1. Home
  2. Cisco
  3. 300-715

Cisco 300-715 Online Practice Questions and Exam Preparation

300-715 Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :448 Q&As
  • Last Updated
    :May 25, 2026

Cisco 300-715 Online Questions & Answers

  • Question 141:

    DRAG DROP

    An engineer needs to export a file in CSV format, encrypted with the password C1$c0438563935, and contains users currently configured in Cisco ISE. Drag and drop the steps from the left into the sequence on the right to complete this task.

    Select and Place:

  • Question 142:

    An administrator is configuring endpoint profiling and needs to enable CoA for devices that change profiles. Which two actions must be taken to accomplish this goal? (Choose two.)

    A. Ensure that the firewall is not blocking port 1700
    B. Define "reauth" in the default CoA action to be used
    C. Use an API to detect when profile changes occur and send instructions to ISE to provide a CoA
    D. Modify the RADIUS endpoint attribute filters to send CoA actions as the profiles change
    E. Enable the CoA policy and create rules for each type

  • Question 143:

    An administrator must configure Cisco ISE to authenticate a user accessing a Cisco Adaptive Security Appliance firewall using SSH. The solution must meet these requirements:

    1.

    The local Cisco ISE database must be used for user authentication

    2.

    ASA commands run by users must be validated

    The configurations were performed:

    1.

    added the Cisco Adaptive Security Appliance firewall

    2.

    configured user accounts

    3.

    enabled Device Admin Service in Cisco ISE

    4.

    configured a TACACS profile

    5.

    configured an authorization policy

    6.

    configured the Cisco Adaptive Security Appliance firewall for authentication and authorization

    Which two actions must be taken in Cisco ISE? (Choose two.)

    A. Enable local authentication.
    B. Configure a user identity group.
    C. Configure an authentication profile.
    D. Configure TACACS command sets.
    E. Configure an authorization profile.

  • Question 144:

    What is the Microsoft security policy recommendation for fast user switching in Cisco ISE?

    A. Disable BYOD posture agent.
    B. Enable fast user switching.
    C. Disable fast user switching.
    D. Enable Cisco Secure Client posture agent.

  • Question 145:

    An administrator must enable scanning for specific endpoints when they attempt to access the network. The scanning must be triggered as a result of successful authentication. Which action accomplishes this task?

    A. Modify the authorization policy to send init_endpoint_scan as a result to the authenticator.
    B. Create an authorization profile with scanning enabled and add it to the authorization policy that the endpoints will hit.
    C. Add an entry in the authentication conditions to allow only scanned endpoints access, then redirect everything else to the portal to initiate the scan.
    D. Configure the endpoint scanning probe to profile the endpoint correctly and assign it a risk score.

  • Question 146:

    An administrator for a small network is configuring Cisco ISE to provide dynamic network access to users. Management needs Cisco ISE to not automatically trigger a CoA whenever a profile change is detected. Instead, the administrator needs to verify the new profile and manually trigger a CoA What must be configuring in the profiler to accomplish this goal?

    A. Port Bounce
    B. No CoA
    C. Session Query
    D. Reauth

  • Question 147:

    What is a characteristic of the UDP protocol?

    A. UDP can detect when a server is down.
    B. UDP offers best-effort delivery
    C. UDP can detect when a server is slow
    D. UDP offers information about a non-existent server

  • Question 148:

    During BYOD flow, from where does a Microsoft Windows PC download the Network Setup Assistant?

    A. Cisco App Store
    B. Microsoft App Store
    C. Cisco ISE directly
    D. Native OTA functionality

  • Question 149:

    Which supplicant(s) and server(s) are capable of supporting EAR-CHAINING?

    A. Cisco AnyConnect NAM and Cisco Identity Service Engine
    B. Cisco AnyConnect NAM and Cisco Access Control Server
    C. Cisco Secure Services Client and Cisco Access Control Server
    D. Windows Native Supplicant and Cisco Identity Service Engine

  • Question 150:

    An engineer is configuring a new secure WLAN on a Cisco AireOS wireless LAN controller that has user authentication performed on a standalone Cisco ISE instance. The engineer wants to collect User-Agent attributes from the ISE for each user session on the secure WLAN.

    Which two configurations must be performed on the WLAN? (Choose two.)

    A. Enable local-based DHCP profiling.
    B. Enable RADIUS-based DHCP profiling.
    C. Set DHCP Addr. Assignment to Required.
    D. Enable RADIUS-based HTTP profiling.
    E. Set Aironet IE to Enabled.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.