Cisco 300-715 SISE Exam Questions Instant Access

Question 1

A network engineer must configure BYOD using Cisco ISE. In the deployment, the users must be able to submit CSR through the end devices. Which two features must be enabled to meet the requirement?

(Choose two.)

ADefine a certificate group tag.

BA new BYOD portal must be created.

CA certificate provisioning portal must be configured.

DCisco ISE Internal CA service must be enabled.

EAdd SuperAdmin account into portal admin group.

Answer : C, D

Question 2

The Cisco Wireless LAN Controller and guest portal must be set up in Cisco ISE. These configurations were performed:

* configured all the required Cisco Wireless LAN Controller configurations

* added the wireless controller to Cisco ISE network devices

* created an endpoint identity group

* configured credentials to be sent by email

* configured the SMTP server

* configured an authorization profile with redirection to the guest portal and redirected the access control list

* configured an authentication policy for MAB users

* created an authorization policy

Which two components would be required to complete the configuration? (Choose two.)

Asponsor group

Bhotspot guest portal

Csponsor portal

Dself-registered guest portal

Eguest type

Answer : C, E

Question 3

An engineer is implementing Cisco ISE and needs to configure 802.1X. The port settings are configured for port-based authentication. Which command should be used to complete this configuration?

Adot1x pae authenticator

Bdot1x system-auth-control

Cauthentication port-control auto

Daaa authentication dot1x default group radius

Answer : B

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sg/configuration/guide/conf/dot1x.html#wp1133395

Question 4

A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group. Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?

AKeep track of guest user activities

BConfigure authorization settings for guest users

CCreate and manage guest user accounts

DAuthenticate guest users to Cisco ISE

Answer : C

Question 5

When planning for the deployment of Cisco ISE, an organization's security policy dictates that they must use network access authentication via RADIUS. It also states that the deployment provide an adequate amount of security and visibility for the hosts on the network. Why should the engineer configure MAB in this situation?

AThe Cisco switches only support MAB.

BMAB provides the strongest form of authentication available.

CThe devices in the network do not have a supplicant.

DMAB provides user authentication.

Answer : C

Question 6

A network administrator must configure Cisco SE Personas in the company to share session information via syslog. Which Cisco ISE personas must be added to syslog receivers to accomplish this goal?

ApxGrid

Badmin

Cpolicy services

Dmonitor

Answer : D

Question 7

An engineer is configuring Cisco ISE policies to support MAB for devices that do not have 802.1X capabilities. The engineer is configuring new endpoint identity groups as conditions to be used in the AuthZ policies, but noticed that the endpoints are not hitting the correct policies. What must be done in order to get the devices into the right policies?

AManually add the MAC addresses of the devices to endpoint ID groups in the context visibility database.

BCreate an AuthZ policy to identify Unknown devices and provide partial network access prior to profiling.

CAdd an identity policy to dynamically add the IP address of the devices to their endpoint identity groups.

DIdentify the non 802.1X supported device types and create custom profiles for them to profile into.

Answer : D

Cisco Implementing and Configuring Cisco Identity Services Engine 300-715 SISE Exam Questions