Browse Exams Pricing

Exams300-715Questions

300-715 Exam Questions

419 real 300-715 exam questions with expert-verified answers and explanations. Page 8 of 9.

Question #351Endpoint Compliance
An administrator must deploy the Cisco Secure Client posture agent to employee endpoints that access a wireless network by using URL redirection in Cisco ISE. The compliance module...
Cisco Secure ClientISE Client ProvisioningPosture AgentCompliance Module
Question #352Network Access Device Administration
An administrator must configure Cisco ISE to authenticate the administrative superuser to manage a Cisco Adaptive Security Appliance firewall. The solution must meet the requiremen...
TACACS+Privilege LevelsCommand AuthorizationASA Integration
Question #353Network Access Device Administration
What is a primary function of RADIUS compared to TACACS?
RADIUSTACACS+AAA protocolsNetwork Access vs. Device Admin
Question #354Architecture and Deployment
Which two external identity stores are supported by Cisco ISE for password types? (Choose two.)
Identity StoresExternal AuthenticationLDAPRADIUS
Question #355Architecture and Deployment
An engineer configures Cisco ISE and Cisco Catalyst switches to enforce Cisco TrustSec policies. The engineer must use a nondisruptive deployment approach for new devices by deploy...
TrustSecSGT Exchange Protocol (SXP)Network DeploymentCisco ISE
Question #356Web Auth and Guest Services
Using the SAML protocol, an administrator must configure the Cisco ISE Sponsor portal to authenticate users with an external Microsoft Active Directory Federation Services server....
SAML IntegrationISE Sponsor PortalIdentity Source ConfigurationSponsor Group Authorization
Question #357Web Auth and Guest Services
A network administrator must restrict sponsor account privileges for managing guest accounts on Cisco ISE for a new account that is being created. Sponsor groups currently exist fo...
Cisco ISEGuest AccountsSponsor PortalRBAC
Question #358Endpoint Compliance
An engineer must configure a posture policy with Cisco Temporal Agent workflow. Which two configurations must the engineer apply to meet the requirement? (Choose two.)
Posture PolicyCisco ISETemporal AgentEndpoint Compliance
Question #359BYOD
Drag and Drop Question Drag and drop the steps of the onboarding process from the left into the order they authenticate on the right. Not all options are used. Answer:
Cisco ISEBYOD OnboardingAuthentication FlowClient Provisioning
Question #360Architecture and Deployment
A network security administrator must integrate Cisco ISE with Active Directory. The administrator must carry out a join operation. Which action must the security administrator tak...
Cisco ISEActive Directory IntegrationDomain JoinIdentity Management
Question #361Policy Enforcement
An engineer is deploying Cisco ISE in a network that contains an existing Cisco Secure Firewall ASA. The customer requested that Cisco TrustSec be configured so that Cisco ISE and...
TrustSecSXPASA IntegrationPolicy Enforcement
Question #362Policy Enforcement
Which component of the 802.1X authentication process provides the identity credentials and communicates using EAP at Layer 2?
802.1XEAPSupplicantNetwork Access Control
Question #363Policy Enforcement
An engineer is configuring a new Cisco ISE node. The Cisco ISE must make authorization decisions based on the threat and vulnerability attributes received from the threat and vulne...
Cisco ISE PersonaspxGridThreat Intelligence IntegrationAuthorization Policy
Question #364Architecture and Deployment
An engineer is configuring a new Cisco ISE node. Context-sensitive information must be shared between the Cisco ISE and a Cisco ASA. Which persona must be enabled?
Cisco ISE personaspxGridContext sharingIntegration
Question #365Policy Enforcement
An engineer is deploying Cisco ISE into an existing wireless environment for a hospital. The requirement from the customer is that the WLC use Cisco ISE for Central Web Authenticat...
Cisco ISECisco MSEAuthorization ProfileLocation-based access
Question #366Web Auth and Guest Services
Refer to the exhibit. An engineer must configure central web authentication on the Cisco Wireless LAN Controller to use Cisco ISE for all guests connected to the wireless network....
Central Web AuthenticationCisco ISE PortsGuest ServicesFirewall Configuration
Question #367Policy Enforcement
An engineer must provide network access using a Cisco ISE policy that matches the identity group of endpoints unrecognized by any Cisco ISE profilers and manually adds the endpoint...
Cisco ISEEndpoint identificationIdentity groupsManual endpoint entry
Question #368BYOD
An administrator must onboard MacOS endpoints that connect to Cisco switches using the BYOD portal in Cisco ISE. The authentication method must be configured to meet these requirem...
EAP-TLSMutual AuthenticationCertificatesBYOD Onboarding
Question #369BYOD
Which Cisco ISE feature enables administrators to enroll a certificate to an endpoint with MAC address 04:90:45:06:46:AA without the need for an external PKI?
ISE Internal CACertificate EnrollmentPKI ManagementEndpoint Onboarding
Question #370Endpoint Compliance
An administrator plans to use Cisco ISE to deploy posture policies to assess Microsoft Windows endpoints that run Cisco Secure Client. The administrator wants to minimize the occur...
Cisco ISEPosture PoliciesSecure ClientCompliance Module
Question #371Network Access Device Administration
An engineer is assigned to enhance security across the campus network. The task is to enable MAB across all access switches in the network. Which command must be entered on the swi...
MABMAC Authentication BypassSwitch configurationNetwork Access Control
Question #372Network Access Device Administration
An administrator must enable helpdesk users to view users' information on wireless LAN controllers in a Cisco ISE environment. The solution must meet these requirements: - Authenti...
ISE Device AdminTACACS+ RolesIdentity GroupsWLC Access Control
Question #373Network Access Device Administration
What is a difference between RADIUS compared to TACACS+?
RADIUSTACACS+AAA protocolsEncryption
Question #374Policy Enforcement
An administrator must configure Cisco ISE to send CoA requests to a Cisco switch using SNMP. These configurations were performed: - enabled SNMP on the switch - added the switch to...
Cisco ISEChange of Authorization (CoA)SNMPNetwork Access Device (NAD)
Question #375Network Access Device Administration
Drag and Drop Question A security engineer configures a Cisco Catalyst switch to use Cisco TrustSec. The engineer must define the PAC key to authenticate the switch to Cisco ISE. D...
Cisco TrustSecCisco ISEPAC keySwitch Configuration
Question #376Profiler
A network engineer is configuring a Cisco Wireless LAN Controller in order to find out more information about the devices that are connecting. This information must be sent to Cisc...
Device ProfilingCisco ISECisco WLCDHCP
Question #377Profiler
An engineer is configuring a new secure WLAN on a Cisco AireOS wireless LAN controller that has user authentication performed on a standalone Cisco ISE instance. The engineer wants...
Cisco ISE ProfilingAireOS WLC ConfigurationUser-Agent AttributesEndpoint Profiling
Question #378Network Access Device Administration
A network administrator adds network access devices to Cisco ISE. After a security breach, the management team mandates that all network devices must comply with certain standards....
Cisco ISENetwork Access Device (NAD)Change of Authorization (CoA)Port Configuration
Question #379Architecture and Deployment
A network security administrator must integrate Cisco ISE with Active Directory. The administrator must carry out a leave operation. Which action on Active Directory is needed to m...
Cisco ISEActive Directory IntegrationDomain OperationsMachine Account
Question #380Web Auth and Guest Services
The Cisco Wireless LAN Controller and guest portal must be set up in Cisco ISE. These configurations were performed: - configured all the required Cisco Wireless LAN Controller con...
Cisco ISEGuest ServicesSelf-RegistrationGuest Portal
Question #381Endpoint Compliance
What is the Microsoft security policy recommendation for fast user switching in Cisco ISE?
Cisco ISEMicrosoft security policyFast user switchingEndpoint security
Question #382Profiler
An administrator must provide wired network access to unidentified Cisco devices that fail 802.1X authentication. Cisco ISE profiling services must be configured to gather Cisco Di...
Cisco ISE ProfilingSNMP Query ProbeCDP/LLDPEndpoint Data Collection
Question #383Web Auth and Guest Services
A network engineer must define a Redirect ACL on a Cisco Wireless LAN Controller. The ACL must force unknown users to authenticate via a captive portal located on a Cisco ISE PSN o...
Captive PortalCisco ISECisco WLCFirewall Ports
Question #384Profiler
An administrator is deploying IOT connector with MAC address 11:22 33:44:55:AA that requires network access. New custom profiling policy must be configured in Cisco ISE in order to...
Cisco ISEProfiling PoliciesRADIUS AttributesIOT Devices
Question #385Network Access Device Administration
What is a difference between TACACS+ and RADIUS protocol traffic?
TACACS+RADIUSAAAProtocol Differences
Question #386BYOD
Refer to the exhibit. An engineer observes that users sometimes find their device after the device is declared stolen and block listed in Cisco ISE. What must be selected from the...
Cisco ISE My DevicesDevice ManagementEndpoint StatusSelf-service portal
Question #387Policy Enforcement
An engineer must use Cisco ISE to provide network access to endpoints that cannot support 802.1X. The endpoint MAC addresses must be allowlisted by configuring an endpoint identity...
Cisco ISEMAC Authentication Bypass (MAB)Authorization PolicyIdentity Groups
Question #388Architecture and Deployment
Which two VMware features are supported on a Cisco ISE virtual appliance? (Choose two.)
Cisco ISE Virtual ApplianceVMware IntegrationDeployment OptionsOVF Support
Question #389BYOD
An engineer must onboard secure Windows 11 laptops of directors on the BYOD portal by using Cisco ISE. Corporate security policies require the Cisco ISE internal CA to use an ECC c...
Cisco ISEInternal CAECC certificatesBYOD
Question #390Policy Enforcement
Wireless network users authenticate to Cisco ISE using 802.1X through a Cisco Catalyst switch. An engineer must create an updated configuration to assign a security group tag to th...
Cisco TrustSecSecurity Group Tag (SGT)Inline TaggingIP-to-SGT Mapping
Question #391Architecture and Deployment
A network security administrator wants to integrate Cisco ISE with Active Directory. Which configuration action must the security administrator take to accomplish the task?
Cisco ISEActive Directory IntegrationIdentity ManagementExternal Authentication
Question #392Policy Enforcement
Drag and Drop Question An engineer must configure a new user on the local internal database of the Cisco ISE so that the user has access to the resources and services on the Cisco...
Cisco ISEUser ConfigurationLocal DatabaseNetwork Access
Question #393Policy Enforcement
A Cisco ISE administrator must authenticate users against Microsoft Active Directory. The solution must meet these requirements: - Users and computers must be authenticated. - User...
Authentication ProtocolsActive Directory IntegrationCisco ISEGroup Authorization
Question #394Policy Enforcement
An administrator is responsible for configuring network access for a temporary network printer. The administrator must only use the printer MAC address 50:40:16:89:0:AB for authent...
MAC Authentication BypassAuthentication MethodsNetwork Access Control
Question #395Web Auth and Guest Services
An engineer is deploying a new guest WLAN for a company. The company wants this WLAN to use a sponsored guest portal for secure guest access. The wireless LAN controller must direc...
Guest AccessCisco ISECentral Web Authentication (CWA)Web Portal
Question #396Web Auth and Guest Services
Which default "guest type" is included with Cisco ISE?
Cisco ISEGuest ServicesGuest TypesDefault Configuration
Question #397Profiler
An administrator must provide network access to legacy Windows endpoints with a specific device type and operating system version using Cisco ISE profiler services. The ISE profile...
DHCP ProfilingCisco ISESPANEndpoint Profiling
Question #398Endpoint Compliance
On which port does Cisco ISE present the Admin certificate for posture and client provisioning?
Cisco ISEPort NumbersClient ProvisioningPosture
Question #399Endpoint Compliance
Which action must be taken before configuring the Secure Client Agent profile when creating the Secure Client configuration for ISE posture services?
Secure ClientISE PostureConfiguration PrerequisitesCompliance Modules
Question #400Network Access Device Administration
Drag and Drop Question Refer to the exhibit. An engineer must configure Cisco ISE to be used as the TACACS+ server for any administrator that signs into the router. Users must be a...
Cisco ISETACACS+Device AdministrationPassword Change

PreviousPage 8 of 9Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.