Spring Sale Limited Time 75% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple75

Pass the Cisco CCNP Security 300-715 Questions and answers with Dumpstech

Exam 300-715 Premium Access

View all detail and faqs for the 300-715 exam

Go to Exam
Practice at least 50% of the questions to maximize your chances of passing.
Viewing page 7 out of 9 pages
Viewing questions 61-70 out of questions
Questions # 61:

An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network They have multiple vendors’ firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this What should be done to enable this type of posture check?

Options:

A.

Use the file registry condition to ensure that the firewal is installed and running appropriately.

B.

Use a compound condition to look for the Windows or Mac native firewall applications.

C.

Enable the default firewall condition to check for any vendor firewall application.

D.

Enable the default application condition to identify the applications installed and validade the firewall app.

Questions # 62:

Using the SAK Active Directory Federation Services server. The configurations were performed:

• created a new SAML Identity provider profile in Cisco ISE

• exported the service provider Information

• configured all the required Active Directory Federation Services configurations

• Imported the Active Directory Federation Services metadata

• configured groups in the new SAML identity

• added attributes to the new SAML identity provider profile

• configured Advanced Settings in the new SAML identity provider profile

Which two actions must be taken to complete the configuration? (Choose two.)

Options:

A.

Allow Kerberos single sign-on on the Sponsor portal.

B.

Configure the Sponsor portal HTTPS port for Active Directory Federation Services integration.

C.

Customize the Sponsor portal pages for Integration with Active Directory Federation Services.

D.

Add SAML identity provider groups in Sponsor Group Members.

E.

Configure an identity source sequence in the Sponsor portal.

Questions # 63:

What is a function of client provisioning?

Options:

A.

It ensures an application process is running on the endpoint.

B.

It checks a dictionary' attribute with a value.

C.

It ensures that endpoints receive the appropriate posture agents

D.

It checks the existence date and versions of the file on a client.

Questions # 64:

What must be configured on the Cisco ISE authentication policy for unknown MAC addresses/identities for successful authentication?

Options:

A.

pass

B.

reject

C.

drop

D.

continue

Questions # 65:

A network engineer is in the predeployment discovery phase o! a Cisco ISE deployment and must discover the network. There is an existing network management system in the network. Which type of probe must be configured to gather the information?

Options:

A.

NetFlow

B.

RADIUS

C.

SNMP

D.

NMAP

Questions # 66:

An adminístrator is migrating device administration access to Cisco ISE from the legacy TACACS+ solution that used only privilege 1 and 15 access levels. The organization requires more granular controls of the privileges and wants to customize access levels 2-5 to correspond with different roles and access needs. Besides defining a new shell profile in Cisco ISE. what must be done to accomplish this configuration?

Options:

A.

Enable the privilege levels in Cisco ISE

B.

B. Enable the privilege levels in the IOS devices.

C.

Define the command privileges for levels 2-5 in the IOS devices

D.

Define the command privileges for levels 2-5 in Cisco ISE

Questions # 67:

An administrator plans to use Cisco ISE to deploy posture policies to assess Microsoft Windows endpoints that run Cisco Secure Client. The administrator wants to minimize the occurrence of messages related to unknown posture profiles if Cisco ISE fails to determine the posture of the endpoint. Secure Client is deployed to all the endpoints. and all the required Cisco ISE authentication, authorization, and posture policy configurations were performed. Which action must be taken next to complete the configuration?

Options:

A.

Install the latest version of the Secure Client client on the endpoints.

B.

Enable Cisco ISE posture on Secure Client configuration.

C.

Configure a native supplicant on the endpoints to support the posture policies.

D.

Install the compliance module on the endpoints.

Questions # 68:

A network administrator must configure Cisco SE Personas in the company to share session information via syslog. Which Cisco ISE personas must be added to syslog receivers to accomplish this goal?

Options:

A.

pxGrid

B.

admin

C.

policy services

D.

monitor

Questions # 69:

Which two external identity stores are supported by Cisco ISE for password types? (Choose two.)

Options:

A.

LDAP

B.

OBDC

C.

RADIUS Token Server

D.

TACACS+ Token Server

E.

SOL

Questions # 70:

Which personas can a Cisco ISE node assume'?

Options:

A.

policy service, gatekeeping, and monitoring

B.

administration, policy service, and monitoring

C.

administration, policy service, gatekeeping

D.

administration, monitoring, and gatekeeping

Viewing page 7 out of 9 pages
Viewing questions 61-70 out of questions