Home

Home / Cisco / 300-715

Question list

List of questions

Question 1

(0)

What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two)

Question 2

(0)

What is a method for transporting security group tags throughout the network?

Question 3

(0)

Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two).

Question 4

(0)

Which profiling probe collects the user-agent string?

Question 5

(0)

Which supplicant(s) and server(s) are capable of supporting EAP-CHAINING?

Question 6

(0)

Which two values are compared by the binary comparison (unction in authentication that is based on Active Directory?

Question 7

(0)

Which three default endpoint identity groups does cisco ISE create? (Choose three)

Question 8

(0)

Which Cisco ISE service allows an engineer to check the compliance of endpoints before connecting to the network?

Question 9

(0)

Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of?

Question 10

(0)

Refer to the exhibit: Which command is typed within the CU of a switch to view the troubleshooting output?

Open VPLUS File

Convert VPLUS to PDF

Related questions

An administrator must block access to BYOD endpoints that were onboarded without a certificate and have been reported as stolen in the Cisco ISE My Devices Portal. Which condition must be used when configuring an authorization policy that sets DenyAccess permission?

DRAG DROP An engineer needs to configure a compliance policy on Cisco ISE to ensure that the latest encryption software is running on the C drive of all endpoints. Drag and drop the configuration steps from the left into the sequence on the right to accomplish this task.

Refer to the exhibit. An engineer is configuring Cisco ISE for guest services They would like to have any unregistered guests redirected to the guest portal for authentication then have a CoA provide them with full access to the network that is segmented via firewalls Why is the given configuration failing to accomplish this goal?

An organization is hosting a conference and must make guest accounts for several of the speakers attending. The conference ended two days early but the guest accounts are still being used to access the network. What must be configured to correct this?

What occurs when a Cisco ISE distributed deployment has two nodes and the secondary node is deregistered?

What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two)

A network engineer is configuring a network device that needs to filter traffic based on security group tags using a security policy on a routed into this task?

While configuring Cisco TrustSec on Cisco IOS devices the engineer must set the CTS device ID and password in order for the devices to authenticate with each other. However after this is complete the devices are not able to property authenticate What issue would cause this to happen even if the device ID and passwords are correct?

The security team identified a rogue endpoint with MAC address 00:46:91:02:28:4A attached to the network. Which action must security engineer take within Cisco ISE to effectively restrict network access for this endpoint?

DRAG DROP Drag and drop the configuration steps from the left into the sequence on the right to install two Cisco ISE nodes in a distributed deployment.

Question 20 - 300-715 discussion

Report

Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles?

(Choose two.)

A.

Firepower

B.

WLC

C.

IOS

D.

ASA

E.

Shell

Suggested answer: B, E

Explanation:

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_0100010.htmlTACACS+ ProfileTACACS+ profiles control the initial login session of the device administrator. A session refers to eachindividual authentication, authorization, or accounting request. A session authorization request to anetwork device elicits an ISE response. The response includes a token that is interpreted by thenetwork device, which limits the commands that may be executed for the duration of a session. Theauthorization policy for a device administration access service can contain a single shell profile andmultiple command sets. The TACACS+ profile definitions are split into two components:

Common tasks

Custom attributes

There are two views in the TACACS+ Profiles page (Work Centers > Device Administration > Policy Elements > Results > TACACS Profiles)—Task Attribute View and Raw View. Common tasks can be entered using the Task

Attribute View and custom attributes can be created in the Task Attribute View as well as the Raw View.

The Common Tasks section allows you to select and configure the frequently used attributes for a profile. The attributes that are included here are those defined by the TACACS+ protocol draft specifications. However, the values can be used in the authorization of requests from other services.

In the Task Attribute View, the ISE administrator can set the privileges that will be assigned to the device administrator. The common task types are:

Shell

WLC

Nexus

Generic

The Custom Attributes section allows you to configure additional attributes. It provides a list of attributes that are not recognized by the Common Tasks section. Each definition consists of the attribute name, an indication of whether the attribute is mandatory or optional, and the value for the attribute. In the Raw View, you can enter the mandatory attributes using a equal to (=) sign between the attribute name and its value and optional attributes are entered using an asterisk (*) between the attribute name and its value. The attributes entered in the Raw View are reflected in the Custom Attributes section in the Task Attribute View and vice versa. The Raw View is also used to copy paste the attribute list (for example, another product's attribute list) from the clipboard onto ISE. Custom attributes can be defined for nonshell services.

Show Answer

asked 07/10/2024

david buisan garcia

30 questions

User

Your answer: A B C D E

0 comments

Sorted by

Leave a comment first