Exams > Cisco > 300-715: Implementing and Configuring Cisco Identity Services Engine (300-715 SISE)
300-715: Implementing and Configuring Cisco Identity Services Engine (300-715 SISE)
Page 5 out of 19 pages Questions 41-50 out of 184 questions
Question#41

A network engineer is configuring guest access and notices that when a guest user registers a second device for access, the first device loses access.
What must be done to ensure that both devices for a particular user are able to access the guest network simultaneously?

  • A. Use a custom portal to increase the number of logins.
  • B. Create an Adaptive Network Control policy to increase the number of devices.
  • C. Modify the guest type to increase the number of maximum devices.
  • D. Configure the sponsor group to increase the number of logins.
Discover Answer Hide Answer

C
Reference:
https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/security/ise/2-7/admin_guide/b_ise_admin_guide_27/ b_ise_admin_guide_27_chapter_01111.html.xml

Question#42

A Cisco ISE administrator needs to ensure that guest endpoint registrations are only valid for 1 day. When testing the guest policy flow, the administrator sees that the Cisco ISE does not delete the endpoint in the GuestEndpoints identity store after 1 day and allows access to the guest network after that period.
Which configuration is causing this problem?

  • A. The Guest Account Purge Policy is set to 15 days.
  • B. The length of access is set to 7 days in the Guest Portal Settings.
  • C. The Endpoint Purge Policy is set to 30 days for guest devices.
  • D. The RADIUS policy set for guest access is set to allow repeated authentication of the same device.
Discover Answer Hide Answer

C
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/ b_ise_admin_guide_sample_chapter_01101.html#concept_0776B37A2C3542189950F5DFB1961FA2

Question#43

A network administrator is setting up wireless guest access and has been unsuccessful in testing client access. The endpoint is able to connect to the SSID but is unable to gain access to the guest network through the guest portal.
What must be done to identify the problem?

  • A. Use traceroute to ensure connectivity.
  • B. Use context visibility to verify posture status.
  • C. Use the identity group to validate the authorization rules.
  • D. Use the endpoint ID to execute a session trace.
Discover Answer Hide Answer

D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/ b_ise_admin_guide_sample_chapter_011001.html#concept_87916A77E87745

Question#44

An organization is hosting a conference and must make guest accounts for several of the speakers attending. The conference ended two days early but the guest accounts are still being used to access the network.
What must be configured to correct this?

  • A. Create an authorization rule denying sponsored guest access.
  • B. Create an authorization rule denying guest access.
  • C. Navigate to the Guest Portal and delete the guest accounts.
  • D. Navigate to the Sponsor Portal and suspend the guest accounts.
Discover Answer Hide Answer

B

Question#45

An organization is migrating its current guest network to Cisco ISE and has 1000 guest users in the current database. There are no resources to enter this information into the Cisco ISE database manually.
What must be done to accomplish this task efficiently?

  • A. Use an XML file to change the existing format to match that of Cisco ISE.
  • B. Use a CSV file to import the guest accounts.
  • C. Use a JSON file to automate the migration of guest accounts.
  • D. Use SQL to link the existing database to Cisco ISE.
Discover Answer Hide Answer

B
Reference:
https://community.cisco.com/t5/network-access-control/ise-2-4-guest-user-import-csv-template-guest-type-and-state/td-p/3686005

Question#46

A customer wants to set up the Sponsor portal and delegate the authentication flow to a third party for added security while using Kerberos.
Which database should be used to accomplish this goal?

  • A. local database
  • B. LDAP
  • C. RSA Token Server
  • D. Active Directory
Discover Answer Hide Answer

D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/m_ise_guest.html

Question#47

Which two default guest portals are available with Cisco ISE? (Choose two.)

  • A. WiFi-access
  • B. self-registered
  • C. central web authentication
  • D. visitor
  • E. sponsored
Discover Answer Hide Answer

BE
Reference:
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/216330-ise-self-registered-guest-portal-configu.html

Question#48

What is the minimum certainty factor when creating a profiler policy?

  • A. the minimum number that a predefined condition provides
  • B. the maximum number that a predefined condition provides
  • C. the minimum number that a device certainty factor must reach to become a member of the profile
  • D. the maximum number that a device certainty factor must reach to become a member of the profile
Discover Answer Hide Answer

C

Question#49

What sends the redirect ACL that is configured in the authorization profile back to the Cisco WLC?

  • A. State attribute
  • B. Class attribute
  • C. Event
  • D. Cisco-av-pair
Discover Answer Hide Answer

D
Reference:
https://community.cisco.com/t5/network-access-control/ise-airespace-acl-wlc-problem/td-p/2110491

Question#50

Which profiling probe collects the user-agent string?

  • A. DHCP
  • B. HTTP
  • C. NMAP
  • D. AD
Discover Answer Hide Answer

B

chevron rightPrevious Nextchevron right