Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

300-715 Cisco Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) Free Practice Exam Questions (2025 Updated)

Prepare effectively for your Cisco 300-715 Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 (300-715 SISE) certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

Cisco 300-715 Premium Access     Download Demo    
Page: 1 / 4
Total 243 questions

A Cisco ISE administrator needs to ensure that guest endpoint registrations are only valid for 1 day. When testing the guest policy flow, the administrator sees that the Cisco ISE does not delete the endpoint in the Guest Endpoints identity store after one day and allows access to the guest network after that period. Which configuration is causing this problem?

A.

The RADIUS policy set for guest access is set to allow repeated authentication of the same device.

B.

The length of access is set to 7 days in the Guest Portal Settings.

C.

The Endpoint Purge Policy is set to 30 days for guest devices.

D.

The Guest Account Purge Policy is set to 15 days.

An employee logs on to the My Devices portal and marks a currently on-boarded device as ‘Lost’.

Which two actions occur within Cisco ISE as a result oí this action? (Choose two)

A.

Certificates provisioned to the device are not revoked

B.

BYOD Registration status is updated to No

C.

The device access has been denied

D.

BYOD Registration status is updated to Unknown.

E.

The device status is updated to Stolen

An organization wants to standardize the 802 1X configuration on their switches and remove static ACLs on the switch ports while allowing Cisco ISE to communicate to the switch what access to provide What must be configured to accomplish this task?

A.

security group tag within the authorization policy

B.

extended access-list on the switch for the client

C.

port security on the switch based on the client's information

D.

dynamic access list within the authorization profile

An engineer is creating a new authorization policy to give the endpoints access to VLAN 310 upon successful authentication The administrator tests the 802.1X authentication for the endpoint and sees that it is authenticating successfully What must be done to ensure that the endpoint is placed into the correct VLAN?

A.

Configure the switchport access vlan 310 command on the switch port

B.

Ensure that the security group is not preventing the endpoint from being in VLAN 310

C.

Add VLAN 310 in the common tasks of the authorization profile

D.

Ensure that the endpoint is using The correct policy set

An administrator is attempting to join a new node to the primary Cisco ISE node, but receives the error message "Node is Unreachable". What is causing this error?

A.

The second node is a PAN node.

B.

No administrative certificate is available for the second node.

C.

The second node is in standalone mode.

D.

No admin privileges are available on the second node.

What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?

A.

Cisco-av-pair

B.

Class attribute

C.

Event

D.

State attribute

Refer to the exhibit.

Which two configurations are needed on a catalyst switch for it to be added as a network access device in a Cisco ISE that is being used for 802 1X authentications? (Choose two )

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Which two endpoint compliance statuses are possible? (Choose two.)

A.

unknown

B.

known

C.

invalid

D.

compliant

E.

valid

There is a need within an organization for a new policy to be created in Cisco ISE. It must validate that a specific anti-virus application is not only installed, but running on a machine before it is allowed access to the network. Which posture condition should the administrator configure in order for this policy to work?

A.

file

B.

registry

C.

application

D.

service

Which advanced option within a WLAN must be enabled to trigger Central Web Authentication for Wireless users on AireOS controller?

A.

DHCP server

B.

static IP tunneling

C.

override Interface ACL

D.

AAA override

What is a method for transporting security group tags throughout the network?

A.

by enabling 802.1AE on every network device

B.

by the Security Group Tag Exchange Protocol

C.

by embedding the security group tag in the IP header

D.

by embedding the security group tag in the 802.1Q header

An administrator is adding network devices for a new medical building into Cisco ISE. These devices must be in a network device group that is identifying them as "Medical Switch" so that the policies can be made separately for the endpoints connecting through them. Which configuration item must be changed in the network device within Cisco ISE to accomplish this goal?

A.

Change the device type to Medical Switch.

B.

Change the device profile to Medical Switch.

C.

Change the model name to Medical Switch.

D.

Change the device location to Medical Switch.

Users in an organization report issues about having to remember multiple usernames and passwords. The network administrator wants the existing Cisco ISE deployment to utilize an external identity source to alleviate this issue. Which two requirements must be met to implement this change? (Choose two.)

A.

Enable IPC access over port 80.

B.

Ensure that the NAT address is properly configured

C.

Establish access to one Global Catalog server.

D.

Provide domain administrator access to Active Directory.

E.

Configure a secure LDAP connection.

An engineer is configuring static SGT classification. Which configuration should be used when authentication is disabled and third-party switches are in use?

A.

VLAN to SGT mapping

B.

IP Address to SGT mapping

C.

L3IF to SGT mapping

D.

Subnet to SGT mapping

A network administrator is currently using Cisco ISE to authenticate devices and users via 802 1X There is now a need to also authorize devices and users using EAP-TLS. Which two additional components must be configured in Cisco ISE to accomplish this'? (Choose two.)

A.

Network Device Group

B.

Serial Number attribute that maps to a CA Server

C.

Common Name attribute that maps to an identity store

D.

Certificate Authentication Profile

E.

EAP Authorization Profile

What is needed to configure wireless guest access on the network?

A.

endpoint already profiled in ISE

B.

WEBAUTH ACL for redirection

C.

valid user account in Active Directory

D.

Captive Portal Bypass turned on

What must match between Cisco ISE and the network access device to successfully authenticate endpoints?

A.

SNMP version

B.

shared secret

C.

certificate

D.

profile

A user changes the status of a device to stolen in the My Devices Portal of Cisco ISE. The device was originally onboarded in the BYOD wireless Portal without a certificate. The device is found later, but the user cannot re-onboard the device because Cisco ISE assigned the device to the Blocklist endpoint identity group. What must the user do in the My Devices Portal to resolve this issue?

A.

Manually remove the device from the Blocklist endpoint identity group.

B.

Change the device state from Stolen to Not Registered.

C.

Change the BYOD registration attribute of the device to None.

D.

Delete the device, and then re-add the device.

An administrator is manually adding a device to a Cisco ISE identity group to ensure that it is able to access the network when needed without authentication Upon testing, the administrator notices that the device never hits the correct authorization policy line using the condition EndPoints LogicalProfile EQUALS static_list Why is this occurring?

A.

The dynamic logical profile is overriding the statically assigned profile

B.

The device is changing identity groups after profiling instead ot remaining static

C.

The logical profile is being statically assigned instead of the identity group

D.

The identity group is being assigned instead of the logical profile

Which two task types are included in the Cisco ISE common tasks support for TACACS+ profiles?

(Choose two.)

A.

Firepower

B.

WLC

C.

IOS

D.

ASA

E.

Shell

Cisco 300-715 Premium Access     Download Demo    
Page: 1 / 4
Total 243 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved