Cisco 300-715 Practice Test - Questions Answers, Page 18
Question list
List of questions
Related questions
An administrator is configuring a new profiling policy in Cisco ISE for a printer type that is missing from the profiler feed The logical profile Printers must be used in the authorization rule and the rule must be hit. What must be done to ensure that this configuration will be successful^
Create a new logical profile for the new printer policy
Enable the EndPoints:EndPointPolicy condition in the authorization policy.
Add the new profiling policy to the logical profile Printers.
Modify the profiler conditions to ensure that it goes into the correct logical profile
Which two default guest portals are available with Cisco ISE? (Choose two.)
visitor
WIFI-access
self-registered
central web authentication
sponsored
An engineer builds a five-node distributed Cisco ISE deployment The first two deployed nodes are responsible for the primary and secondary administration and monitoring personas Which persona configuration is necessary to have the remaining three Cisco ISE nodes serve as dedicated nodes in the Cisco ISE cube that is responsible only for handling the RADIUS and TACACS+ authentication requests, identity lookups, and policy evaluation?
Option A
Option B
Option C
Option D
An administrator is configuring a switch port for use with 802 1X What must be done so that the port will allow voice and multiple data endpoints?
Configure the port with the authentication host-mode multi-auth command
Connect the data devices to the port, then attach the phone behind them.
Use the command authentication host-mode multi-domain on the port
Connect a hub to the switch port to allow multiple devices access after authentication
Refer to the exhibit.
An engineer is configuring Cisco ISE for guest services They would like to have any unregistered guests redirected to the guest portal for authentication then have a CoA provide them with full access to the network that is segmented via firewalls Why is the given configuration failing to accomplish this goal?
The Guest Flow condition is not in the line that gives access to the quest portal
The Network_Access_Authentication_Passed condition will not work with guest services for portal access.
The Permit Access result is not set to restricted access in its policy line
The Guest Portal and Guest Access policy lines are in the wrong order
An engineer is configuring ISE for network device administration and has devices that support both protocols. What are two benefits of choosing TACACS+ over RADUs for these devices? (Choose two.)
TACACS+ is FIPS compliant while RADIUS is not
TACACS+ is designed for network access control while RADIUS is designed for role-based access.
TACACS+ uses secure EAP-TLS while RADIUS does not.
TACACS+ provides the ability to authorize specific commands while RADIUS does not
TACACS+ encrypts the entire payload being sent while RADIUS only encrypts the password.
During a 802 1X deployment, an engineer must identify failed authentications without causing problems for the connected endpoint. Which command will successfully achieve this''
dotlxsystem-auth-control
dotlx pae authenticator
authentication open
authentication port-control auto
An engineer is configuring 802.1X and is testing out their policy sets. After authentication, some endpoints are given an access-reject message but are still allowed onto the network. What is causing this issue to occur?
The switch port is configured with authentication event server dead action authorize vlan.
The authorization results for the endpoints include a dACL allowing access.
The authorization results for the endpoints include the Trusted security group tag.
The switch port is configured with authentication open.
An engineer has been tasked with standing up a new guest portal for customers that are waiting in the lobby. There is a requirement to allow guests to use their social media logins to access the guest network to appeal to more customers
What must be done to accomplish this task?
Create a sponsor portal to allow guests to create accounts using their social media logins.
Create a sponsored guest portal and enable social media in the external identity sources.
Create a self-registered guest portal and enable the feature for social media logins
Create a hotspot portal and enable social media login for network access
Which Cisco ISE deployment model provides redundancy by having every node in the deployment configured with the Administration. Policy Service, and Monitoring personas to protect from a complete node failure?
distributed
dispersed
two-node
hybrid
Question