Practice Exams:

Free 300-715 Exam Braindumps

Pass your Implementing and Configuring Cisco Identity Services Engine (SISE) exam with these free Questions and Answers

Page 7 of 48
PDF with 238 Questions
QUESTION 26

A user is attempting to register a BYOD device to the Cisco ISE deployment, but needs to use the onboarding policy to request a digital certificate and provision the endpoint. What must be configured to accomplish this task?

  1. A. A native supplicant provisioning policy to redirect them to the BYOD portal for onboarding
  2. B. The Cisco AnyConnect provisioning policy to provision the endpoint for onboarding
  3. C. The BYOD flow to ensure that the endpoint will be provisioned prior to registering
  4. D. The posture provisioning policy to give the endpoint all necessary components prior to registering

Correct Answer: A

QUESTION 27

When creating a policy within Cisco ISE for network access control, the administrator wants to allow different access restrictions based upon the wireless SSID to which the device is connecting. Which policy condition must be used in order to accomplish this?

  1. A. Network Access NetworkDeviceName CONTAINS <SSID Name>
  2. B. DEVICE Device Type CONTAINS
  3. C. Radius Called-Station-ID CONTAINS
  4. D. Airespace Airespace-Wlan-ld CONTAINS

Correct Answer: C
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115734-ise-policies-ssid-00.h

QUESTION 28

An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic. Which type of access list should be used for this configuration?

  1. A. reflexive ACL
  2. B. extended ACL
  3. C. standard ACL
  4. D. numbered ACL

Correct Answer: B

QUESTION 29

An engineer is configuring 802.1X and is testing out their policy sets. After authentication, some endpoints are given an access-reject message but are still allowed onto the network. What is causing this issue to occur?

  1. A. The switch port is configured with authentication event server dead action authorize vlan.
  2. B. The authorization results for the endpoints include a dACL allowing access.
  3. C. The authorization results for the endpoints include the Trusted security group tag.
  4. D. The switch port is configured with authentication open.

Correct Answer: D

QUESTION 30

If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?

  1. A. Client Provisioning
  2. B. Guest
  3. C. BYOD
  4. D. Blacklist

Correct Answer: D
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Desi The Blacklist identity group is system generated and maintained by ISE to prevent access to lost or stolen devices. In this design guide, two authorization profiles are used to enforce the permissions for wireless and wired devices within the Blacklist:
300-715 dumps exhibit Blackhole WiFi Access
300-715 dumps exhibit Blackhole Wired Access

Page 7 of 48
PDF with 238 Questions

Post your Comments and Discuss Cisco 300-715 exam with other Community members: