Month End Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

300-715 Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) Free Practice Exam Questions (2025 Updated)

Prepare effectively for your Cisco 300-715 Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

Cisco 300-715 Premium Access     Download Demo    
Page: 4 / 5
Total 295 questions

Which protocol must be allowed for a BYOD device to access the BYOD portal?

A.

HTTP

B.

SMTP

C.

HTTPS

D.

SSH

What must be configured on the Cisco ISE authentication policy for unknown MAC addresses/identities for successful authentication?

A.

pass

B.

reject

C.

drop

D.

continue

What gives Cisco ISE an option to scan endpoints for vulnerabilities?

A.

authorization policy

B.

authentication policy

C.

authentication profile

D.

authorization profile

An engineer is configuring a new Cisco ISE node. Context-sensitive information must be shared between the Cisco ISE and a Cisco ASA. Which persona must be enabled?

A.

Administration

B.

Policy Service

C.

pxGrid

D.

Monitoring

A network administrator adds network access devices to Cisco ISE. After a security breach, the management team mandates that all network devices must comply with certain standards. All network devices must authenticate through Cisco ISE. Some devices use nondefault CoA ports.

What must be configured in Cisco ISE?

A.

Network device profile with a port specified

B.

Network access manager with a port specified

C.

Network device group with a port specified

D.

Network device with a port specified

An engineer must use Cisco ISE profiler services to provide network access to Cisco IP phones that cannot support 802.1X. Cisco ISE is configured to use the access switch device sensor information — system-description and platform-type — to profile Cisco IP phones and allow access.

Which two protocols must be configured on the switch to complete the configuration? (Choose two.)

A.

LLDP

B.

CDP

C.

EAPOL

D.

SNMP

E.

STP

An organization wants to improve their BYOD processes to have Cisco ISE issue certificates to the BYOD endpoints. Currently, they have an active certificate authority and do not want to replace it with Cisco ISE. What must be configured within Cisco ISE to accomplish this goal?

A.

Create a certificate signing request and have the root certificate authority sign it.

B.

Add the root certificate authority to the trust store and enable it for authentication.

C.

Create an SCEP profile to link Cisco ISE with the root certificate authority.

D.

Add an OCSP profile and configure the root certificate authority as secondary.

An engineer needs to configure Cisco ISE Profiling Services to authorize network access for IP speakers that require access to the intercom system. This traffic needs to be identified if the ToS bit is set to 5 and the destination IP address is the intercom system. What must be configured to accomplish this goal?

A.

NMAP

B.

NETFLOW

C.

pxGrid

D.

RADIUS

Which two default guest portals are available with Cisco ISE? (Choose two.)

A.

visitor

B.

WIFI-access

C.

self-registered

D.

central web authentication

E.

sponsored

The security team identified a rogue endpoint with MAC address 00:46:91:02:28:4A attached to the network. Which action must security engineer take within Cisco ISE to effectively

restrict network access for this endpoint?

A.

Configure access control list on network switches to block traffic.

B.

Create authentication policy to force reauthentication.

C.

Add MAC address to the endpoint quarantine list.

D.

Implement authentication policy to deny access.

An administrator has added a new Cisco ISE PSN to their distributed deployment. Which two features must the administrator enable to accept authentication requests and profile the endpoints correctly, and add them to their respective endpoint identity groups? (Choose two )

A.

Session Services

B.

Endpoint Attribute Filter

C.

Posture Services

D.

Profiling Services

E.

Radius Service

An engineer needs to configure a Cisco ISE server to issue a CoA for endpoints already authenticated to access the network. The CoA option must be enforced on a session, even if there are multiple active sessions on a port. What must be configured to accomplish this task?

A.

the Reauth CoA option in the Cisco ISE system profiling settings enabled

B.

an endpoint profiling policy with the No CoA option enabled

C.

an endpoint profiling policy with the Port Bounce CoA option enabled

D.

the Port Bounce CoA option in the Cisco ISE system profiling settings enabled

In a standalone Cisco ISE deployment, which two personas are configured on a node? (Choose two )

A.

publisher

B.

administration

C.

primary

D.

policy service

E.

subscriber

Which configuration is required in the Cisco ISE authentication policy to allow Central Web Authentication?

A.

MAB and if user not found, continue

B.

MAB and if authentication failed, continue

C.

Dot1x and if user not found, continue

D.

Dot1x and if authentication failed, continue

An administrator is adding a switch to a network that is running Cisco ISE and is only for IP Phones The phones do not have the ability to authenticate via 802 1X Which command is needed on each switch port for authentication?

A.

dot1x system-auth-control

B.

enable bypass-mac

C.

enable network-authentication

D.

mab

Which two Cisco ISE deployment models require two nodes configured with dedicated PAN and MnT personas? (Choose two.)

A.

three PSN nodes

B.

seven PSN nodes with one PxGrid node

C.

five PSN nodes with one PxGrid node

D.

two PSN nodes with one PxGrid node

E.

six PSN nodes

An engineer is deploying Cisco ISE in a network that contains an existing Cisco Secure Firewall ASA. The customer requested that Cisco TrustSec be configured so that Cisco ISE and the firewall can share SGT information.

Which protocol must be configured on Cisco ISE to meet the requirement?

A.

PAC

B.

SXP

C.

RADIUS

D.

pxGrid

A security administrator is using Cisco ISE to create a BYOD onboarding solution for all employees who use personal devices on the corporate network. The administrator generates a Certificate Signing Request and signs the request using an external Certificate Authority server. Which certificate usage option must be selected when importing the certificate into ISE?

A.

RADIUS

B.

DLTS

C.

Portal

D.

Admin

A network engineer needs to deploy 802.1x using Cisco ISE in a wired network environment where thin clients download their system image upon bootup using PXE. For which mode must the switch ports be configured?

A.

closed

B.

restricted

C.

monitor

D.

low-impact

What is the minimum certainty factor when creating a profiler policy?

A.

the minimum number that a predefined condition provides

B.

the maximum number that a predefined condition provides

C.

the minimum number that a device certainty factor must reach to become a member of the profile

D.

the maximum number that a device certainty factor must reach to become a member of the profile

Cisco 300-715 Premium Access     Download Demo    
Page: 4 / 5
Total 295 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved