Cisco 300-715 Practice Test - Questions Answers, Page 23
Question list
List of questions
Related questions
An administrator made changes in Cisco ISE and needs to apply new permissions for endpoints that have already been authenticated by sending a CoA packet to the network devices. Which IOS command must be configured on the devices to accomplish this goal?
aaa server radius dynamic-author
authentication command bounce-port
authentication command disable-port
aaa nas port extended
An engineer needs to configure Cisco ISE Profiling Services to authorize network access for IP speakers that require access to the intercom system. This traffic needs to be identified if the ToS bit is set to 5 and the destination IP address is the intercom system. What must be configured to accomplish this goal?
NMAP
NETFLOW
pxGrid
RADIUS
Which type of identity store allows for creating single-use access credentials in Cisco ISE?
OpenLDAP
Local
PKI
RSA SecurID
A network engineer needs to deploy 802.1x using Cisco ISE in a wired network environment where thin clients download their system image upon bootup using PXE. For which mode must the switch ports be configured?
closed
restricted
monitor
low-impact
An ISE administrator must change the inactivity timer for MAB endpoints to terminate the authentication session whenever a switch port that is connected to an IP phone does not detect packets from the device for 30 minutes. Which action must be taken to accomplish this task?
Add the authentication timer reauthenticate server command to the switchport.
Add the authentication timer inactivity 3600 command to the switchport.
Change the idle-timeout on the Radius server to 3600 seconds for IP Phone endpoints.
Configure the session-timeout to be 3600 seconds on Cisco ISE.
VLAN to SGT mapping
IP Address to SGT mapping
L3IF to SGT mapping
Subnet to SGT mapping
An engineer must configure Cisco ISE to provide internet access for guests in which guests are required to enter a code to gain network access. Which action accomplishes the goal?
Configure the hotspot portal for guest access and require an access code.
Configure the sponsor portal with a single account and use the access code as the password.
Configure the self-registered guest portal to allow guests to create a personal access code.
Create a BYOD policy that bypasses the authentication of the user and authorizes access codes.
An engineer wants to learn more about Cisco ISE and deployed a new lab with two nodes. Which two persona configurations allow the engineer to successfully test redundancy of a failed node? (Choose two.)
Configure one of the Cisco ISE nodes as the Health Check node.
Configure both nodes with the PAN and MnT personas only.
Configure one of the Cisco ISE nodes as the primary PAN and MnT personas and the other as the secondary.
Configure both nodes with the PAN, MnT, and PSN personas.
Configure one of the Cisco ISE nodes as the primary PAN and PSN personas and the other as the secondary.
DRAG DROP
An engineer needs to export a file in CSV format, encrypted with the password C1$c0438563935, and contains users currently configured in Cisco ISE. Drag and drop the steps from the left into the sequence on the right to complete this task.
DRAG DROP
An engineer needs to configure a compliance policy on Cisco ISE to ensure that the latest encryption software is running on the C drive of all endpoints. Drag and drop the configuration steps from the left into the sequence on the right to accomplish this task.
Question