Practice Exams:

Free 300-715 Exam Braindumps

Pass your Implementing and Configuring Cisco Identity Services Engine (SISE) exam with these free Questions and Answers

Page 3 of 48
PDF with 238 Questions
QUESTION 6

What is the minimum certainty factor when creating a profiler policy?

  1. A. the minimum number that a predefined condition provides
  2. B. the maximum number that a predefined condition provides
  3. C. the minimum number that a device certainty factor must reach to become a member of the profile
  4. D. the maximum number that a device certainty factor must reach to become a member of the profile

Correct Answer: C

QUESTION 7

What allows an endpoint to obtain a digital certificate from Cisco ISE during a BYOD flow?

  1. A. Network Access Control
  2. B. My Devices Portal
  3. C. Application Visibility and Control
  4. D. Supplicant Provisioning Wizard

Correct Answer: D

QUESTION 8

An administrator adds a new network device to the Cisco ISE configuration to authenticate endpoints to the network. The RADIUS test fails after the administrator configures all of the settings in Cisco ISE and adds the proper configurations to the switch. What is the issue"?

  1. A. The endpoint profile is showing as "unknown."
  2. B. The endpoint does not have the appropriate credentials for network access.
  3. C. The shared secret is incorrect on the switch or on Cisco ISE.
  4. D. The certificate on the switch is self-signed not a CA-provided certificate.

Correct Answer: B

QUESTION 9

There are several devices on a network that are considered critical and need to be placed into the ISE database and a policy used for them. The organization does not want to use profiling. What must be done to accomplish this goal?

  1. A. Enter the MAC address in the correct Endpoint Identity Group.
  2. B. Enter the MAC address in the correct Logical Profile.
  3. C. Enter the IP address in the correct Logical Profile.
  4. D. Enter the IP address in the correct Endpoint Identity Group.

Correct Answer: A

QUESTION 10

An engineer is configuring static SGT classification. Which configuration should be used when authentication is disabled and third-party switches are in use?

  1. A. VLAN to SGT mapping
  2. B. IP Address to SGT mapping
  3. C. L3IF to SGT mapping
  4. D. Subnet to SGT mapping

Correct Answer: B
https://community.cisco.com/t5/security-knowledge-base/segmentation-strategy/ta-p/3757424: "The method of sending out IP to SGT mappings from ISE is particularly useful if the access switch does not support TrustSec"

Page 3 of 48
PDF with 238 Questions

Post your Comments and Discuss Cisco 300-715 exam with other Community members: