300-715 Online Practice Questions and Answers

Which term refers to an endpoint agent that tries to join an 802 1X-enabled network?

A. EAP server

B. supplicant

C. client

D. authenticator

Which two values are compared by the binary comparison function in authentication that is based on Active Directory? (Choose 2)

A. subject alternative name and the common name

B. MS-CHAFV2 provided machine credentials and credentials stored in Active Directory

C. user-presented password hash and a hash stored in Active Directory

D. user-presented certificate and a certificate stored in Active Directory

Which Cisco ISE service allows an engineer to check the compliance of endpoints before connecting to the network?

A. personas

B. qualys

C. nexpose

D. posture

What is a characteristic of the UDP protocol?

A. UDP can detect when a server is down.

B. UDP offers best-effort delivery

C. UDP can detect when a server is slow

D. UDP offers information about a non-existent server

If there is a firewall between Cisco ISE and an Active Directory external identity store, which port does not need to be open?

A. UDP/TCP 389

B. UDP123

C. TCP 21

D. TCP 445

E. TCP 88

An administrator is adding network devices for a new medical building into Cisco ISE. These devices must be in a network device group that is identifying them as "Medical Switch" so that the policies can be made separately for the endpoints connecting through them.

Which configuration item must be changed in the network device within Cisco ISE to accomplish this goal?

A. Change the device type to Medical Switch.

B. Change the device profile to Medical Switch.

C. Change the model name to Medical Switch.

D. Change the device location to Medical Switch.

An administrator is configuring cisco ISE lo authenticate users logging into network devices live logs. Which action ensures the users are able to log into the network devices?

A. Enable the device administration service in the Administration persona

B. Enable the session services in the administration persona

C. Enable the service sessions in the PSN persona.

D. Enable the device administration service in the PSN persona.

A network administrator must configura endpoints using an 802 1X authentication method with EAP identity certificates that are provided by the Cisco ISE When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network

Which EAP type must be configured by the network administrator to complete this task?

A. EAP-PEAP-MSCHAPv2

B. EAP-TTLS

C. EAP-FAST

D. EAP-TLS

An administrator is manually adding a device to a Cisco ISE identity group to ensure that it is able to access the network when needed without authentication Upon testing, the administrator notices that the device never hits the correct authorization policy line using the condition EndPoints LogicalProfile EQUALS static_list Why is this occurring?

A. The dynamic logical profile is overriding the statically assigned profile

B. The device is changing identity groups after profiling instead ot remaining static

C. The logical profile is being statically assigned instead of the identity group

D. The identity group is being assigned instead of the logical profile

DRAG DROP

Drag and drop the description from the left onto the protocol on the right that is used to carry out system authentication, authentication, and accounting.

Select and Place: