Exam Details
Exam Code
:300-715Exam Name
:Implementing and Configuring Cisco Identity Services Engine (SISE)Certification
:CCNPVendor
:CiscoTotal Questions
:334 Q&AsLast Updated
:Apr 25, 2024
Cisco CCNP 300-715 Questions & Answers
-
Question 1:
DRAG DROP
Refer to the exhibit. An engineer must create a web authentication access policy in Cisco ISE that matches the exhibit. Drag and drop the configuration steps from the left into sequence on the right to accomplish this task.
Select and Place:
-
Question 2:
DRAG DROP
An engineer needs to export a file in CSV format, encrypted with the password C1$c0438563935, and contains users currently configured in Cisco ISE. Drag and drop the steps from the left into the sequence on the right to complete this task.
Select and Place:
-
Question 3:
DRAG DROP
An engineer needs to configure a compliance policy on Cisco ISE to ensure that the latest encryption software is running on the C drive of all endpoints. Drag and drop the configuration steps from the left into the sequence on the right to accomplish this task.
Select and Place:
-
Question 4:
DRAG DROP
Drag and drop the description from the left onto the protocol on the right that is used to carry out system authentication, authentication, and accounting.
Select and Place:
-
Question 5:
DRAG DROP
An organization wants to implement 802.1X and is debating whether to use PEAP-MSCHAPv2 or PEAP-EAP-TLS for authentication. Drag the characteristics on the left to the corresponding protocol on the right.
Select and Place:
-
Question 6:
An engineer needs to configure a new certificate template in the Cisco ISE Internal Certificate Authority to prevent BYOD devices from needing to re-enroll when their MAC address changes. Which option must be selected in the Subject Alternative Name field?
A. Common Name and GUID
B. MAC Address and GUID
C. Distinguished Name
D. Common Name
-
Question 7:
A user changes the status of a device to stolen in the My Devices Portal of Cisco ISE. The device was originally onboarded in the BYOD wireless Portal without a certificate. The device is found later, but the user cannot re-onboard the device because Cisco ISE assigned the device to the Blocklist endpoint identity group. What must the user do in the My Devices Portal to resolve this issue?
A. Manually remove the device from the Blocklist endpoint identity group.
B. Change the device state from Stolen to Not Registered.
C. Change the BYOD registration attribute of the device to None.
D. Delete the device, and then re-add the device.
-
Question 8:
Which two authentication protocols are supported by RADIUS but not by TACACS+? (Choose two.)
A. MSCHAPv1
B. PAP
C. EAP
D. CHAP
E. MSCHAPV2
-
Question 9:
An engineer must configure an HTTP probe on a Cisco ISE virtual appliance running on VMWare using a dedicated interface for profiling. The interface is assigned to the VM Network port group. The engineer is logged into the hypervisor with a user account that only provides access to the Cisco ISE VM and the network settings for the VM. Which security setting must be changed for this interface to accept SPAN traffic?
A. Set Promiscuous mode to inherit from vSwitch in the Port Group properties.
B. Set Promiscuous mode to inherit from Port Group in the vSwitch properties.
C. Set Promiscuous mode to Accept in the Port Group properties.
D. Set Promiscuous mode to Accept in the vSwitch properties.
-
Question 10:
What are two differences of TACACS+ compared to RADIUS? (Choose two.)
A. TACACS+ uses a connectionless transport protocol, whereas RADIUS uses a connection-oriented transport protocol.
B. TACACS+ encrypts the full packet payload, whereas RADIUS only encrypts the password.
C. TACACS+ only encrypts the password, whereas RADIUS encrypts the full packet payload.
D. TACACS+ uses a connection-oriented transport protocol, whereas RADIUS uses a connectionless transport protocol.
E. TACACS+ supports multiple sessions per user, whereas RADIUS supports one session per user.
Related Exams:
300-610
Designing Cisco Data Center Infrastructure (DCID)350-501
Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)350-701
Implementing and Operating Cisco Security Core Technologies (SCOR)350-601
Implementing and Operating Cisco Data Center Core Technologies (DCCOR)350-801
Implementing and Operating Cisco Collaboration Core Technologies (CLCOR)350-401
Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) & CCIE Enterprise Infrastructure & CCIE Enterprise Wireless300-535
Automating and Programming Cisco Service Provider Solutions (SPAUTO)300-515
Implementing Cisco Service Provider VPN Services (SVPI)300-510
Implementing Cisco Service Provider Advanced Routing Solutions (SPRI)300-735
Automating and Programming Cisco Security Solutions (SAUTO)
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.