300-715 Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :448 Q&As
  • Last Updated
    :Jul 13, 2026

Cisco 300-715 Online Questions & Answers

  • Question 21:

    Which personas can a Cisco ISE node assume?

    A. policy service, gatekeeping, and monitoring
    B. administration, policy service, and monitoring
    C. administration, policy service, gatekeeping
    D. administration, monitoring, and gatekeeping

  • Question 22:

    Which component of the 802.1X authentication process provides the identity credentials and communicates using EAP at Layer 2?

    A. authentication server
    B. authenticator
    C. authentication database
    D. supplicant

  • Question 23:

    An engineer deploys Cisco ISE and must configure Active Directory to then use information from Active Directory in an authorization policy.

    Which two components must be configured, in addition to Active Directory groups, to achieve this goal? (Choose two.)

    A. Identity Source Sequences
    B. LDAP External Identity Sources
    C. Active Directory External Identity Sources
    D. Library Condition for Identity Group: User Identity Group
    E. Library Condition for External Identity: External Groups

  • Question 24:

    An administrator is migrating device administration access to Cisco ISE from the legacy TACACS+ solution that used only privilege 1 and 15 access levels. The organization requires more granular controls of the privileges and wants to customize access levels 2-5 to correspond with different roles and access needs. Besides defining a new shell profile in Cisco ISE.

    What must be done to accomplish this configuration?

    A. Enable the privilege levels in Cisco ISE
    B. Enable the privilege levels in the IOS devices.
    C. Define the command privileges for levels 2-5 in the IOS devices
    D. Define the command privileges for levels 2-5 in Cisco ISE

  • Question 25:

    Refer to the exhibit.

    An engineer is configuring Cisco ISE for guest services They would like to have any unregistered guests redirected to the guest portal for authentication then have a CoA provide them with full access to the network that is segmented via firewalls.

    Why is the given configuration failing to accomplish this goal?

    A. The Guest Flow condition is not in the line that gives access to the quest portal
    B. The Network_Access_Authentication_Passed condition will not work with guest services for portal access.
    C. The Permit Access result is not set to restricted access in its policy line
    D. The Guest Portal and Guest Access policy lines are in the wrong order

  • Question 26:

    An engineer is configuring 802.1X and is testing out their policy sets. After authentication, some endpoints are given an access-reject message but are still allowed onto the network. What is causing this issue to occur?

    A. The switch port is configured with authentication event server dead action authorize vlan.
    B. The authorization results for the endpoints include a dACL allowing access.
    C. The authorization results for the endpoints include the Trusted security group tag.
    D. The switch port is configured with authentication open.

  • Question 27:

    By default, which traffic does an 802.IX-enabled switch allow before authentication?

    A. all traffic
    B. no traffic
    C. traffic permitted in the port dACL on Cisco ISE
    D. traffic permitted in the default ACL on the switch

  • Question 28:

    A network administrator is configuring a secondary Cisco ISE node from the backup configuration of the primary Cisco ISE node to create a high availability pair. The Cisco ISE CA certificates and keys must be manually backed up from the primary Cisco ISE and copied into the secondary Cisco ISE.

    Which command must be issued for this to work?

    A. copy certificate ise
    B. certificate configure ise
    C. import certificate ise
    D. application configure ise

  • Question 29:

    DRAG DROP

    Drag and drop the description from the left onto the protocol on the right that is used to carry out system authentication, authentication, and accounting.

    Select and Place:

  • Question 30:

    A network administrator must use Cisco ISE to check whether endpoints have the correct version of antivirus installed Which action must be taken to allow this capability?

    A. Configure a native supplicant profile to be used for checking the antivirus version
    B. Configure Cisco ISE to push the HostScan package to the endpoints to check for the antivirus version.
    C. Create a Cisco AnyConnect Network Visibility Module configuration profile to send the antivirus information of the endpoints to Cisco ISE.
    D. Create a Cisco AnyConnect configuration within Cisco ISE for the Compliance Module and associated configuration files

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.