ExamGecko
Home / Cisco / 300-715 / List of questions
Ask Question

Cisco 300-715 Practice Test - Questions Answers

List of questions

Question 1

Report
Export
Collapse

What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two)

updates

updates

remediation actions

remediation actions

Client Provisioning portal

Client Provisioning portal

conditions

conditions

access policy

access policy

Suggested answer: B, D
asked 07/10/2024
Rajeev Parameswaran
38 questions

Question 2

Report
Export
Collapse

What is a method for transporting security group tags throughout the network?

by enabling 802.1AE on every network device

by enabling 802.1AE on every network device

by the Security Group Tag Exchange Protocol

by the Security Group Tag Exchange Protocol

by embedding the security group tag in the IP header

by embedding the security group tag in the IP header

by embedding the security group tag in the 802.1Q header

by embedding the security group tag in the 802.1Q header

Suggested answer: B
asked 07/10/2024
Reselan Govender
33 questions

Question 3

Report
Export
Collapse

Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two).

TCP 8443

TCP 8443

TCP 8906

TCP 8906

TCP 443

TCP 443

TCP 80

TCP 80

TCP 8905

TCP 8905

Suggested answer: A, E
asked 07/10/2024
Nika Longley
38 questions

Question 4

Report
Export
Collapse

Which profiling probe collects the user-agent string?

DHCP

DHCP

AD

AD

HTTP

HTTP

NMAP

NMAP

Suggested answer: C
asked 07/10/2024
Kyle Norton
37 questions

Question 5

Report
Export
Collapse

Which supplicant(s) and server(s) are capable of supporting EAP-CHAINING?

Cisco AnyConnect NAM and Cisco Identity Service Engine

Cisco AnyConnect NAM and Cisco Identity Service Engine

Cisco AnyConnect NAM and Cisco Access Control Server

Cisco AnyConnect NAM and Cisco Access Control Server

Cisco Secure Services Client and Cisco Access Control Server

Cisco Secure Services Client and Cisco Access Control Server

Windows Native Supplicant and Cisco Identity Service Engine

Windows Native Supplicant and Cisco Identity Service Engine

Suggested answer: A
asked 07/10/2024
Christopher Dawe
41 questions

Question 6

Report
Export
Collapse

Which two values are compared by the binary comparison (unction in authentication that is based on Active Directory?

subject alternative name and the common name

subject alternative name and the common name

MS-CHAPv2 provided machine credentials and credentials stored in Active Directory

MS-CHAPv2 provided machine credentials and credentials stored in Active Directory

user-presented password hash and a hash stored in Active Directory

user-presented password hash and a hash stored in Active Directory

user-presented certificate and a certificate stored in Active Directory

user-presented certificate and a certificate stored in Active Directory

Suggested answer: A

Explanation:

Basic certificate checking does not require an identity source. If you want binary comparison checking for the certificates, you must select an identity source. If you select Active Directory as an identity source, subject and common name and subject alternative name (all values) can be used to look up a user. https://www.cisco.com/c/en/us/td/docs/security/ise/1- 3/admin_guide/b_ise_admin_guide_13/ b_ise_admin_guide_sample_chapter_01110.html

asked 07/10/2024
Herlinda Cantu
40 questions

Question 7

Report
Export
Collapse

Which three default endpoint identity groups does cisco ISE create? (Choose three)

Unknown

Unknown

whitelist

whitelist

end point

end point

profiled

profiled

blacklist

blacklist

Suggested answer: A, D, E

Explanation:

Default Endpoint Identity Groups Created for Endpoints

Cisco ISE creates the following five endpoint identity groups by default: Blacklist, GuestEndpoints, Profiled, RegisteredDevices, and Unknown. In addition, it creates two more identity groups, such as Cisco-IP-Phone and Workstation, which are associated to the Profiled (parent) identity group. A parent group is the default identity group that exists in the system.

https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ise_admin_guide_24/b_ise_admin_guide_24_new_chapter_010101.html#ID1678

asked 07/10/2024
Shane Cook
33 questions

Question 8

Report
Export
Collapse

Which Cisco ISE service allows an engineer to check the compliance of endpoints before connecting to the network?

personas

personas

qualys

qualys

nexpose

nexpose

posture

posture

Suggested answer: D

Explanation:

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010110.htmlPosture is a service in Cisco Identity Services Engine (Cisco ISE) that allows you to check the state,also known as posture, of all the endpoints that are connecting to a network for compliance withcorporate security policies. This allows you to control clients to access protected areas of a network.

asked 07/10/2024
Sharanjit Kareer
41 questions

Question 9

Report
Export
Collapse

Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of?

Endpoint

Endpoint

unknown

unknown

blacklist

blacklist

white list

white list

profiled

profiled

Suggested answer: B

Explanation:

If you do not have a matching profiling policy, you can assign an unknown profiling policy. The endpoint is therefore profiled as Unknown. The endpoint that does not match any profile is grouped within the Unknown identity group. The endpoint profiled to the Unknown profile requires that you create a profile with an attribute or a set of attributes collected for that endpoint.

https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html

asked 07/10/2024
Kinzonji Tavares
42 questions

Question 10

Report
Export
Collapse

Refer to the exhibit:

Cisco 300-715 image Question 10 113875 10072024010105000000

Which command is typed within the CU of a switch to view the troubleshooting output?

show authentication sessions mac 000e.84af.59af details

show authentication sessions mac 000e.84af.59af details

show authentication registrations

show authentication registrations

show authentication interface gigabitethemet2/0/36

show authentication interface gigabitethemet2/0/36

show authentication sessions method

show authentication sessions method

Suggested answer: A
asked 07/10/2024
Norman Camacho
47 questions
Total 242 questions
Go to page: of 25

Related questions