Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

300-715 Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) Free Practice Exam Questions (2025 Updated)

Prepare effectively for your Cisco 300-715 Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

Cisco 300-715 Premium Access     Download Demo    
Page: 4 / 5
Total 299 questions

Which two actions occur when a Cisco ISE server device administrator logs in to a device? (Choose two)

A.

The device queries the internal identity store

B.

The Cisco ISE server queries the internal identity store

C.

The device queries the external identity store

D.

The Cisco ISE server queries the external identity store.

E.

The device queries the Cisco ISE authorization server

An administrator needs to connect ISE to Active Directory as an external authentication source and allow the proper ports through the firewall. Which two ports should be opened to accomplish this task? (Choose two)

A.

TELNET 23

B.

LDAP 389

C.

HTTP 80

D.

HTTPS 443

E.

MSRPC 445

A company manager is hosting a conference. Conference participants must connect to an open guest SSID and only use a preassigned code that they enter into the guest portal prior to gaining access to the network. How should the manager configure Cisco ISE to accomplish this goal?

A.

Create entries in the guest identity group for all participants.

B.

Create an access code to be entered in the AUP page.

C.

Create logins for each participant to give them sponsored access.

D.

Create a registration code to be entered on the portal splash page.

An organization is implementing Cisco ISE posture services and must ensure that a host-based firewall is in place on every Windows and Mac computer that attempts to access the network They have multiple vendors’ firewall applications for their devices, so the engineers creating the policies are unable to use a specific application check in order to validate the posture for this What should be done to enable this type of posture check?

A.

Use the file registry condition to ensure that the firewal is installed and running appropriately.

B.

Use a compound condition to look for the Windows or Mac native firewall applications.

C.

Enable the default firewall condition to check for any vendor firewall application.

D.

Enable the default application condition to identify the applications installed and validade the firewall app.

NO: 188

During a 802 1X deployment, an engineer must identify failed authentications without causing problems for the connected endpoint. Which command will successfully achieve this''

A.

dot1x system-auth-control

B.

dot1x pae authenticator

C.

authentication open

D.

authentication port-control auto

Refer to the exhibit Which component must be configured to apply the SGACL?

A.

egress router

B.

host

C.

secure server

D.

ingress router

Refer to the exhibit.

An engineer is configuring a client but cannot authenticate to Cisco ISE During troubleshooting, the show authentication sessions command was issued to display the authentication status of each port Which command gives additional information to help identify the problem with the authentication?

A.

show authentication sessions

B.

show authentication sessions Interface Gil/0/1 output

C.

show authentication sessions interface Gi1/0/1 details

D.

show authentication sessions output

TION NO: 33

Which portal is used to customize the settings for a user to log in and download the compliance module?

A.

Client Profiling

B.

Client Endpoint

C.

Client Provisioning

D.

Client Guest

The Cisco Wireless LAN Controller and guest portal must be set up in Cisco ISE. These configurations were performed:

• configured all the required Cisco Wireless LAN Controller configurations

• added the wireless controller to Cisco ISE network devices

• created an endpoint identity group

• configured credentials to be sent by email

• configured the SMTP server

• configured an authorization profile with redirection to the guest portal and redirected the access control list

• configured an authentication policy for MAB users

• created an authorization policy

Which two components would be required to complete the configuration? (Choose two.)

A.

sponsor group

B.

hotspot guest portal

C.

sponsor portal

D.

self-registered guest portal

E.

guest type

A user reports that the RADIUS accounting packets are not being seen on the Cisco ISE server.

Which command is the user missing in the switch’s configuration?

A.

radius-server vsa send accounting

B.

aaa accounting network default start-stop group radius

C.

aaa accounting resource default start-stop group radius

D.

aaa accounting exec default start-stop group radios

NO: 37

In which two ways can users and endpoints be classified for TrustSec?

(Choose Two.)

A.

VLAN

B.

SXP

C.

dynamic

D.

QoS

E.

SGACL

Refer to the exhibit. An engineer needs to configure central web authentication on the Cisco Wireless LAN Controller to use Cisco ISE for all guests connected to the wireless network. The components are configured already:

• Cisco Wireless LAN Controller is fully configured

• authorization profile on the Cisco ISE

• authentication policy on the Cisco ISE

Which component would be configured next on Cisco ISE?

A.

authorization policy

B.

authentication profile

C.

accounting profile

D.

authorization rule

A Cisco ISE administrator must authenticate users against Microsoft Active Directory. The solution must meet these requirements:

    Users and computers must be authenticated.

    User groups must be retrieved during authentication.

Which protocol must be added to the allowed protocols on the policy to authenticate the users?

A.

EAP-GTC

B.

EAP-TLS

C.

LEAP

D.

MS-CHAPv2

An engineer is deploying a new guest WLAN for a company. The company wants this WLAN to use a sponsored guest portal for secure guest access. The wireless LAN controller must direct the guests to a web page on Cisco ISE for authentication. Which type of authentication must be configured for the guest portal in Cisco ISE?

A.

EWA

B.

DWA

C.

CWA

D.

web portal

An organization has a fully distributed Cisco ISE deployment When implementing probes, an administrator must scan for unknown endpoints to learn the IP-to-MAC address bindings. The scan is complete on one FPSN. but the information is not available on the others. What must be done to make the information available?

A.

Scanning must be initiated from the PSN that last authenticated the endpoint

B.

Cisco ISE must learn the IP-MAC binding of unknown endpoints via DHCP profiling, not via scanning

C.

Scanning must be initiated from the MnT node to centrally gather the information

D.

Cisco ISE must be configured to learn the IP-MAC binding of unknown endpoints via RADIUS authentication, not via scanning

An administrator is configuring posture assessment in Cisco ISE for the first time. Which two components must be uploaded to Cisco ISE to use Anyconnect for the agent configuration in a client provisioning policy? (Choose two.)

A.

Anyconnect network visibility module

B.

Anyconnect compliance module

C.

AnyConnectProfile.xml file

D.

AnyConnectProfile.xsd file

E.

Anyconnect agent image

When configuring an authorization policy, an administrator cannot see specific Active Directory groups present in their domain to be used as a policy condition. However, other groups that are in the same domain are seen What is causing this issue?

A.

Cisco ISE only sees the built-in groups, not user created ones

B.

The groups are present but need to be manually typed as conditions

C.

Cisco ISE's connection to the AD join point is failing

D.

The groups are not added to Cisco ISE under the AD join point

A network engineer is in the predeployment discovery phase of a Cisco ISE deployment and must discover the network. There is an existing network management system in the network.

Which type of probe must be configured to gather the information?

A.

RADIUS

B.

NMAP

C.

NetFlow

D.

SNMP

Using the SAK Active Directory Federation Services server. The configurations were performed:

• created a new SAML Identity provider profile in Cisco ISE

• exported the service provider Information

• configured all the required Active Directory Federation Services configurations

• Imported the Active Directory Federation Services metadata

• configured groups in the new SAML identity

• added attributes to the new SAML identity provider profile

• configured Advanced Settings in the new SAML identity provider profile

Which two actions must be taken to complete the configuration? (Choose two.)

A.

Allow Kerberos single sign-on on the Sponsor portal.

B.

Configure the Sponsor portal HTTPS port for Active Directory Federation Services integration.

C.

Customize the Sponsor portal pages for Integration with Active Directory Federation Services.

D.

Add SAML identity provider groups in Sponsor Group Members.

E.

Configure an identity source sequence in the Sponsor portal.

A network security administrator wants to integrate Cisco ISE with Active Directory. Which configuration action must the security administrator take to accomplish the task?

A.

Remove Cisco ISE user account from the domain.

B.

Remove the ISE machine account from the domain.

C.

Join Cisco ISE to the Active Directory domain.

D.

Search Active Directory to see if admin user account exists.

Cisco 300-715 Premium Access     Download Demo    
Page: 4 / 5
Total 299 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved