Cisco 300-715 Practice Test - Questions Answers, Page 21
Question list
List of questions
Related questions
A user is attempting to register a BYOD device to the Cisco ISE deployment, but needs to use the onboarding policy to request a digital certificate and provision the endpoint. What must be configured to accomplish this task?
A native supplicant provisioning policy to redirect them to the BYOD portal for onboarding
The Cisco AnyConnect provisioning policy to provision the endpoint for onboarding
The BYOD flow to ensure that the endpoint will be provisioned prior to registering
The posture provisioning policy to give the endpoint all necessary components prior to registering
While configuring Cisco TrustSec on Cisco IOS devices the engineer must set the CTS device ID and password in order for the devices to authenticate with each other. However after this is complete the devices are not able to property authenticate What issue would cause this to happen even if the device ID and passwords are correct?
The device aliases are not matching
The 5GT mappings have not been defined
The devices are missing the configuration cts credentials trustsec verify 1
EAP-FAST is not enabled
An engineer is configuring a posture policy for Windows 10 endpoints and wants to ensure that users in each AD group have different conditions to meet to be compliant. What must be done to accomplish this task?
identify The users groups needed for different policies and create service conditions to map each one to its posture requirement
Configure a simple condition for each AD group and use it in the posture policy for each use case
Use the authorization policy within the policy set to group each AD group with their respective posture policy
Change the posture requirements to use an AD group lor each use case then use those requirements in the posture policy
An organization wants to enable web-based guest access for both employees and visitors The goal is to use a single portal for both user types Which two authentication methods should be used to meet this requirement? (Choose two )
LDAP
802 1X
Certificate-based
LOCAL
MAC based
An organization is adding nodes to their Cisco ISE deployment and has two nodes designated as primary and secondary PAN and MnT nodes. The organization also has four PSNs An administrator is adding two more PSNs to this deployment but is having problems adding one of them What is the problem?
The new nodes must be set to primary prior to being added to the deployment
The current PAN is only able to track a max of four nodes
Only five PSNs are allowed to be in the Cisco ISE cube if configured this way.
One of the new nodes must be designated as a pxGrid node
Which two authentication protocols are supported by RADIUS but not by TACACS+? (Choose two.)
MSCHAPv1
PAP
EAP
CHAP
MSCHAPV2
What is a difference between RADIUS and TACACS+?
RADIUS uses connection-oriented transport, and TACACS+ uses best-effort delivery.
RADIUS offers multiprotocol support, and TACACS+ supports only IP traffic.
RADIUS combines authentication and authorization functions, and TACACS+ separates them.
RADIUS supports command accounting, and TACACS+ does not.
An engineer is unable to use SSH to connect to a switch after adding the required CLI commands to the device to enable TACACS+. The device administration license has been added to Cisco ISE, and the required policies have been created. Which action is needed to enable access to the switch?
The ip ssh source-interface command needs to be set on the switch
802.1X authentication needs to be configured on the switch.
The RSA keypair used for SSH must be regenerated after enabling TACACS+.
The switch needs to be added as a network device in Cisco ISE and set to use TACACS+.
The IT manager wants to provide different levels of access to network devices when users authenticate using TACACS+. The company needs specific commands to be allowed based on the Active Directory group membership of the different roles within the IT department. The solution must minimize the number of objects created in Cisco ISE. What must be created to accomplish this task?
one shell profile and one command set
multiple shell profiles and one command set
one shell profile and multiple command sets
multiple shell profiles and multiple command sets
What are two differences of TACACS+ compared to RADIUS? (Choose two.)
TACACS+ uses a connectionless transport protocol, whereas RADIUS uses a connection-oriented transport protocol.
TACACS+ encrypts the full packet payload, whereas RADIUS only encrypts the password.
TACACS+ only encrypts the password, whereas RADIUS encrypts the full packet payload.
TACACS+ uses a connection-oriented transport protocol, whereas RADIUS uses a connectionless transport protocol.
TACACS+ supports multiple sessions per user, whereas RADIUS supports one session per user.
Question