Cisco 300-715 Practice Test - Questions Answers, Page 22
Question list
List of questions
Related questions
What is a valid status of an endpoint attribute during the device registration process?
block listed
pending
unknown
DenyAccess
An administrator is configuring the Native Supplicant Profile to be used with the Cisco ISE posture agents and needs to test the connection using wired devices to determine which profile settings are available. Which two configuration settings should be used to accomplish this task? (Choose two.)
authentication mode
proxy host/IP
certificate template
security
allowed protocol
Which Cisco ISE solution ensures endpoints have the latest version of antivirus updates installed before being allowed access to the corporate network?
Threat Services
Profiling Services
Provisioning Services
Posture Services
An administrator is configuring posture assessment in Cisco ISE for the first time. Which two components must be uploaded to Cisco ISE to use Anyconnect for the agent configuration in a client provisioning policy? (Choose two.)
Anyconnect network visibility module
Anyconnect compliance module
AnyConnectProfile.xml file
AnyConnectProfile.xsd file
Anyconnect agent image
What is a difference between TACACS+ and RADIUS in regards to encryption?
TACACS+ encrypts only the password, whereas RADIUS encrypts the username and password.
TACACS+ encrypts the username and password, whereas RADIUS encrypts only the password.
TACACS+ encrypts the password, whereas RADIUS sends the entire packet in clear text.
TACACS+ encrypts the entire packet, whereas RADIUS encrypts only the password.
An administrator must block access to BYOD endpoints that were onboarded without a certificate and have been reported as stolen in the Cisco ISE My Devices Portal. Which condition must be used when configuring an authorization policy that sets DenyAccess permission?
Endpoint Identity Group is Blocklist, and the BYOD state is Registered.
Endpoint Identify Group is Blocklist, and the BYOD state is Pending.
Endpoint Identity Group is Blocklist, and the BYOD state is Lost.
Endpoint Identity Group is Blocklist, and the BYOD state is Reinstate.
An engineer needs to configure a new certificate template in the Cisco ISE Internal Certificate Authority to prevent BYOD devices from needing to re-enroll when their MAC address changes.
Which option must be selected in the Subject Alternative Name field?
Common Name and GUID
MAC Address and GUID
Distinguished Name
Common Name
A user changes the status of a device to stolen in the My Devices Portal of Cisco ISE. The device was originally onboarded in the BYOD wireless Portal without a certificate. The device is found later, but the user cannot re-onboard the device because Cisco ISE assigned the device to the Blocklist endpoint identity group. What must the user do in the My Devices Portal to resolve this issue?
Manually remove the device from the Blocklist endpoint identity group.
Change the device state from Stolen to Not Registered.
Change the BYOD registration attribute of the device to None.
Delete the device, and then re-add the device.
A security administrator is using Cisco ISE to create a BYOD onboarding solution for all employees who use personal devices on the corporate network. The administrator generates a Certificate Signing Request and signs the request using an external Certificate Authority server. Which certificate usage option must be selected when importing the certificate into ISE?
RADIUS
DLTS
Portal
Admin
Which two actions must be verified to confirm that the internet is accessible via guest access when configuring a guest portal? (Choose two.)
The guest device successfully associates with the correct SSID.
The guest user gets redirected to the authentication page when opening a browser.
The guest device has internal network access on the WLAN.
The guest device can connect to network file shares.
Cisco ISE sends a CoA upon successful guest authentication.
Question