Cisco 300-715 Practice Test - Questions Answers, Page 13
Question list
List of questions
Related questions
A customer wants to set up the Sponsor portal and delegate the authentication flow to a third party for added security while using Kerberos Which database should be used to accomplish this goal?
RSA Token Server
Active Directory
Local Database
LDAP
An administrator is configuring a Cisco ISE posture agent in the client provisioning policy and needs to ensure that the posture policies that interact with clients are monitored, and end users are required to comply with network usage rules
Which two resources must be added in Cisco ISE to accomplish this goal? (Choose two)
AnyConnect
Supplicant
Cisco ISE NAC
PEAP
Posture Agent
Refer to the exhibit:
interface GigabitEthernetl/O/1
authentication host-mode multi-auth
authentication post-control auto
mab
dotlx pae authenticator
Refer to the exhibit Which switch configuration change will allow only one voice and one data endpoint on each port?
Multi-auth to multi-domain
Mab to dot1x
Auto to manual
Multi-auth to single-auth
An administrator needs to give the same level of access to the network devices when users are logging into them using TACACS+ However, the administrator must restrict certain commands based on one of three user roles that require different commands How is this accomplished without creating too many objects using Cisco ISE?
Create one shell profile and multiple command sets.
Create multiple shell profiles and multiple command sets.
Create one shell profile and one command set.
Create multiple shell profiles and one command set
An administrator for a small network is configuring Cisco ISE to provide dynamic network access to users. Management needs Cisco ISE to not automatically trigger a CoA whenever a profile change is detected. Instead, the administrator needs to verify the new profile and manually trigger a Co
What must be configuring in the profiler to accomplish this goal?
Port Bounce
No CoA
Session Query
Reauth
An organization wants to split their Cisco ISE deployment to separate the device administration functionalities from the mam deployment. For this to work, the administrator must deregister any nodes that will become a part of the new deployment, but the button for this option is grayed out Which configuration is causing this behavior?
One of the nodes is an active PSN.
One of the nodes is the Primary PAN
All of the nodes participate in the PAN auto failover.
All of the nodes are actively being synched.
An organization is adding new profiling probes to the system to improve profiling on Oseo ISE The probes must support a common network management protocol to receive information about the endpoints and the ports to which they are connected What must be configured on the network device to accomplish this goal?
ARP
SNMP
WCCP
ICMP
A network administrator is configuring a secondary cisco ISE node from the backup configuration of the primary cisco ISE node to create a high availability pair The Cisco ISE CA certificates and keys must be manually backed up from the primary Cisco ISE and copied into the secondary Cisco ISE Which command most be issued for this to work?
copy certificate Ise
application configure Ise
certificate configure Ise
Import certificate Ise
An employee logs on to the My Devices portal and marks a currently on-boarded device as 'Lost'.
Which two actions occur within Cisco ISE as a result oí this action? (Choose two)
Certificates provisioned to the device are not revoked
BYOD Registration status is updated to No
The device access has been denied
BYOD Registration status is updated to Unknown.
The device status is updated to Stolen
An administrator connects an HP printer to a dot1x enable port, but the printer in not accessible Which feature must the administrator enable to access the printer?
MAC authentication bypass
change of authorization
TACACS authentication
RADIUS authentication
Question