300-715 Exam Details

  • Exam Code
    :300-715
  • Exam Name
    :Implementing and Configuring Cisco Identity Services Engine (SISE)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :448 Q&As
  • Last Updated
    :Jul 13, 2026

Cisco 300-715 Online Questions & Answers

  • Question 391:

    An engineer is using Cisco ISE and configuring guest services to allow wireless devices to access the network. Which action should accomplish this task?

    A. Create the redirect ACL on the WLC and add it to the WLC policy
    B. Create the redirect ACL on the WLC and add it to the Cisco ISE policy.
    C. Create the redirect ACL on Cisco ISE and add it to the WLC policy
    D. Create the redirect ACL on Cisco ISE and add it to the Cisco ISE Policy

  • Question 392:

    A network engineer is in the predeployment discovery phase of a Cisco ISE deployment and must discover the network. There is an existing NMS in the network. Which type of probe must be configured to gather the information?

    A. SNMP
    B. NMAP
    C. NetFlow
    D. RADIUS

  • Question 393:

    DRAG DROP

    Drag and drop the steps of the onboarding process from the left into the order they authenticate on the right. Not all options are used.

    Select and Place:

  • Question 394:

    A Cisco device has a port configured in multi-authentication mode and is accepting connections only from hosts assigned the SGT of SGT_0422048549 The VLAN trunk link supports a maximum of 8 VLANS

    What is the reason for these restrictions?

    A. The device is performing inline tagging without acting as a SXP speaker
    B. The device is performing mime tagging while acting as a SXP speaker
    C. The IP subnet addresses are dynamically mapped to an SGT.
    D. The IP subnet addresses are statically mapped to an SGT

  • Question 395:

    A network security administrator must integrate Cisco ISE with Active Directory. The administrator must carry out a join operation. Which action must the security administrator take?

    A. Search Active Directory to see if admin user account exists
    B. Remove the ISE machine account from the domain
    C. Join Cisco ISE to the Active Directory domain
    D. Remove Cisco ISE user account from the domain.

  • Question 396:

    An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants Which portal must the security engineer configure to accomplish this task?

    A. MDM
    B. Client provisioning
    C. My devices
    D. BYOD

  • Question 397:

    Guest users report repeated prompts to authenticate with the portal when connecting to a wireless network. An administrator must configure Cisco ISE to reduce the number of prompts. The solution must meet the requirements:

    1.

    Users must be authenticated once.

    2.

    When reconnecting to the visitor network, users do not need to be redirected to the login page.

    Which action completes the configuration?

    A. Configure an authorization profile to send a redirection access control list only for unauthenticated users.
    B. Configure the Wi-Fi Guest Access policy to allow the GuestEndpoint group.
    C. Configure an authorization rule for guest flow to bypass authenticated MAC address.
    D. Configure an authentication rule for MAC Authentication Bypass users to add an authenticated MAC address in an identity group.

  • Question 398:

    An engineer must configure Cisco ISE to provide internet access for guests in which guests are required to enter a code to gain network access. Which action accomplishes the goal?

    A. Configure the hotspot portal for guest access and require an access code.
    B. Configure the sponsor portal with a single account and use the access code as the password.
    C. Configure the self-registered guest portal to allow guests to create a personal access code.
    D. Create a BYOD policy that bypasses the authentication of the user and authorizes access codes.

  • Question 399:

    What is a difference between TACACS+ as compared to RADIUS from an AAA perspective?

    A. TACACS+ separates AAA services, whereas RADIUS combines authentication and authorization.
    B. TACACS+ combines all roles into a single privilege level, whereas RADIUS separates privilege levels.
    C. TACACS+ supports only Cisco devices, whereas RADIUS supports any RADUIS-compatible device.
    D. TACACS+ supports only local authentication, whereas RADIUS supports remote authentication.

  • Question 400:

    Refer to the exhibit.

    Which component must be configured to apply the SGACL?

    A. egress router
    B. host
    C. secure server
    D. ingress router

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-715 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.