Cisco 300-715 Practice Test - Questions Answers, Page 7
Question list
List of questions
Related questions
An engineer is configuring Cisco ISE to reprofile endpoints based only on new requests of INITREBOOT and SELECTING message types. Which probe should be used to accomplish this task?
MMAP
DNS
DHCP
RADIUS
An engineer is using Cisco ISE and configuring guest services to allow wireless devices to access the network. Which action should accomplish this task?
Create the redirect ACL on the WLC and add it to the WLC policy
Create the redirect ACL on the WLC and add it to the Cisco ISE policy.
Create the redirect ACL on Cisco ISE and add it to the WLC policy
Create the redirect ACL on Cisco ISE and add it to the Cisco ISE Policy
An engineer is configuring web authentication using non-standard ports and needs the switch to redirect traffic to the correct port. Which command should be used to accomplish this task?
permit tcp any any eq <port number>
aaa group server radius proxy
ip http port <port number>
aaa group server radius
An administrator needs to connect ISE to Active Directory as an external authentication source and allow the proper ports through the firewall. Which two ports should be opened to accomplish this task? (Choose two)
TELNET 23
LDAP 389
HTTP 80
HTTPS 443
MSRPC 445
Refer to the exhibit.
A network engineers configuring the switch to accept downloadable ACLs from a Cisco ISC server Which two commands should be run to complete the configuration? (Choose two)
aaa authorization auth-proxy default group radius
radius server vsa sand authentication
radius-server attribute 8 include-in-access-req
ip device tracking
dot1x system-auth-control
An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication. Which access will be denied in this?
HTTP
DNS
EAP
DHCP
A network engineer needs to ensure that the access credentials are not exposed during the 802.1x authentication among components. Which two protocols should complete this task?
PEAP
EAP-MD5
LEAP
EAP-TLS
EAP-TTLS
An engineer is configuring a guest password policy and needs to ensure that the password complexity requirements are set to mitigate brute force attacks. Which two requirement complete this policy? (Choose two)
minimum password length
active username limit
access code control
gpassword expiration period
username expiration date
Which two actions occur when a Cisco ISE server device administrator logs in to a device? (Choose two)
The device queries the internal identity store
The Cisco ISE server queries the internal identity store
The device queries the external identity store
The Cisco ISE server queries the external identity store.
The device queries the Cisco ISE authorization server
When planning for the deployment of Cisco ISE, an organization's security policy dictates that they must use network access authentication via RADIUS. It also states that the deployment provide an adequate amount of security and visibility for the hosts on the network. Why should the engineer configure MAB in this situation?
The Cisco switches only support MAB.
MAB provides the strongest form of authentication available.
The devices in the network do not have a supplicant.
MAB provides user authentication.
Question