Cisco 300-715 Practice Test - Questions Answers, Page 12
Question list
List of questions
Related questions
A network engineer is configuring guest access and notices that when a guest user registers a second device for access, the first device loses access What must be done to ensure that both devices for a particular user are able to access the guest network simultaneously?
Configure the sponsor group to increase the number of logins.
Use a custom portal to increase the number of logins
Modify the guest type to increase the number of maximum devices
Create an Adaptive Network Control policy to increase the number of devices
An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network They have multiple vendors' firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this What should be done to enable this type of posture check?
Use the file registry condition to ensure that the firewal is installed and running appropriately.
Use a compound condition to look for the Windows or Mac native firewall applications.
Enable the default firewall condition to check for any vendor firewall application.
Enable the default application condition to identify the applications installed and validade the firewall app.
An administrator is configuring TACACS+ on a Cisco switch but cannot authenticate users with Cisco ISE. The configuration contains the correct key of Cisc039712287. but the switch is not receiving a response from the Cisco ISE instance
What must be done to validate the AAA configuration and identify the problem with the TACACS+ servers?
Check for server reachability using the test aaa group tacacs+ admin <key> legacy command.
Test the user account on the server using the test aaa group radius server CUCS user admin pass
<key> legacy command.
Validate that the key value is correct using the test aaa authentication admin <key> legacy command.
Confirm the authorization policies are correct using the test aaa authorization admin drop legacy command.
Refer to the exhibit:
Refer to the exhibit. In which scenario does this switch configuration apply?
when allowing a hub with multiple clients connected
when passing IP phone authentication
when allowing multiple IP phones to be connected
when preventing users with hypervisor
When configuring an authorization policy, an administrator cannot see specific Active Directory groups present in their domain to be used as a policy condition. However, other groups that are in the same domain are seen What is causing this issue?
Cisco ISE only sees the built-in groups, not user created ones
The groups are present but need to be manually typed as conditions
Cisco ISE's connection to the AD join point is failing
The groups are not added to Cisco ISE under the AD join point
A network administrator changed a Cisco ISE deployment from pilot to production and noticed that the JVM memory utilization increased significantly. The administrator suspects this is due to replication between the nodes What must be configured to minimize performance degradation?
Review the profiling policies for any misconfiguration
Enable the endpoint attribute filter
Change the reauthenticate interval.
Ensure that Cisco ISE is updated with the latest profiler feed update
An engineer is designing a BYOD environment utilizing Cisco ISE for devices that do not support native supplicants Which portal must the security engineer configure to accomplish this task?
MDM
Client provisioning
My devices
BYOD
A Cisco ISE administrator needs to ensure that guest endpoint registrations are only valid for one day When testing the guest policy flow, the administrator sees that the Cisco ISE does not delete the endpoint in the Guest Endpoints identity store after one day and allows access to the guest network after that period. Which configuration is causing this problem?
The Endpoint Purge Policy is set to 30 days for guest devices
The RADIUS policy set for guest access is set to allow repeated authentication of the same device
The length of access is set to 7 days in the Guest Portal Settings
The Guest Account Purge Policy is set to 15 days
A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices Where in the Layer 2 frame should this be verified?
CMD filed
802.1Q filed
Payload
802.1 AE header
A Cisco ISE server sends a CoA to a NAD after a user logs in successfully using CWA Which action does the CoA perform?
It terminates the client session
It applies the downloadable ACL provided in the CoA
It applies new permissions provided in the CoA to the client session.
It triggers the NAD to reauthenticate the client
Question