1. Home
  2. Cisco
  3. 300-715

Cisco 300-715 Online Practice Questions and Exam Preparation

300-715 Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :448 Q&As
  • Last Updated
    :May 25, 2026

Cisco 300-715 Online Questions & Answers

  • Question 281:

    DRAG DROP

    Refer to the exhibit.

    An engineer must create a web authentication access policy in Cisco ISE that matches the exhibit. Drag and drop the configuration steps from the left into sequence on the right to accomplish this task.

    Select and Place:

  • Question 282:

    Which two components are required for creating a Native Supplicant Profile within a BYOD flow? (Choose two )

    A. Windows Settings
    B. Connection Type
    C. iOS Settings
    D. Redirect ACL
    E. Operating System

  • Question 283:

    An engineer is configuring TACACS+ within Cisco ISE for use with a non-Cisco network device. They need to send special attributes in the Access-Accept response to ensure that the users are given the appropriate access.

    What must be configured to accomplish this'?

    A. dACLs to enforce the various access policies for the users
    B. custom access conditions for defining the different roles
    C. shell profiles with custom attributes that define the various roles
    D. TACACS+ command sets to provide appropriate access

  • Question 284:

    An engineer is testing Cisco ISE policies in a lab environment with no support for a deployment server. In order to push supplicant profiles to the workstations for testing, firewall ports will need to be opened. From which Cisco ISE persona should this traffic be originating?

    A. monitoring
    B. policy service
    C. administration
    D. authentication

  • Question 285:

    A user reports that a switch's RADIUS accounting packets are not being seen on the Cisco ISE server Which command is the user missing in the switch's configuration?

    A. radius-server vsa send accounting
    B. aaa accounting network default start-stop group radius
    C. aaa accounting resource default start-stop group radius
    D. aaa accounting exec default start-stop group radius

  • Question 286:

    An engineer is starting to implement a wired 802.1X project throughout the campus. The task is for failed authentication to be logged to Cisco ISE and also have a minimal impact on the users. Which command must the engineer configure?

    A. monitor-mode enabled
    B. authentication host-mode multi-auth
    C. authentication open
    D. pae dot1x enabled

  • Question 287:

    An administrator in a health facility must assign a medical device to a static profiling policy. Under which settings group must it be configured?

    A. user-defined exception actions
    B. CoA under global settings
    C. global profiling settings
    D. system-defined exceptions actions

  • Question 288:

    An administrator must provide network access to legacy Windows endpoints with a specific device type and operating system version using Cisco ISE profiler services. The ISE profiler services and access switches must be configured to identify endpoints using the dhcp-class-identifier and parameters-request-list attributes from the DHCP traffic. These configurations were performed:

    1. enabled the DHCP probe in Cisco ISE

    2. configured the Cisco ISE PSN interface to receive DHCP packets

    3. configured the attributes in custom profiling conditions

    4. configured a custom profiling policy

    5. configured an authorization rule with permit access

    Which action completes the configuration?

    A. Configure the Cisco ISE PSN interface to receive SPAN DHCP traffic.
    B. Configure the switches to send copies of the DHCP traffic to the Cisco ISE PSN.
    C. Enable the DHCP SPAN probe in Cisco ISE primary server.
    D. Configure the switches to relay DHCP packets to the Cisco ISE PSN.

  • Question 289:

    Which two ports do network devices typically use for CoA? (Choose two )

    A. 443
    B. 19005
    C. 8080
    D. 3799
    E. 1700

  • Question 290:

    An ISE administrator must change the inactivity timer for MAB endpoints to terminate the authentication session whenever a switch port that is connected to an IP phone does not detect packets from the device for 30 minutes. Which action must be taken to accomplish this task?

    A. Add the authentication timer reauthenticate server command to the switchport.
    B. Add the authentication timer inactivity 3600 command to the switchport.
    C. Change the idle-timeout on the Radius server to 3600 seconds for IP Phone endpoints.
    D. Configure the session-timeout to be 3600 seconds on Cisco ISE.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.