CCNP Security 300-715 SISE Free Questions

1. Which two fields are available when creating an endpoint on the context visibility page of Cisco IS? (Choose two)

2. When configuring Active Directory groups, what does the Cisco ISE use to resolve ambiguous group names?

3. What is the purpose of the ip http server command on a switch?

4. What are two requirements of generating a single signing in Cisco ISE by using a certificate provisioning portal, without generating a certificate request? (Choose two)

5. What service can be enabled on the Cisco ISE node to identity the types of devices connecting to a network?

6. In which two ways can users and endpoints be classified for TrustSec? (Choose two)

7. What does the dot1x system-auth-control command do?

8. Which command displays all 802 1X/MAB sessions that are active on the switch ports of a Cisco Catalyst switch?

9. What gives Cisco ISE an option to scan endpoints for vulnerabilities?

10. A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group.

Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?

11. An administrator needs to connect ISE to Active Directory as an extern at authentication source and allow the proper ports through the firewall.

Which two ports should be opened to accomplish this task? (Choose two.)

12. Which two ports must be open between Cisco ISE and the client when you configure posture on Cisco ISE? (Choose two.)

13. An engineer is configuring a virtual Cisco ISE deployment and needs each persona to be on a different node.

Which persona should be configured with the largest amount of storage in this environment?

14. An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic.

Which type of access list should be used for this configuration?

15. Which two responses from the RADIUS server to NAS are valid during the authentication process? (Choose two)

16. A network administrator has just added a front desk receptionist account to the Cisco ISE Guest Service sponsor group.

Using the Cisco ISE Guest Sponsor Portal, which guest services can the receptionist provide?

17. In a Cisco ISE split deployment model, which load is split between the nodes?

18. An engineer is configuring a guest password policy and needs to ensure that the password complexity requirements are set to mitigate brute force attacks.

Which two requirements should be included in this policy? (Choose two)

19. Which term refers to an endpoint agent that tries to join an 802.1X-enabled network?

20. What gives Cisco ISE an option to scan endpoints for vulnerabilities?

21. A network engineer is configuring a network device that needs to filter traffic based on security group tags using a security policy on a routed interface.

Which command should be used to accomplish this task?

22. During BYOD flow, where does a Microsoft Windows PC download the Network Setup Assistant from?

23. Which values are compared by the binary comparison function in authentication that is based on Active Directory?

24. An engineer is implementing Cisco ISE and needs to configure 802.1X. The port settings are configured for port-based authentication.

Which command should be used to complete this configuration?

25. Which two features must be used on Cisco ISE to enable the TACACS+ feature? (Choose two.)

26. Which port does Cisco ISE use for native supplicant provisioning of a Windows laptop?

27. Which two features are available when the primary admin node is down and the secondary admin node has not been promoted? (Choose two)

28. Which use case validates a change of authorization?

29. If a user reports a device lost or stolen, which portal should be used to prevent the device from accessing the network while still providing information about why the device is blocked?

30. Which two ports do network devices typically use for CoA? (Choose two.)