Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU
  • Home
  • Cisco
  • 300-715: Implementing and Configuring Cisco Identity Services Engine

Cisco 300-715 Exam

Certification Provider: Cisco
Exam Name: Implementing and Configuring Cisco Identity Services Engine
Duration: 90 Minutes
Number of questions in our database: 244
Exam Version: Apr. 11, 2024
300-715 Exam Official Topics:
  • Topic 1: Configure TACACS+ Device Administration And Command Authorization/ Architecture And Deployment
  • Topic 2: Describe Supplicant, Supplicant Options, Authenticator, And Server/ Describe Deployment Options
  • Topic 3: Network Access Device Administration/ Configure Native AD And LDAP
  • Topic 4: Configure Cisco ISE Posture Agents And Operational Modes/ Configure Wired/Wireless 802.1X Network Access
  • Topic 5: Configure Posture Conditions And Policy, And Client Provisioning/ Describe Identity Store Options
  • Topic 6: Configure BYOD Device On-Boarding Using Internal CA With Cisco Switches And Cisco Wireless LAN Controllers
  • Topic 7: Describe Endpoint Compliance, Posture Services, And Client Provisioning/ Configure 802.1X Phasing Deployment
  • Topic 8: Configure The Compliance Module/ Configure Network Access Devices
  • Topic 9: Configure Policies Including Authentication And Authorization Profiles/ Configure Sponsor And Guest Portals
  • Topic 10: Configure Blacklist/Whitelist/ Describe Cisco BYOD Functionality/ Configure Web Authentication
  • Topic 11: Configure Endpoint Identity Management/ Configure Guest Access Services
  • Topic 12: Configure Certificates For BYOD/ Implement Profiler Services
  • Topic 13: Web Auth And Guest Services/ Configure Cisco Trustsec
Disscuss Cisco 300-715 Topics, Questions or Ask Anything Related

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!

Free Cisco 300-715 Exam Actual Questions

The questions for 300-715 were last updated On Apr. 11, 2024

Question #1

The security team identified a rogue endpoint with MAC address 00:46:91:02:28:4A attached to the network. Which action must security engineer take within Cisco ISE to effectively

restrict network access for this endpoint?

Reveal Solution Hide Solution
Correct Answer: C

Cisco ISE provides a feature called Adaptive Network Control (ANC) that allows administrators to apply policies to endpoints based on their behavior or status1. One of the ANC policies is Quarantine, which restricts network access for an endpoint by assigning it to a limited-access VLAN or applying an access control list (ACL) on the switch port2. To use the Quarantine policy, the administrator must add the MAC address of the rogue endpoint to the endpoint quarantine list in ISE2. This will trigger a change of authorization (CoA) for the endpoint and apply the Quarantine policy. The other options are not effective for restricting network access for a rogue endpoint, as they do not use the ANC feature of ISE.


Question #2

What is a restriction of a standalone Cisco ISE node deployment?

Reveal Solution Hide Solution
Correct Answer: C

Question #3

An administrator is attempting to join a new node to the primary Cisco ISE node, but receives the error message "Node is Unreachable". What is causing this error?

Reveal Solution Hide Solution
Correct Answer: B

https://www.ciscopress.com/articles/article.asp?p=2812072


Question #4

What is a restriction of a standalone Cisco ISE node deployment?

Reveal Solution Hide Solution
Correct Answer: C

Question #5

A network security administrator needs a web authentication configuration when a guest user connects to the network with a wireless connection using these steps:

. An initial MAB request is sent to the Cisco ISE node.

. Cisco ISE responds with a URL redirection authorization profile if the user's MAC address is unknown in the endpoint identity store.

. The URL redirection presents the user with an AUP acceptance page when the user attempts to go to any URL.

Which authentication must the administrator configure on Cisco ISE?

Reveal Solution Hide Solution
Correct Answer: D

Central Web Authentication (CWA) is a feature that allows the network access device (NAD) to redirect the web traffic of a guest user to a web portal hosted by Cisco ISE1. The NAD acts as a proxy between the guest user and the ISE node, and performs the authentication and authorization based on the RADIUS attributes returned by ISE1. To configure CWA on ISE, the administrator must create an authorization profile that contains the URL redirection attribute and assign it to the guest user1. The other options are not correct because they do not use CWA. Device registration WebAuth is a feature that allows users to register their devices on ISE before they can access the network2. WLC with local WebAuth is a feature that allows the wireless LAN controller (WLC) to host the web portal and authenticate the guest user locally3. Wired NAD with local WebAuth is a feature that allows the switch to host the web portal and authenticate the guest user locally


Explore Other Cisco Exams

Unlock all 300-715 Exam Questions with Advanced Practice Test Features:
  • Select Question Types you want
  • Set your Desired Pass Percentage
  • Allocate Time (Hours : Minutes)
  • Create Multiple Practice tests with Limited Questions
  • Customer Support
Get Full Access Now

Save Cancel