Practice Free 300-715 Exam Online Questions
An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants.
Which portal must the security engineer configure to accomplish this task?
- A . MDM
- B . Client provisioning
- C . My devices
- D . BYOD
C
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_01111.html
An administrator is configuring a new profiling policy within Cisco ISE The organization has several endpoints that are the same device type and all have the same Block ID in their MAC address. The profiler does not currently have a profiling policy created to categorize these endpoints. therefore a custom profiling policy must be created.
Which condition must the administrator use in order to properly profile an ACME Al Connector endpoint for network access with MAC address <MAC ADDRESS>?
- A . MAC_OUI_STARTSWITH_<MACADDRESS>
- B . CDP_cdpCacheDevicelD_CONTAINS_<MACADDRESS>
- C . MAC_MACAddress_CONTAINS_<MACADDRESS>
- D . Radius Called Station-ID STARTSWITH <MACADDRESS>
An engineer needs to configure Cisco ISE Profiling Services to authorize network access for IP speakers that require access to the intercom system. This traffic needs to be identified if the ToS bit is set to 5 and the destination IP address is the intercom system.
What must be configured to accomplish this goal?
- A . NMAP
- B . NETFLOW
- C . pxGrid
- D . RADIUS
What is a method for transporting security group tags throughout the network?
- A . by enabling 802.1AE on every network device
- B . by the Security Group Tag Exchange Protocol
- C . by embedding the security group tag in the IP header
- D . by embedding the security group tag in the 802.1Q header
Which action must be taken before configuring the Secure Client Agent profile when creating the Secure Client configuration for ISE posture services?
- A . Create a posture remediation condition policy for the Agent profile.
- B . Configure the posture policy for Secure Client posturing module.
- C . Create a posture condition that references the Secure Client package.
- D . Upload the Secure Client packages and the Secure Client compliance modules.
A network engineer is in the predeployment discovery phase of a Cisco ISE deployment and must discover the network. There is an existing network management system in the network.
Which type of probe must be configured to gather the information?
- A . RADIUS
- B . NMAP
- C . NetFlow
- D . SNMP
An engineer is configuring a new Cisco ISE node. The Cisco ISE must make authorization decisions based on the threat and vulnerability attributes received from the threat and vulnerability adapters.
Which persona must be enabled?
- A . Policy Service
- B . Monitoring
- C . pxGrid
- D . Administration
An administrator must provide network access to legacy Windows endpoints with a specific device type and operating system version using Cisco ISE profiler services. The ISE profiler services and access switches must be configured to identify endpoints using the dhcp-class-identifier and parameters-request-list attributes from the DHCP traffic.
These configurations were performed:
enabled the DHCP probe in Cisco ISE
configured the Cisco ISE PSN interface to receive DHCP packets
configured the attributes in custom profiling conditions
configured a custom profiling policy
configured an authorization rule with permit access
Which action completes the configuration?
- A . Configure the switches to send copies of the DHCP traffic to the Cisco ISE PSN.
- B . Configure the Cisco ISE PSN interface to receive SPAN DHCP traffic.
- C . Configure the switches to relay DHCP packets to the Cisco ISE PSN.
- D . Enable the DHCP SPAN probe in Cisco ISE primary server.
A customer wants to set up the Sponsor portal and delegate the authentication flow to a third party for added security while using Kerberos.
Which database should be used to accomplish this goal?
- A . RSA Token Server
- B . Active Directory
- C . Local Database
- D . LDAP
B
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/b_ise_admin_guide_26_chapter_01111.html#concept_srz_ bkb_4db
How is policy services node redundancy achieved in a deployment?
- A . by enabling VIP
- B . by utilizing RADIUS server list on the NAD
- C . by creating a node group
- D . by deploying both primary and secondary node