1. Home
  2. Cisco
  3. 300-715

Cisco 300-715 Online Practice Questions and Exam Preparation

300-715 Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :448 Q&As
  • Last Updated
    :May 25, 2026

Cisco 300-715 Online Questions & Answers

  • Question 381:

    An administrator is responsible for configuring network access for a temporary network printer. The administrator must only use the printer MAC address 50:89:65:18:8:AB for authentication. Which authentication method will accomplish the task?

    A. Posturing
    B. Profiling
    C. MAB
    D. 802.1x

  • Question 382:

    An organization wants to split their Cisco ISE deployment to separate the device administration functionalities from the mam deployment. For this to work, the administrator must deregister any nodes that will become a part of the new deployment, but the button for this option is grayed out

    Which configuration is causing this behavior?

    A. One of the nodes is an active PSN.
    B. One of the nodes is the Primary PAN
    C. All of the nodes participate in the PAN auto failover.
    D. All of the nodes are actively being synched.

  • Question 383:

    Which use case validates a change of authorization?

    A. An authenticated, wired EAP-capable endpoint is discovered
    B. An endpoint profiling policy is changed for authorization policy.
    C. An endpoint that is disconnected from the network is discovered
    D. Endpoints are created through device registration for the guests

  • Question 384:

    What is the condition that a Cisco ISE authorization policy cannot match?

    A. company contact
    B. custom
    C. time
    D. device type
    E. posture

  • Question 385:

    An engineer is configuring web authentication and needs to allow specific protocol to permit DNS traffic. Which type of access list should be used for this configuration?

    A. Numbered ACL
    B. Standard ACL
    C. Reflexive ACL
    D. Extended ACL

  • Question 386:

    An organization has a fully distributed Cisco ISE deployment. When implementing probes, an administrator must scan for unknown endpoints to learn the IP-to-MAC address bindings The scan is complete on one PSN, but the information is not available on the others.

    What must be done to make the information available?

    A. Cisco ISE must be configured to learn the IP-MAC binding of unknown endpoints via RADIUS authentication, not via scanning.
    B. Cisco ISE must learn the IP-MAC binding of unknown endpoints via DHCP profiling, not via scanning.
    C. Scanning must be initiated from the MnT node to centrally gather the information.
    D. Scanning must be initiated from the PSN that last authenticated the endpoint.

  • Question 387:

    An engineer must develop a policy that utilizes AD group membership on Cisco ISE. Which type of policy element must the engineer configure to create an AD group within a policy?

    A. conditions
    B. results
    C. dictionaries
    D. smart conditions

  • Question 388:

    An administrator made changes in Cisco ISE and needs to apply new permissions for endpoints that have already been authenticated by sending a CoA packet to the network devices. Which IOS command must be configured on the devices to accomplish this goal?

    A. aaa server radius dynamic-author
    B. authentication command bounce-port
    C. authentication command disable-port
    D. authentication command disable-port

  • Question 389:

    A network engineer must define a Redirect ACL on a Cisco Wireless LAN Controller. The ACL must force unknown users to authenticate via a captive portal located on a Cisco ISE PSN on another network segment separated by a firewall.

    Which port must be permitted in the firewall to allow traffic between the Cisco Wireless LAN Controller and Cisco ISE?

    A. UDP port 1812
    B. TCP port 8443
    C. UDP port 1645
    D. TCP port 8445

  • Question 390:

    An administrator is configuring cisco ISE lo authenticate users logging into network devices live logs. Which action ensures the users are able to log into the network devices?

    A. Enable the device administration service in the Administration persona
    B. Enable the session services in the administration persona.
    C. Enable the service sessions in the PSN persona.
    D. Enable the device administration service in the PSN persona.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.