Practice Free 300-715 Exam Online Questions
What is a requirement for Feed Service to work?
- A . TCP port 3080 must be opened between Cisco ISE and the feed server
- B . Cisco ISE has a base license.
- C . Cisco ISE has access to an internal server to download feed update
- D . Cisco ISE has Internet access to download feed update
What is a valid guest portal type?
- A . Sponsored-Guest
- B . My Devices
- C . Sponsor
- D . Captive-Guest
Which configuration is required in the Cisco ISE authentication policy to allow Central Web Authentication?
- A . MAB and if user not found, continue
- B . MAB and if authentication failed, continue
- C . Dot1x and if user not found, continue
- D . Dot1x and if authentication failed, continue
Refer to the exhibit.
An engineer is configuring a client but cannot authenticate to Cisco ISE During troubleshooting, the show authentication sessions command was issued to display the authentication status of each port.
Which command gives additional information to help identify the problem with the authentication?
- A . show authentication sessions
- B . show authentication sessions Interface Gil/0/1 output
- C . show authentication sessions interface Gi1/0/1 details
- D . show authentication sessions output
A network administrator notices that after a company-wide shut down, many users cannot connect their laptops to the corporate SSID.
What must be done to permit access in a timely manner?
- A . Authenticate the user’s system to the secondary Cisco ISE node and move this user to the primary with the renewed certificate.
- B . Connect this system as a guest user and then redirect the web auth protocol to log in to the network.
- C . Add a certificate issue from the CA server, revoke the expired certificate, and add the new certificate in system.
- D . Allow authentication for expired certificates within the EAP-TLS section under the allowed protocols.
Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two.)
- A . hotspot
- B . new AD user 802 1X authentication
- C . posture
- D . BYOD
- E . guest AUP
What are two benefits of TACACS+ versus RADIUS for device administration? (Choose two)
- A . TACACS+ supports 802.1X, and RADIUS supports MAB
- B . TACACS+ uses UDP, and RADIUS uses TCP
- C . TACACS+ has command authorization, and RADIUS does not.
- D . TACACS+ provides the service type, and RADIUS does not
- E . TACACS+ encrypts the whole payload, and RADIUS encrypts only the password.
An administrator adds a new network device to the Cisco ISE configuration to authenticate endpoints to the network. The RADIUS test fails after the administrator configures all of the settings in Cisco ISE and adds the proper configurations to the switch.
What is the issue?
- A . The endpoint profile is showing as "unknown."
- B . The endpoint does not have the appropriate credentials for network access.
- C . The shared secret is incorrect on the switch or on Cisco ISE.
- D . The certificate on the switch is self-signed not a CA-provided certificate.
Which two endpoint compliance statuses are possible? (Choose two.)
- A . unknown
- B . known
- C . invalid
- D . compliant
- E . valid
An engineer must organize endpoints in a Cisco ISE identity management store to improve the operational management of IP phone endpoints.
The endpoints must meet these requirements:
• classify endpoints for finance, sales, and marketing departments
• tag each endpoint as profiled.
Which action organizes the endpoints?
- A . Create an endpoint identity group for each department with the IP phone parent group.
- B . Create an endpoint identity group for each department with the profiled parent group.
- C . Add a tag for the endpoints of each department and add an endpoint to profiled group.
- D . Add a tag for the endpoints of each department and use the identity group filter.