Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 300-715

Cisco® 300-715 Exam Practice Questions (P. 4)

  • Full Access (352 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #31
What should be configured on the Cisco ISE authentication policy for unknown MAC addresses/identities for successful authentication?
  1. A
    continue
  2. B
    pass
  3. C
    drop
  4. D
    reject

Correct Answer:
A

Question #32
Which command displays all 802.1X/MAB sessions that are active on the switch ports of a Cisco Catalyst switch?
  1. A
    show authentication sessions interface Gi1/0/x output
  2. B
    show authentication sessions
  3. C
    show authentication sessions output
  4. D
    show authentication sessions interface Gi 1/0/x

Correct Answer:
D
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/s1/sec-s1-xe-3se-3850-cr-book/sec-s1-xe-3se-3850-cr- book_chapter_01.html#wp3404908137

Question #33
What are two requirements of generating a single certificate in Cisco ISE by using a certificate provisioning portal, without generating a certificate signing request?
(Choose two.)
  1. A
    Enter the IP address of the device.
  2. B
    Enter the common name.
  3. C
    Choose the hashing method.
  4. D
    Locate the CSV file for the device MAC.
  5. E
    Select the certificate template.

Correct Answer:
BE
Reference:
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200534-ISE-2-0-Certificate-Provisioning-Portal.html

Question #34

Refer to the exhibit. Which command is typed within the CLI of a switch to view the troubleshooting output?
  1. A
    show authentication sessions mac 000e.84af.59af details
  2. B
    show authentication registrations
  3. C
    show authentication interface gigabitethernet2/0/36
  4. D
    show authentication sessions method

Correct Answer:
A

Question #35
What gives Cisco ISE an option to scan endpoints for vulnerabilities?
  1. A
    authentication policy
  2. B
    authorization profile
  3. C
    authentication profile
  4. D
    authorization policy

Correct Answer:
B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_010100.html

Question #36
Which two values are compared by the binary comparison function in authentication that is based on Active Directory?
  1. A
    user-presented certificate and a certificate stored in Active Directory
  2. B
    MS-CHAPv2 provided machine credentials and credentials stored in Active Directory
  3. C
    user-presented password hash and a hash stored in Active Directory
  4. D
    subject alternative name and the common name

Correct Answer:
D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/ISE-ADIntegrationDoc/b_ISE-ADIntegration.html

Question #37
What happens when an internal user is configured with an external identity store for authentication, but an engineer uses the Cisco ISE admin portal to select an internal identity store as the identity source?
  1. A
    Authentication is redirected to the internal identity source.
  2. B
    Authentication is granted.
  3. C
    Authentication fails.
  4. D
    Authentication is redirected to the external identity source.

Correct Answer:
D

Question #38
Which two actions occur when a Cisco ISE server device administrator logs in to a device? (Choose two.)
  1. A
    The Cisco ISE server queries the internal identity store.
  2. B
    The device queries the external identity store.
  3. C
    The device queries the Cisco ISE authorization server.
  4. D
    The device queries the internal identity store.
  5. E
    The Cisco ISE server queries the external identity store.

Correct Answer:
BE

Question #39
An engineer is configuring a guest password policy and needs to ensure that the password complexity requirements are set to mitigate brute force attacks.
Which two requirements should be included in this policy? (Choose two.)
  1. A
    active username limit
  2. B
    password expiration period
  3. C
    access code control
  4. D
    username expiration date
  5. E
    minimum password length

Correct Answer:
BE

Question #40
An engineer is using the low-impact mode for a phased deployment of Cisco ISE and is trying to connect to the network prior to authentication.
Which access will be denied in this deployment?
  1. A
    DNS
  2. B
    DHCP
  3. C
    EAP
  4. D
    HTTP

Correct Answer:
D

Previous Questions Next Questions

All Pages