Spring Sale Limited Time 75% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple75

Pass the Cisco CCNP Security 300-715 Questions and answers with Dumpstech

Home
Cisco
CCNP Security
300-715
300-715 Questions and Answers

Exam 300-715 Premium Access

View all detail and faqs for the 300-715 exam

Go to Exam

Practice at least 50% of the questions to maximize your chances of passing.

Viewing page 3 out of 9 pages

Viewing questions 21-30 out of questions

Questions # 21:

An administrator must provide wired network access to unidentified Cisco devices that fail 802.1X authentication. Cisco ISE profiling services must be configured to gather Cisco Discovery Protocol and LLDP endpoint information from a Cisco switch. These configurations were performed:

• configured switches to accept SNMP queries from Cisco ISE

• enabled Cisco Discovery Protocol and LLDP on the switches

• added the switch as a NAD to Cisco ISE

What must be enabled to complete the configuration?

Options:

SNMP traps on the switch

SNMP MIBs in Cisco ISE

SNMP Trap probe in Cisco ISE

SNMP Query probe in Cisco ISE

Answer

Questions # 22:

An engineer is working with a distributed deployment of Cisco ISE and needs to configure various network probes to collect a set of attributes from the endpoints on the network. Which node should be used to accomplish this task?

Options:

PSN

primary PAN

pxGrid

MnT

Answer

Questions # 23:

An administrator must provide network access to legacy Windows endpoints with a specific device type and operating system version using Cisco ISE profiler services. The ISE profiler services and access switches must be configured to identify endpoints using the dhcp-class-identifier and parameters-request-list attributes from the DHCP traffic. These configurations were performed:

enabled the DHCP probe in Cisco ISE

configured the Cisco ISE PSN interface to receive DHCP packets

configured the attributes in custom profiling conditions

configured a custom profiling policy

configured an authorization rule with permit access

Which action completes the configuration?

Options:

Configure the switches to send copies of the DHCP traffic to the Cisco ISE PSN.

Configure the Cisco ISE PSN interface to receive SPAN DHCP traffic.

Configure the switches to relay DHCP packets to the Cisco ISE PSN.

Enable the DHCP SPAN probe in Cisco ISE primary server.

Answer

Questions # 24:

A network administrator must use Cisco ISE to check whether endpoints have the correct version of antivirus installed Which action must be taken to allow this capability?

Options:

Configure a native supplicant profile to be used for checking the antivirus version

Configure Cisco ISE to push the HostScan package to the endpoints to check for the antivirus version.

Create a Cisco AnyConnect Network Visibility Module configuration profile to send the antivirus information of the endpoints to Cisco ISE.

Create a Cisco AnyConnect configuration within Cisco ISE for the Compliance Module and associated configuration files

Answer

Explanation

https://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_client_prov.html

About Anyconnect Network Visibility Module

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect45/administration/guide/b_AnyConnect_Administrator_Guide_4-5/nvm.html

Questions # 25:

Which Cisco ISE deployment model provides redundancy by having every node in the deployment configured with the Administration. Policy Service, and Monitoring personas to protect from a complete node failure?

Options:

distributed

dispersed

two-node

hybrid

Answer

Questions # 26:

An engineer is configuring a virtual Cisco ISE deployment and needs each persona to be on a different node. Which persona should be configured with the largest amount of storage in this environment?

Options:

policy Services

Primary Administration

Monitoring and Troubleshooting

Platform Exchange Grid

Answer

Questions # 27:

A network administrator must configure Cisco SE Personas in the company to share session information via syslog. Which Cisco ISE personas must be added to syslog receivers to accomplish this goal?

Options:

pxGrid

admin

policy services

monitor

Answer

Questions # 28:

An administrator needs to allow guest devices to connect to a private network without requiring usernames and passwords. Which two features must be configured to allow for this? (Choose two.)

Options:

hotspot guest portal

device registration WebAuth

central WebAuth

local WebAuth

self-registered guest portal

Answer

A, B

Questions # 29:

An organization wants to enable web-based guest access for both employees and visitors The goal is to use a single portal for both user types Which two authentication methods should be used to meet this requirement? (Choose two )

Options:

LDAP

802 1X

Certificate-based

LOCAL

MAC based

Answer

D, E

Questions # 30:

An engineer is testing Cisco ISE policies in a lab environment with no support for a deployment server. In order to push supplicant profiles to the workstations for testing, firewall ports will need to be opened. From which Cisco ISE persona should this traffic be originating?

Options:

monitoring

policy service

administration

authentication

Answer

Viewing page 3 out of 9 pages

Viewing questions 21-30 out of questions

Modal title

Registered Required

In order to participate in the comments you need to be logged-in.
You can sign-up or login (it's free).