command Authorization
Question #315Policy Enforcement
An engineer must create an authentication policy in Cisco ISE to allow wired printers that lack support for 802.1X onto the network. What must the RadiusFlowType be set to in the p...
MABWired AuthenticationAuthentication PolicyNon-802.1X
Question #316Architecture and Deployment
An engineer is starting to implement a wired 802.1X project throughout the campus. The task is for failed authentication to be logged to Cisco ISE and also have a minimal impact on...
802.1XWired AuthenticationMonitor ModeCisco ISE
Question #317Architecture and Deployment
An engineer wants to preselect AD groups to be used in the access policy after integrating Cisco ISE with an active directory. Which configuration steps must the engineer take to a...
Cisco ISEActive Directory IntegrationIdentity SourcesGroup Management
Question #318Policy Enforcement
An enterprise uses a separate PSN for each of its four remote sites. Recently, a user reported receiving an "EAP-TLS authentication failed" message when moving between remote sites...
EAP-TLSCertificatesAuthentication FailurePSN
Question #319Endpoint Compliance
An engineer must configure posture updates. The task is to ensure the latest set of predefined checks and operating system information is updated. The checks must take place regula...
Posture updatesCompliance moduleISE configurationPredefined checks
Question #320Policy Enforcement
An engineer must develop a policy that utilizes AD group membership on Cisco ISE. Which type of policy element must the engineer configure to create an AD group within a policy?
Cisco ISEPolicy EnforcementActive Directory IntegrationAuthorization Policies
Question #321Policy Enforcement
An engineer is working on a switch and must tag packets with SGT values such that it learns via SXP. Which command must be entered to meet this requirement?
DHCP SnoopingSGT (Security Group Tag)SXP (Security Group Tag Exchange Protocol)TrustSec
Question #322Architecture and Deployment
Which file extension is required when deploying Cisco ISE using a ZTP configuration file in Microsoft Hyper-V?
Cisco ISE deploymentZTP configurationHyper-V virtualizationImage file format
Question #323Profiler
A network engineer must enable a profiling probe. The profiling must take details through the Active Directory. Where in the Cisco ISE interface would the engineer enable the probe...
Profiling probe setupISE GUI navigationSystem deploymentActive Directory integration
Question #324Web Auth and Guest Services
Guest users report repeated prompts to authenticate with the portal when connecting to a wireless network. An administrator must configure Cisco ISE to reduce the number of prompts...
Guest AccessMAC Authentication Bypass (MAB)Cisco ISEWeb Authentication
Question #325Profiler
A network is going through major hardware upgrades and is using Cisco ISE for network access control. Network devices are being added and removed regularly and the Cisco ISE admini...
Cisco ISEDevice DiscoverySNMP TrapsProfiler Probes
Question #326Web Auth and Guest Services
A network security administrator needs a web authentication configuration when a guest user connects to the network with a wireless connection using these steps: - An initial MAB r...
Web AuthenticationGuest AccessCisco ISEURL Redirection
Question #327Policy Enforcement
A network engineer received alerts from the monitoring platform that a switch port exists with multiple sessions. RADIUS CoA using Cisco ISE must be used to address the issue. Whic...
RADIUS CoACisco ISEPolicy EnforcementNetwork Access Control
Question #328Policy Enforcement
The security team identified a rogue endpoint with MAC address 00:47:44:40:54:1A attached to the network. Which action must security engineer take within Cisco ISE to effectively r...
Endpoint QuarantineMAC Address FilteringISE Policy EnforcementRogue Endpoint
Question #329Network Access Device Administration
An administrator must configure Cisco ISE to authenticate a user accessing a Cisco Adaptive Security Appliance firewall using SSH. The solution must meet these requirements: - The...
Cisco ISEDevice AdministrationTACACS+Command Authorization
Question #330Architecture and Deployment
Which nodes are supported in a distributed Cisco ISE deployment?
ISE DeploymentNode RolesHigh AvailabilityPolicy Service Node
Question #331Policy Enforcement
An engineer is starting to implement a wired 802.1X project throughout the campus. The task is to ensure that the authentication procedure is disabled on the ports but still allows...
802.1XPort ControlWired Authentication
Question #332Profiler
An engineer wants to ease the management of endpoint identity groups from the Cisco ISE GUI. From the Identity Management menu in Cisco ISE, the engineer must be able to list the e...
Cisco ISEIdentity GroupsFilteringGUI Management
Question #333BYOD
Which controller option allows a user to switch from the provisioning SSID to the employee SSID after registration?
Wireless NetworksSSID ManagementClient OnboardingCisco ISE
Question #334Profiler
An engineer must use Cisco ISE profiler services to provide network access to Cisco IP phones that cannot support 802.1X. Cisco ISE is configured to use the access switch device se...
ISE ProfilingDevice SensorCDPLLDP
Question #335Policy Enforcement
A network administrator is configuring a new access switch to use with Cisco ISE for network access control. There is a need to use a centralized server for the reauthentication ti...
NAC Switch ConfigurationCisco ISE IntegrationReauthentication Timers
Question #336Web Auth and Guest Services
A network engineer must configure a centralized Cisco ISE solution for wireless guest access with users in different time zones. The guest account activation time must be independe...
Guest AccessCisco ISETime ProfileSelf-Registration
Question #337Profiler
An administrator must configure Cisco ISE profiling services and the Cisco switch device sensor feature to provide user access using the AD-Join-Point and AD-Operating-System attri...
Cisco ISE ProfilingActive Directory ProbeLogical ProfilesProfiling Conditions
Question #338Web Auth and Guest Services
A network engineer must create a guest portal for wireless guests on Cisco ISE. The guest users must not be able to create accounts; however, the portal should require a username a...
Cisco ISEGuest PortalSponsored Guest AccessWeb Authentication
Question #339Policy Enforcement
A technician must configure MAB on an access switch. Due to a protocol error, the engineer discovers that MAB cannot authenticate. For MAB to function, which protocol must be enabl...
MABAuthentication ProtocolsCisco ISENetwork Access Control
Question #340Profiler
A network engineer is configuring a Cisco WLC in order to find out more information about the devices that are connecting. This information must be sent to Cisco ISE to be used in...
ProfilerDHCPCisco WLCCisco ISE
Question #341Network Access Device Administration
Which device acts as an authenticator during the 802.1X authentication process?
802.1XAuthenticatorNetwork Access ControlCisco Switch
Question #342Policy Enforcement
An engineer must use certificate authentication for endpoints that connect to a wired network with a Cisco ISE deployment. The engineer must define the certificate field used as th...
Certificate AuthenticationCisco ISEAuthentication ProfileIdentity Extraction
Question #343Network Access Device Administration
What is a difference between TACACS+ compared to RADIUS? (Choose two.)
TACACS+RADIUSAAA ProtocolsNetwork Access Control
Question #344Policy Enforcement
A client with MAC address 04:77:10:14:67:AB connects to the network. The client does not support 802.1X. Which setting must be enabled in the Allowed Authentication Protocols list...
MAC Authentication Bypass (MAB)Cisco ISEAuthentication PolicyProcess Host Lookup
Question #345Endpoint Compliance
A network engineer must configure a policy rule to check the endpoint. The policy must ensure disk encryption is enabled and the appropriate antivirus software version is installed...
Endpoint CompliancePosture AssessmentCisco ISE PolicyCompound Conditions
Question #346Policy Enforcement
Which persona configuration feature is used when setting personas in Cisco ISE for a node that will give network access and receive RADIUS requests?
Cisco ISEPolicy Service NodePersonasRADIUS AAA
Question #347Web Auth and Guest Services
Refer to the exhibit. An engineer needs to configure central web authentication on the Cisco Wireless LAN Controller to use Cisco ISE for all guests connected to the wireless netwo...
Cisco ISECentral Web AuthenticationGuest AccessAuthorization Policy
Question #348Architecture and Deployment
An endpoint with the MAC address 04:85:70:26:64:AB attempts to connect to the network. The security administrator wants to ensure that before authentication, only limited access is...
ISE Deployment Modes802.1X AuthenticationPre-authentication AccessNetwork Access Control
Question #349Network Access Device Administration
What is a difference between TACACS+ as compared to RADIUS from an AAA perspective?
TACACS+RADIUSAAAProtocol comparison
Question #350BYOD
A network engineer must configure BYOD using Cisco ISE. In the deployment, the users must be able to submit CSR through the end devices. Which two features must be enabled to meet...
BYODCisco ISECertificate ProvisioningInternal CA

PreviousPage 7 of 9Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.