300-715 exam

An administrator is configuring a new profiling policy within Cisco ISE The organization has several endpoints that are the same device type and all have the same Block ID in their MAC address. The profiler does not currently have a profiling policy created to categorize these endpoints. therefore a custom...

A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group. Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?A . Keep track of guest user activities B. Configure authorization settings for guest users C. Create and...

An engineer is designing a new distributed deployment for Cisco ISE in the network and is considering failover options for the admin nodes. There is a need to ensure that an admin node is available for configuration of policies at all times. What is the requirement to enable this feature?A...

A network engineer is configuring Cisco TrustSec and needs to ensure that the Security Group Tag is being transmitted between two devices. Where in the Layer 2 frame should this be verified?A . CMD filed B. 802.1Q filed C. Payload D. 802.1 AE headerView AnswerAnswer: A Explanation: https://www.cisco.com/c/dam/global/en_ca/assets/ciscoconnect/2014/pdfs/policy_defined_segmentation_with_trustsec_rob_bleeker.pdf (slide 25)

What is an advantage of using EAP-TLS over EAP-MS-CHAPv2 for client authentication?A . EAP-TLS uses a username and password for authentication to enhance security, while EAP-MS-CHAPv2 does not. B. EAP-TLS secures the exchange of credentials, while EAP-MS-CHAPv2 does not. C. EAP-TLS uses a device certificate for authentication to enhance security,...

Refer to the exhibit. In which scenario does this switch configuration apply?A . when allowing a hub with multiple clients connected B. when passing IP phone authentication C. when allowing multiple IP phones to be connected D. when preventing users with hypervisorView AnswerAnswer: A Explanation: https://www.linkedin.com/pulse/mac-authentication-bypass-priyanka-kumari#:~:text=Multi%2Dauthentication%20host%20mode%3A%20You,allows%20multiple %20source%20MAC%20addresses.

An engineer is enabling a newly configured wireless SSID for tablets and needs visibility into which other types of devices are connecting to it. What must be done on the Cisco WLC to provide this information to Cisco ISE?A . enable IP Device Tracking B. enable MAC filtering C. enable...

Which two fields are available when creating an endpoint on the context visibility page of Cisco IS? (Choose two)A . Policy Assignment B. Endpoint Family C. Identity Group Assignment D. Security Group Tag E. IP AddressView AnswerAnswer: A,C

An administrator is configuring the Native Supplicant Profile to be used with the Cisco ISE posture agents and needs to test the connection using wired devices to determine which profile settings are available. Which two configuration settings should be used to accomplish this task? (Choose two.)A . authentication mode B....

Which two authentication protocols are supported by RADIUS but not by TACACS+? (Choose two.)A . MSCHAPv1 B. PAP C. EAP D. CHAP E. MSCHAPV2View AnswerAnswer: C,E