Cisco 300-715 SISE Exam Practice Test Instant Access

Question 1

An enterprise uses a separate PSN for each of its four remote sites. Recently, a user reported receiving an "EAP-TLS authentication failed" message when moving between remote sites. Which configuration must be applied on Cisco ISE?

AUse a third-party certificate on the network device.

BAdd the device to all PSN nodes in the deployment.

CRenew the expired certificate on one of the PSN.

DConfigure an authorization profile for the end users.

Answer : B

When using separate PSNs for different sites, the network device must be added to all PSN nodes in the deployment, so that the device can communicate with the appropriate PSN based on the location of the user1. If the device is not added to all PSN nodes, the user may encounter an EAP-TLS authentication failure when moving between sites, as the device may not be able to reach the PSN that issued the certificate2. The other options are not relevant for this scenario, as they do not address the issue of PSN communication.

Question 2

An engineer wants to learn more about Cisco ISE and deployed a new lab with two nodes. Which two persona configurations allow the engineer to successfully test redundancy of a failed node? (Choose two.)

AConfigure one of the Cisco ISE nodes as the Health Check node.

BConfigure both nodes with the PAN and MnT personas only.

CConfigure one of the Cisco ISE nodes as the primary PAN and MnT personas and the other as the secondary.

DConfigure both nodes with the PAN, MnT, and PSN personas.

EConfigure one of the Cisco ISE nodes as the primary PAN and PSN personas and the other as the secondary.

Answer : C, E

Question 3

An engineer must configure Cisco ISE to provide internet access for guests in which guests are required to enter a code to gain network access. Which action accomplishes the goal?

AConfigure the hotspot portal for guest access and require an access code.

BConfigure the sponsor portal with a single account and use the access code as the password.

CConfigure the self-registered guest portal to allow guests to create a personal access code.

DCreate a BYOD policy that bypasses the authentication of the user and authorizes access codes.

Answer : A

Question 4

A security administrator is using Cisco ISE to create a BYOD onboarding solution for all employees who use personal devices on the corporate network. The administrator generates a Certificate Signing Request and signs the request using an external Certificate Authority server. Which certificate usage option must be selected when importing the certificate into ISE?

ARADIUS

BDLTS

CPortal

DAdmin

Answer : C

Question 5

The IT manager wants to provide different levels of access to network devices when users authenticate using TACACS+. The company needs specific commands to be allowed based on the Active Directory group membership of the different roles within the IT department. The solution must minimize the number of objects created in Cisco ISE. What must be created to accomplish this task?

Aone shell profile and one command set

Bmultiple shell profiles and one command set

Cone shell profile and multiple command sets

Dmultiple shell profiles and multiple command sets

Answer : C

Question 6

Which two authentication protocols are supported by RADIUS but not by TACACS+? (Choose two.)

AMSCHAPv1

BPAP

CEAP

DCHAP

EMSCHAPV2

Answer : C, E

Question 7

An organization is adding nodes to their Cisco ISE deployment and has two nodes designated as primary and secondary PAN and MnT nodes. The organization also has four PSNs An administrator is adding two more PSNs to this deployment but is having problems adding one of them What is the problem?

AThe new nodes must be set to primary prior to being added to the deployment

BThe current PAN is only able to track a max of four nodes

COnly five PSNs are allowed to be in the Cisco ISE cube if configured this way.

DOne of the new nodes must be designated as a pxGrid node

Answer : C

Cisco 300-715 Implementing and Configuring Cisco Identity Services Engine SISE Exam Practice Test