ExamGecko
Search Search Login
Home Home / Cisco / 300-715
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

DRAG DROP An engineer needs to configure a compliance policy on Cisco ISE to ensure that the latest encryption software is running on the C drive of all endpoints. Drag and drop the configuration steps from the left into the sequence on the right to accomplish this task.
An administrator must block access to BYOD endpoints that were onboarded without a certificate and have been reported as stolen in the Cisco ISE My Devices Portal. Which condition must be used when configuring an authorization policy that sets DenyAccess permission?
Refer to the exhibit. An engineer is configuring Cisco ISE for guest services They would like to have any unregistered guests redirected to the guest portal for authentication then have a CoA provide them with full access to the network that is segmented via firewalls Why is the given configuration failing to accomplish this goal?
What are two components of the posture requirement when configuring Cisco ISE posture? (Choose two)
An organization is hosting a conference and must make guest accounts for several of the speakers attending. The conference ended two days early but the guest accounts are still being used to access the network. What must be configured to correct this?
What occurs when a Cisco ISE distributed deployment has two nodes and the secondary node is deregistered?
While configuring Cisco TrustSec on Cisco IOS devices the engineer must set the CTS device ID and password in order for the devices to authenticate with each other. However after this is complete the devices are not able to property authenticate What issue would cause this to happen even if the device ID and passwords are correct?
A network engineer is configuring a network device that needs to filter traffic based on security group tags using a security policy on a routed into this task?
An engineer is configuring Cisco ISE to reprofile endpoints based only on new requests of INITREBOOT and SELECTING message types. Which probe should be used to accomplish this task?
The security team identified a rogue endpoint with MAC address 00:46:91:02:28:4A attached to the network. Which action must security engineer take within Cisco ISE to effectively restrict network access for this endpoint?

Question 95 - 300-715 discussion

Report
Export

An organization wants to improve their BYOD processes to have Cisco ISE issue certificates to the BYOD endpoints. Currently, they have an active certificate authority and do not want to replace it with Cisco ISE. What must be configured within Cisco ISE to accomplish this goal?

A.

Create a certificate signing request and have the root certificate authority sign it.

Answers
A.

Create a certificate signing request and have the root certificate authority sign it.

B.

Add the root certificate authority to the trust store and enable it for authentication.

Answers
B.

Add the root certificate authority to the trust store and enable it for authentication.

C.

Create an SCEP profile to link Cisco ISE with the root certificate authority.

Answers
C.

Create an SCEP profile to link Cisco ISE with the root certificate authority.

D.

Add an OCSP profile and configure the root certificate authority as secondary.

Answers
D.

Add an OCSP profile and configure the root certificate authority as secondary.

Suggested answer: C

Explanation:

Ref:https://www.cisco.com/c/en/us/support/docs/security/identity-services-enginesoftware/116068-configure-product-00.html

Show Answer
asked 07/10/2024
M.G.Georgantzis QUALCO
30 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms