Practice Exams:

Free 300-715 Exam Braindumps

Pass your Implementing and Configuring Cisco Identity Services Engine (SISE) exam with these free Questions and Answers

Page 8 of 48
PDF with 238 Questions
QUESTION 31

A network security engineer needs to configure 802.1X port authentication to allow a single host to be authenticated for data and another single host to be authenticated for voice. Which command should the engineer run on the interface to accomplish this goal?

  1. A. authentication host-mode single-host
  2. B. authentication host-mode multi-auth
  3. C. authentication host-mode multi-host
  4. D. authentication host-mode multi-domain

Correct Answer: D

QUESTION 32

An administrator wants to configure network device administration and is trying to decide whether to use TACACS* or RADIUS. A reliable protocol must be used that can check command authorization Which protocol meets these requirements and why?

  1. A. TACACS+ because it runs over TCP
  2. B. RADIUS because it runs over UDP
  3. C. RADIUS because it runs over TCP.
  4. D. TACACS+ because it runs over UDP

Correct Answer: A

QUESTION 33

A network engineer needs to deploy 802.1x using Cisco ISE in a wired network environment where thin clients download their system image upon bootup using PXE. For which mode must the switch ports be configured?

  1. A. closed
  2. B. restricted
  3. C. monitor
  4. D. low-impact

Correct Answer: D

QUESTION 34

An engineer builds a five-node distributed Cisco ISE deployment The first two deployed nodes are responsible for the primary and secondary administration and monitoring personas Which persona configuration is necessary to have the remaining three Cisco ISE nodes serve as dedicated nodes in the Cisco ISE cube that is responsible only for handling the RADIUS and TACACS+ authentication requests, identity lookups, and policy evaluation?
A)
300-715 dumps exhibit
B)
300-715 dumps exhibit
C)
300-715 dumps exhibit
D)
300-715 dumps exhibit

  1. A. Option A
  2. B. Option B
  3. C. Option C
  4. D. Option D

Correct Answer: D

QUESTION 35

A network administrator notices that after a company-wide shut down, many users cannot connect their laptops to the corporate SSID. What must be done to permit access in a timely manner?

  1. A. Authenticate the user's system to the secondary Cisco ISE node and move this user to the primary with the renewed certificate.
  2. B. Connect this system as a guest user and then redirect the web auth protocol to log in to the network.
  3. C. Add a certificate issue from the CA server, revoke the expired certificate, and add the new certificate in system.
  4. D. Allow authentication for expired certificates within the EAP-TLS section under the allowed protocols.

Correct Answer: A

Page 8 of 48
PDF with 238 Questions

Post your Comments and Discuss Cisco 300-715 exam with other Community members: